Jump to content
Pardon our ads (a necessary update) ×

Registered but not in database.

dean7

By dean7
in PHP Coding Help

Recommended Posts

dean7 Advanced Member

dean7

Posted
Posted

Hi all, on my website users have to register before they move on to the members area. But ive came across somthing i dont understand.

 

When the user registers nothing get inserted into the database when it should but it still allows them to login because the login details are right.

 

Anyone got a clue whats happend?

 

Thanks for you help.

Link to comment
https://forums.phpfreaks.com/topic/179983-registered-but-not-in-database/
Share on other sites
dean7 Advanced Member

dean7

Posted
  • Author
Posted

Ill show you my login script and register script:

 

Register script:

<title>Regsiter</title>
<?php
include('css/style.css');
?>
<?php
ob_start();
// allows you to use cookies
include("config.php");
//gets the config page
if ($_POST[register]) {
// the above line checks to see if the html form has been submitted
$username = mysql_real_escape_string($_POST[username]);
$password = mysql_real_escape_string($_POST[pass]);
$cpassword = mysql_real_escape_string($_POST[cpass]);
$email = mysql_real_escape_string($_POST[emai1]);
//the above lines set variables with the user submitted information
if($username==NULL|$password==NULL|$cpassword==NULL|$email==NULL) {
//checks to make sure no fields were left blank
echo "A field was left blank.";
}else{
//none were left blank!  We continue...
if($password != $cpassword) {
// the passwords are not the same!  
echo "Passwords do not match";
}else{
// the passwords are the same!  we continue...
$password = md5(mysql_real_escape_string($password));
// encrypts the password
$checkname = mysql_query("SELECT username FROM users WHERE username='$username'");
$checkname= mysql_num_rows($checkname);
$checkemail = mysql_query("SELECT email FROM users WHERE email='$email'");
$checkemail = mysql_num_rows($checkemail);
if ($checkemail>0|$checkname>0) {
// oops...someone has already registered with that username or email!
echo "The username or email is already in use";
}else{
// noone is using that email or username!  We continue...
$username = htmlspecialchars(mysql_real_escape_string($username));
$password = htmlspecialchars(mysql_real_escape_string($password));
$email = htmlspecialchars(mysql_real_escape_string($email));
// the above lines make it so that there is no html in the user submitted information.
//Everything seems good, lets insert.
$query = mysql_query("INSERT INTO users (username, password, email) VALUES('$username','$password','$email')");
// inserts the information into the database.
echo "You have successfully registered!";
$query = mysql_query("INSERT INTO pmessages(touser, message, from, title, unread) VALUES('$username','Welcome to Great-Gaming.','Great-Gaming Staff','Welcome to GG','unread')");
}
}
}
}
else
{
// the form has not been submitted...so now we display it.
echo ("
<center>
<form method=\"POST\">
<br>
<br>
<table border=\"1px\" bordercolor=\"#000000\" cellpadding=\"0\" cellspacing=\"0\" bgcolor=\"#333333\">
<tr>
<td>
<img src=\"images/banner.jpg\">
</td>
</tr>
<tr>
<td class='header'>
<center><b><code>Home, Lost Password And TOS</code></center></b>
</td>
</tr>
<tr>
<td>
<center>:: <a href='index.php'>Home</a> :: || :: <a href='lostpass.php'>Lost Password</a> :: || :: <a href='tos.php'>TOS</a> :: </center>
</td>
</tr>
<tr>
<td class='header'>
<center><b>Username</b></center>
</td>
</tr>
<tr>
<td>
<center><input type=\"text\" size=\"15\" maxlength=\"25\" name=\"username\"></center>
</td>
</tr>
<tr>
<td class='header'>
<center><b>Password</b></center>
</td>
</tr>
<tr>
<td>
<center><input type=\"password\" size=\"15\" maxlength=\"25\" name=\"pass\"></center>
</td>
</tr>
<tr>
<td class='header'>
<center><b>Confirm Password</b></center>
</td>
</tr>
<tr>
<td>
<center><input type=\"password\" size=\"15\" maxlength=\"25\" name=\"cpass\"></center>
</td>
</tr>
<tr>
<td class='header'>
<center><b>Email</b></center>
</td>
</tr>
<tr>
<td>
<center><input type=\"text\" size=\"15\" maxlength=\"25\" name=\"emai1\"></center>
</td>
</tr>
<tr>
<td>
<center><input name=\"register\" type=\"submit\" value=\"Register\"></center>
</td>
</tr>
</table>
</form>
</center>
");
}
?>

 

Login script:

<title>Login</title>
<?php
include('css/style.css');
?>
<?php
oB_start();
// allows you to use cookies.
include("config.php");
if (!$logged[username])
{
if (!$_POST[login])
{
echo("
<center><form method=\"POST\">
<br>
<br>
<table border=\"1px\" bordercolor=\"#000000\" cellpadding=\"0\" cellspacing=\"0\" bgcolor=\"#333333\">
<tr>
<td>
<img src=\"images/banner.jpg\">
</td>
</tr>
<tr>
<td class='header'>
<center><b><code>Register, Lost Password And TOS</code></center></b>
</td>
</tr>
<tr>
<td>
<center>:: <a href='Register.php'>Register</a> :: || :: <a href='lostpass.php'>Lost Password</a> :: || :: <a href='tos.php'>TOS</a> :: </center>
</td>
</tr>
<tr>
<td class='header'>
<center><b>Username:</center></b>
</td>
</tr>
<tr>
</td>
<tr>
<td align=\"center\">
<input type=\"text\" size=\"15\" maxlength=\"25\" name=\"username\">
</td>
</tr>
<tr>
<td class='header'>
<center><b>Password:</center></b>
</td>
</tr>
<tr>
<td align=\"center\">
<input type=\"password\" size=\"15\" maxlength=\"25\" name=\"password\">
</td></tr><tr>
<td align=\"center\">
<input type=\"submit\" name=\"login\" value=\"Login\">
</td></tr>
<tr>
<td class='header'>
<center><b><code>Thanks For Playing!</center></b></code>
</td>
</tr>
</table></form></center>");
}
if ($_POST[login]) {
// the form has been submitted.  We continue...
$username= mysql_real_escape_string($_POST['username']);
$password = md5(mysql_real_escape_string($_POST[password]));
// the above lines set variables with the submitted information.  
$info = mysql_query("SELECT * FROM users WHERE username = '$username'") or die("MySQL Error " . mysql_error());
$data = mysql_fetch_array($info);
if($data[password] != $password) {
// the password was not the user's password!
echo ("<center><table width='70%'border='1px' bordercolor='#000000'>
<tr>
<td bgcolor='#FF6600'>
<center><b>Somthing Is Wrong</b></center>
</td>
</tr>
<tr>
<td>
<center>You have either a incorrect <b>username</b> or <b>password</b>!</center>
</td>
</tr>
</table>");
}else{
$timestamp = time()+60; 
mysql_query("UPDATE users SET online='$timestamp' WHERE username='$username'");

// the password was right!
$query = mysql_query("SELECT * FROM users WHERE username = '$username'") or die("MySQL Error " . mysql_error());
$user = mysql_fetch_array($query);
// gets the user's information
setcookie("id", $user[id],time()+(60*60*24*5), "/", "");
setcookie("pass", $user[password],time()+(60*60*24*5), "/", "");
// the above lines set 2 cookies. 1 with the user's id and another with his/her password.  
echo ("<meta http-equiv=\"Refresh\" content=\"0; URL=*********/index2.php\"/>Thank You! You will be redirected");
// modify the above line...add in your site url instead of yoursite.com
}
}
}
else
{
echo "<meta http-equiv=\"Refresh\" content=\"0; URL=http://***********/index2.php\"/>";
}
?>

 

Sorry about the length of them.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.