spires Posted August 22, 2006 Share Posted August 22, 2006 Hi. i am creating a registration form. so far it all work . But once i have submitted the form and it all loads up to the database, the fields are still filled in. Making it posiable for the user to hit submit again and register with the same username. The username must be unique, and can not have any duplicates in the database. Is there anything i can do within my code?[code]<?phpinclude('functions/wrapper1.php');include('validation.php');include('dbconnect.php');?><?php$arrErrors = array();if (!empty($_POST['submit'])) { if ($_POST['first_name'] == "") $arrErrors['first_name'] = 'Add First Name'; if ($_POST['last_name'] == "") $arrErrors['last_name'] = 'Add Last Name'; if ($_POST['username']== "") $arrErrors['username'] = "Add Username"; if ($_POST['password']== "") $arrErrors['password'] = "Add Password"; if ($_POST['company_name']== "") $arrErrors['company_name'] = "Add Company Name"; if ($_POST['country']== "") $arrErrors['country'] = "Add Country"; if ($_POST['location']== "") $arrErrors['location'] = "Add Location"; if ($_POST['postcode']== "") $arrErrors['postcode'] = "Add Postode"; if ($_POST['email']== "") { $arrErrors['email'] = 'Add Email'; } else { if (email_validation($_POST['email'])==true) { $arrErrors['email'] = 'Email Incorrect Format'; } } if ($_POST['url']== "") $arrErrors['url'] = "Add Url"; if (count($arrErrors) == 0) { $first_name=addslashes($_POST['first_name']); $last_name=addslashes($_POST['last_name']); $username=addslashes($_POST['username']); $password=addslashes($_POST['password']); $company_name=addslashes($_POST['company_name']); $country=addslashes($_POST['country']); $location=addslashes($_POST['location']); $postcode=addslashes($_POST['postcode']); $email=addslashes($_POST['email']); $url=addslashes($_POST['url']); $date = date("Y-m-d > H:i:s"); $type = $_POST['type']; $cat = $_POST['cat']; $query2 = "SELECT username FROM user_info"; $result2 = mysql_query($query2) or die ("query 2 failed"); if ($user == $username) { $userTaken = 'Sorry, The username in already inuse. <br> Please select another one.'; } else { $sql = mysql_query("INSERT INTO user_info (first_name, last_name, username, password, company_name, country, location, postcode, email, url, date, type, cat, misc) VALUES ('$first_name', '$last_name', '$username', '$password', '$company_name', '$country', '$location', '$postcode', '$email', '$url', '$date', '$type', '$cat', 'NULL')") or die ("could not insert"); if ($sql) { $ok = 'Your Details have been updated,<br> An email has been sent to you with your login details.'; } else { $notOk = "Sorry, there was an Error"; } } } else { if (empty($first_name) || empty($last_name) || empty($username) || empty($password) || empty($company_name) || empty($country) || empty($location) || empty($postcode) || empty($email) || empty($url)) { foreach ($arrErrors as $error) { $strError .= '<div class="error">'; $strError .= "<li>$error</li>"; } $strError .= '</div>'; } }} else { header( 'refresh: 1; url=register.php' );}?>[/code] Quote Link to comment Share on other sites More sharing options...
Yesideez Posted August 22, 2006 Share Posted August 22, 2006 You don't show any HTML for your form so I presume you're using something like[code]value="<?=$varname?>"[/code]If you are, clear these variables immediately after inserting the data into the database or straight after the last instance where the data is no longer needed. Quote Link to comment Share on other sites More sharing options...
Corona4456 Posted August 22, 2006 Share Posted August 22, 2006 First of all clear all the values from the form once the user has submitted. For future times (say the user tries to register twice inputting the same username) you can do one of two things:1. If you have direct access to your database (i.e. via phpMyAdmin). Then you can easily modify the username field to be unique, therefore, when inserting into a database the query will fail.2. You can do a quick query on the user name to see if it's already in the DB (i.e. SELECT * FROM table WHERE username = 'the_username'). Then if mysql_num_rows() is greater than 0 then you can assume that name is already in the DB. Quote Link to comment Share on other sites More sharing options...
spires Posted August 22, 2006 Author Share Posted August 22, 2006 Thanks for all your comments.I'm gonna go try them out. but first, how do you actually clear the forms after submitting?HTML code[code]<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>Event Industries</title><link href="css/event.css" rel="stylesheet" type="text/css"><style type="text/css"><!--.style1 {color: #363636}--></style></head><body><table width="897" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td height="129" colspan="5" background="JPGS/headers/home2.jpg"></td> </tr> <tr> <td height="21" colspan="5" background="JPGS/top_navi/home2.jpg"> <table width="897" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="202"> <?php topLinks(); ?> </td> <td> <div align="center"> <?php topBarText(); ?> </div> </td> </tr> </table> </td> </tr> <tr> <td colspan="5" valign="top" background="JPGS/main_body/home_strip.jpg"> <table width="897" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="4"> </td> <td width="198" valign="top"> <div align="center"> <?php echo menu(); echo latest_members(); echo latest_jobs(); echo members_login(); ?> </div> </td> <td valign="top" bgcolor="#66ccff"><div align="center"> <p>Register</p> <form name="form1" method="post" action="<?php echo $PHP_SELF; ?>"> <table width="500" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="15" class="red_14"><div align="center">*</div></td> <td width="103">First Name:</td> <td width="128"> <input type="text" size="14" id="first_name" name="first_name" value="<?php echo $_POST['first_name']; ?>"> </td> <td width="12" class="red_14"><div align="center">*</div></td> <td width="99">Last Name </td> <td width="125"> <input type="text" size="14" id="last_name" name="last_name" value="<?php echo $_POST['last_name']; ?>"> </td> <td width="18"> </td> </tr> <tr> <td class="red_14"><div align="center">*</div></td> <td>Username:</td> <td> <input type="text" size="14" id="username" name="username" value="<?php echo $_POST['username']; ?>"> </td> <td class="red_14"><div align="center">*</div></td> <td>Password:</td> <td> <input type="text" size="14" id="password" name="password" value="<?php echo $_POST['password']; ?>"> </td> <td> </td> </tr> <tr> <td class="red_14"><div align="center">*</div></td> <td>Company Name: </td> <td> <input type="text" size="14" id="company_name" name="company_name" value="<?php echo $_POST['company_name']; ?>"> </td> <td class="red_14"><div align="center">*</div></td> <td>Location:</td> <td> <input type="text" size="14" id="location" name="location" value="<?php echo $_POST['location']; ?>"> </td> <td> </td> </tr> <tr> <td class="red_14"><div align="center">*</div></td> <td>Country:</td> <td> <input type="text" size="14" id="country" name="country" value="<?php echo $_POST['country']; ?>"> </td> <td class="red_14"><div align="center">*</div></td> <td>Postcode:</td> <td> <input type="text" size="14" id="postcode" name="postcode" value="<?php echo $_POST['postcode']; ?>"> </td> <td> </td> </tr> <tr> <td class="red_14"><div align="center">*</div></td> <td>Email</td> <td> <input type="text" size="14" id="email" name="email" value="<?php echo $_POST['email']; ?>"> </td> <td class="red_14"><div align="center"></div></td> <td>URL:</td> <td> <input type="text" size="14" id="url" name="url" value="<?php echo $_POST['url']; ?>"> </td> <td> </td> </tr> <tr> <td class="red_14"><div align="center"></div></td> <td>Type:</td> <td> <?php echo $type; ?> </td> <td class="red_14"><div align="center"></div></td> <td>Category:</td> <td> <?php echo $cat; ?> </td> <td> </td> </tr> <tr> <td class="red_14"> </td> <td> </td> <td> </td> <td class="red_14"> </td> <td> </td> <td><div align="center"> <input type="submit" name="submit" value="submit"> </div></td> <td> </td> </tr> </table> </form> <?php echo $strError; ?><?php echo $ok; ?><?php echo $notOk; ?><?php echo $userTaken; ?> <p><a href="add_type.php" class="link">Click here to add new a 'Type ' and 'Category'.</a></p> <p> </p> </div></td> <td width="4"> </td> </tr> </table> </td> </tr> <tr> <td height="27" colspan="5" background="JPGS/footers/home2.jpg"> <table width="100%"> <tr> <td width="10"> </td> <td> <?php copyright(); ?> </td> <td align="right"> <?php terms_contacts(); ?> </td> <td width="10"> </td> </tr> </table> </td> </tr> <tr> <td width="22" height="27"></td> <td width="363"> <?php spires1(); ?> </td> <td width="316"></td> <td width="22"></td> </tr></table></body></html>[/code]how do i clear it after? Quote Link to comment Share on other sites More sharing options...
Yesideez Posted August 22, 2006 Share Posted August 22, 2006 Example line:[code]<input type="text" size="14" id="first_name" name="first_name" value="<?php echo $_POST['first_name']; ?>">[/code]Instead of retriving the data like that, use $_POST to get the data and store it in a variable early in the script and use this instead:[code]<input type="text" size="14" id="first_name" name="first_name" value="<?php echo $firstname; ?>">[/code]After you've INSERTed the data go through all your variables like this:[code]$firstname="";[/code] Quote Link to comment Share on other sites More sharing options...
Corona4456 Posted August 22, 2006 Share Posted August 22, 2006 Well if you have already inserted all the data from the $_POST var then all you would have to do is this:[code]$_POST = array();[/code] Quote Link to comment Share on other sites More sharing options...
Yesideez Posted August 22, 2006 Share Posted August 22, 2006 Or you can use Corona's idea which looks better :D Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.