Jump to content

Recommended Posts

ok basically i have created a sign up form, though it is more like a password set form as the username for the system will be an employes personal ID which it is assumed that they know. the user has to enter in their employee id and then choose a password.

 

the problem im having is with validating how long the user ID is it shud be 4 digits in length no more no less, but for some reason my code doesnt seem to be counting the length of the user id or even validating it properly to check that the user is on the database (if they arent on the db their not employed, again another assumption) if the user ID is non existant it still takes me to the next page and logs in their session instead of showing me an error message.

 

if i enter in a valid id and valid password though, it does update the table with the new password for that user, and the code does count how long the password entered is.

 

i have done a basic syntax check using http://www.meandeviation.com/tutorials/learnphp/php-syntax-check/ and that says the syntax  is fine (and of course when i load the page through local host i get no errors) so im assuming its not syntax

 

i have been looking at this now for the past few hours and cannot see where i am going wrong, any and all help is very much appreciated, thank you in advanced.

 

finally though here is my script

<?PHP

$EmpID = "";
$EmpPwd = "";
$errorMessage = "";
$num_rows = 0;

function quote_smart($value, $handle) {

   if (get_magic_quotes_gpc()) {
       $value = stripslashes($value);
   }

   if (!is_numeric($value)) {
       $value = "'" . mysql_real_escape_string($value, $handle) . "'";
   }
   return $value;
}

if ($_SERVER['REQUEST_METHOD'] == 'POST'){

$EmpID = $_POST['EmpID'];
$EmpPwd = $_POST['EmpPwd'];

$EmpID = htmlspecialchars($EmpID);
$EmpPwd = htmlspecialchars($EmpPwd);

$IDLength = strlen($EmpID);
$PwdLength = strlen($EmpPwd);

if ($IDLength = 4) {
	$errorMessage = "";
		} 
	else{
		$errorMessage = "Employee ID is four charecters long. If you cant remember Employee ID, or have not been given one contact your contracts manager." . "<BR>";
	}

if ($PwdLength >= 8 && $PwdLength <= 16) {
	$errorMessage = "";
}
	else {
		$errorMessage = $errorMessage . "Password must be between 8 and 16 characters" . "<BR>";
	}

if ($errorMessage == "") {

	$host="localhost"; // Host name
		$username="root"; // Mysql username
	$password="pass"; // Mysql password 
	$db_name="JMSystemDB"; // Database name

	$db_handle = mysql_connect($host, $username, $password);
	$db_found = mysql_select_db($db_name, $db_handle);


	if ($db_found) {

		$EmpID = quote_smart($EmpID, $db_handle);
		$EmpPwd = quote_smart($EmpPwd, $db_handle);


		$SQL = "SELECT * FROM Employee WHERE EmployeeID = $EmpID";
		$result = mysql_query($SQL);
		$num_rows = mysql_num_rows($result);

			if ($num_rows = 0) {
				$errorMessage = "Invalid Employee ID";
				}

			else {

				$SQL = "UPDATE Employee SET SystemPassword = md5($EmpPwd) WHERE EmployeeID = $EmpID";

				$result = mysql_query($SQL);

				mysql_close($db_handle);

				session_start();
				session_register('EmpID');
				header("location:Jobs.php");
				}
			}
else {
	$errorMessage = "Database Not Found";
	}
}
}
?>

<html>
<head>
<title>Set Password</title>
</head>
<body>

<table width="300" border="0" align="center" cellpadding="0" cellspacing="1">
<tr>
<form name="form1" method="post" action="signup.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor=>
<tr>
<td colspan="3"> </td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="EmpID" type="text" id="EmpID"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="EmpPwd" type="password" id="EmpPwd"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="Submit" value="Register" /></td>
</tr>
</table>
</td>
</form>
</tr>
</table></p>
</FORM>
<P>
<?PHP print $errorMessage;?>
</body>
</html>

 

again thanks for all help in advanced

Link to comment
https://forums.phpfreaks.com/topic/197668-signup-form-help/
Share on other sites

something i spotted quickly

if ($IDLength = 4) {

 

there you are doing assignment, you are assigning $IDLength with the value of 4 (which returns true so the if statement runs good.

 

what you are looking for is comparison

if ($IDLength == 4) {

Link to comment
https://forums.phpfreaks.com/topic/197668-signup-form-help/#findComment-1037366
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.