Register.php

[Smee]

Hi,

 

Having some problems with a registration script. Everything works fine apart from the Post Code and Team Supported input. Always returns the error as if you had forgot to put info in the form even when you have.

 

What am i doing wrong?

 

Thanks

 

<?php # register.php

// This is the registration script for the site

require_once ('./includes/config.inc.php');

// Set the page title and header

$page_title = 'Register for Football Trip';

include ('./includes/header.html');

if (isset($_POST['submitted'])) {

require_once ('../mysql_connect.php');

$error = false;
if (eregi ('^[[:alpha:]\.\'\-]{2,15}$', stripslashes(trim($_POST['first_name'])))) {
   $fn = mysql_real_escape_string($_POST['first_name']);
}else {
   $error = true;
   echo '<p><font color ="red" size="+1"> Please enter your first name!</font></p>';
}
   
if (eregi ('^[[:alpha:]\.\'\-]{2,30}$', stripslashes(trim($_POST['last_name'])))) {
   $ln = mysql_real_escape_string($_POST['last_name']);
}else {
   $error = true;
   echo '<p><font color ="red" size="+1"> Please enter your last name!</font></p>';
}
    
if (eregi ('^[[:alnum:]][a-z0-9_\.\-]*@[a-z0-9\.\-]+\.[a-z]{2,4}$', stripslashes(trim($_POST['email'])))) {
   $e = mysql_real_escape_string($_POST['email']);
}else {
   $error = true;
   echo '<p><font color ="red" size="+1"> Please enter a correct e-mail address</font></p>';
}
   
if (eregi ('^[[:alnum:]]{4,20}$', stripslashes(trim($_POST['password1'])))) {
   if ($_POST['password1'] == $_POST['password2']) {
      $p = mysql_real_escape_string($_POST['password1']);
   }else {
      $error = true;
      echo '<p><font color ="red" size="+1"> Your password did not match the confirmed password!</font></p>';
   }
}else {
   $error = true;
   echo '<p><font color ="red" size="+1"> Please enter a valid password!</font></p>';
}

if (eregi ('^[[:alnum:]][a-z0-9_\.\-]*@[a-z0-9\.\-]+\.[a-z]{2,4}$', stripslashes(trim($_POST['post_code'])))) {
   $pc = mysql_real_escape_string($_POST['post_code']);
}else {
   $error = true;
   echo '<p><font color ="red" size="+1"> Please enter the first 4 letters of your Post Code!</font></p>';
}

if (eregi ('^[[:alnum:]][a-z0-9_\.\-]*@[a-z0-9\.\-]+\.[a-z]{2,4}$', stripslashes(trim($_POST['team_supported'])))) {
   $ts = mysql_real_escape_string($_POST['team_supported']);
}else {
   $error = true;
   echo '<p><font color ="red" size="+1"> Please enter the full name of the team you support! i.e Manchester United (you do not need to add FC etc</font></p>';
}
   
if (!$error) {
   $query ="SELECT user_id FROM users WHERE email='$e'";
   $result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: ".mysql_error());
      
   if (mysql_num_rows($result) == 0) {
      $a = md5(uniqid(rand(), true));
      $query = "INSERT INTO users (email, pass, first_name, last_name, post_code, team_supported, active, registration_date) VALUES ('$e', '$p', '$fn', '$ln', '$pc', '$ts', '$a', NOW() )";
      $result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error:" .mysql_error());
   
      if (mysql_affected_rows() == 1) {
         $body = "Thank you for registering with Football Trip. Please use the link below to activate your account:\n\n";
         $body .= "http://www.footballtrip.net/activate.php?x=" . mysql_insert_id() . "&y=$a";
         mail($_POST['email'],'Registration Comfirmation',$body);
         echo '<h2> Thank you for registering! A confirmation E-Mail has been sent to your address. Please click on the link in
         order to activate your account</h2>';
      }else {
         echo '<p><font color="red" size="+1"> You could not be registered due to a system error. We apologize for any inconvenience.                           </font></p>';
      }
   }else {
      echo '<p><font color="red" size="+1"> That E-Mail address has already been registered. If you have forgotten your password, use the link to have your password sent to you.</font></p>';
   }
} else { 
   echo '<p><font color="red" size="+1"> Please try again.</font></p>';
}
      
mysql_close();

}
?>

[mrMarcus]

hmmm .. a thread about a form, yet i see no form.  doesn't add up.

[Smee]

Doh my bad, thought i had it all copied!

 

Anyway the form is below

 

Thanks in advance!

 

    <h2> Register for Football Trip</h2>
           
        <form action="register.php" method="post">
            
            <p class="first_name"><label> First Name: </label>
<input type="text" name="first_name" maxlength="15" value="<?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>" />
            
            <p class="last_name"><label> Last Name: </label> 
<input type="text" name="last_name" maxlength="30" value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>" />
            
            <p class="email"><label> E-Mail Address: </label>
<input type="text" name="email" maxlength="40" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" />
            
            <p class="password1"><label> Password: </label>
<input type="password" name="password1" maxlength="20" />
            <small> Use only letters and numbers. Must be between 4 and 20 Characters long. </small>
            
            <p class="password2"><label> Confirm Password: </label>
<input type="password" name="password2" maxlength="20" />

		<p class="post_code"><label> Post Code: (Enter Only The First Four Letters) </label> 
<input type="text" name="post_code" maxlength="7" value="<?php if (isset($_POST['post_code'])) echo $_POST['post_code']; ?>" />

		<p class="team_supported"><label> Team Supported: i.e Manchester United (you do not need to add FC etc). </label> 
<input type="text" name="team_supported" maxlength="40" value="<?php if (isset($_POST['team_supported'])) echo $_POST['team_supported']; ?>" />
           
		<p class="submit">
<input type="submit" name="submit" value="Register" />
<input type="hidden" name="submitted" value="TRUE" />
            
            </form>

<?php // Include the HTML footer.
include ('./includes/footer.html');
?>

[mrMarcus]

for starters, <input type="hidden" name="submitted" value="TRUE" /> is redundant.  take it out and replace:

 

if (isset($_POST['submitted'])) {

 

with:

 

if (isset($_POST['submit'])) { //the name of your submit button

 

secondly, which error is being returned exactly?  i see several possibilities.

[Smee]

the two being returned are:

 

echo '<p><font color ="red" size="+1"> Please enter the first 4 letters of your Post Code!</font></p>';

 

and

 

echo '<p><font color ="red" size="+1"> Please enter the full name of the team you support! i.e Manchester United (you do not need to add FC etc</font></p>';

 

Thanks

[mrMarcus]

well, it looks as though you're using a regex fit for checking an email address for your 'post_code' and 'team_supported' values.  will definitely return false every time as neither of those fields will be in an email format.

 

now, eregi is deprecated, so you're best to switch those out with preg_match.  and, i'm not sure you need to use regex against 'team_supported' field?  just check if it's set using isset and/or empty.

 

change your 'post_code' check to check for correct post code format.

 

 

[Smee]

I made the adjustments you suggested and it works fine.

 

was a problem with the regex and when i got rid of the one for supported team it was ok.

 

Thanks for your help mate