macross Posted May 19, 2010 Share Posted May 19, 2010 Functions.php <?php include 'Database.php'; //New user registration function register_user($username, $password, $email){ //Prevent mysql injection TODO: Implement "stripslashes" $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $email = mysql_real_escape_string($_POST['email']); //Check if passwords where correct if ($_POST['password'] != $_POST['confirm']){ //If not send error message $reg_error = "Passwords did not match!"; include 'regform.php'; exit; }else if ($username =='' || $password =='' || $email ==''){ //Check if all fields are filled $reg_error = "Please fill in all fields!"; include 'regform.php'; exit; } //Check is the username already in the database $check = mysql_query("SELECT * FROM users WHERE username = '$username'"); $result = mysql_num_rows($check); //Check if the email is already in the database $check2 = mysql_query("SELECT * FROM users WHERE email = '$email'"); $result2 = mysql_num_rows($check2); //If username exists throw and error if($result > 0){ $reg_error = "This username is already taken!"; include 'regform.php'; exit; } //If email exists throw an error else if ($result2 > 0){ $reg_error = "This email is already taken!"; include 'regform.php'; exit; } //encrypt password with md5 $encrypt = md5($password); //Register user mysql_query("INSERT INTO users (username, password, email) VALUES ('$username', '$encrypt', '$email')"); } //Login user function log_user($username, $password){ session_start(); //Prevent mysql injection $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $decrypt = md5($password); //Do a query against the DB $checking = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$decrypt'"); $count = mysql_num_rows($checking); //User found set session if ($count == 1){ $_SESSION['logged'] = 1; header("location: main.php"); } //User not found else{ $log_error = "Incorect username or password"; include 'login.php'; exit; } } ?> Regform.php <?php include 'functions.php'; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>User registration</title> </head> <body> <form action="regform.php" method="POST"> <b>Username:</b><input type="text" name="username"/><br/> <b>Password:</b><input type="password" name="password"/><br/> <b>Confirm password:</b><input type="password" name="confirm"/><br/> <b>Email:</b><input type="text" name="email"/><br/> <input type="submit" value="submit"/> </form> <?php if (isset($reg_error)){ echo $reg_error; } ?> <a href="login.php">Or login</a> </body> </html> <?php if (isset($_POST['Submit'])){ register_user($username, $password, $email); } ?> So as you can see i am developing a registration / login script. I've had looked at numerous tutorials for registration and login scripts but all of them uses external .php file for data handling (action="whateverfile.php"). And i want to do it all in one file (regform.php). So i've made two functions one for login and other for registration but if i try to call my function in regform.php nothing happends... So what im doing wrong? Link to comment https://forums.phpfreaks.com/topic/202254-php-registration-login/ Share on other sites More sharing options...
jamesxg1 Posted May 19, 2010 Share Posted May 19, 2010 Functions.php <?php include 'Database.php'; class register { function register_user($username, $password, $email){ //Prevent mysql injection TODO: Implement "stripslashes" $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $email = mysql_real_escape_string($_POST['email']); //Check if passwords where correct if ($_POST['password'] != $_POST['confirm']){ //If not send error message $reg_error = "Passwords did not match!"; include 'regform.php'; exit; }else if ($username =='' || $password =='' || $email ==''){ //Check if all fields are filled $reg_error = "Please fill in all fields!"; include 'regform.php'; exit; } //Check is the username already in the database $check = mysql_query("SELECT * FROM users WHERE username = '$username'"); $result = mysql_num_rows($check); //Check if the email is already in the database $check2 = mysql_query("SELECT * FROM users WHERE email = '$email'"); $result2 = mysql_num_rows($check2); //If username exists throw and error if($result > 0){ $reg_error = "This username is already taken!"; include 'regform.php'; exit; } //If email exists throw an error else if ($result2 > 0){ $reg_error = "This email is already taken!"; include 'regform.php'; exit; } //encrypt password with md5 $encrypt = md5($password); //Register user mysql_query("INSERT INTO users (username, password, email) VALUES ('$username', '$encrypt', '$email')"); } //Login user function log_user($username, $password){ session_start(); //Prevent mysql injection $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $decrypt = md5($password); //Do a query against the DB $checking = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$decrypt'"); $count = mysql_num_rows($checking); //User found set session if ($count == 1){ $_SESSION['logged'] = 1; header("location: main.php"); } //User not found else{ $log_error = "Incorect username or password"; include 'login.php'; exit; } } } ?> Regform.php <?php include 'functions.php'; $register = new register(); if (isset($_POST['Submit'])){ $register->register_user($_POST['username'], $_POST['password'], $_POST['email']); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>User registration</title> </head> <body> <form action="#" method="POST"> <b>Username:</b><input type="text" name="username"/><br/> <b>Password:</b><input type="password" name="password"/><br/> <b>Confirm password:</b><input type="password" name="confirm"/><br/> <b>Email:</b><input type="text" name="email"/><br/> <input type="submit" value="submit"/> </form> <?php if (isset($reg_error)){ echo $reg_error; } ?> <a href="login.php">Or login</a> </body> </html> Link to comment https://forums.phpfreaks.com/topic/202254-php-registration-login/#findComment-1060554 Share on other sites More sharing options...
jamesxg1 Posted May 19, 2010 Share Posted May 19, 2010 All in one page. <?php if(isset($_POST['submit'])) { register_user($_POST['username'], $_POST['password'], $_POST['email']); function register_user($username, $password, $email){ //Prevent mysql injection TODO: Implement "stripslashes" $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $email = mysql_real_escape_string($email); //Check if passwords where correct if ($password != $_POST['confirm']){ //If not send error message $reg_error = "Passwords did not match!"; include 'regform.php'; exit; }else if ($username =='' || $password =='' || $email ==''){ //Check if all fields are filled $reg_error = "Please fill in all fields!"; include 'regform.php'; exit; } //Check is the username already in the database $check = mysql_query("SELECT * FROM users WHERE username = '$username'"); $result = mysql_num_rows($check); //Check if the email is already in the database $check2 = mysql_query("SELECT * FROM users WHERE email = '$email'"); $result2 = mysql_num_rows($check2); //If username exists throw and error if($result > 0){ $reg_error = "This username is already taken!"; include 'regform.php'; exit; } //If email exists throw an error else if ($result2 > 0){ $reg_error = "This email is already taken!"; include 'regform.php'; exit; } //encrypt password with md5 $encrypt = md5($password); //Register user mysql_query("INSERT INTO users (username, password, email) VALUES ('$username', '$encrypt', '$email')"); } //Login user function log_user($username, $password){ session_start(); //Prevent mysql injection $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $decrypt = md5($password); //Do a query against the DB $checking = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$decrypt'"); $count = mysql_num_rows($checking); //User found set session if ($count == 1){ $_SESSION['logged'] = 1; header("location: main.php"); } //User not found else{ $log_error = "Incorect username or password"; include 'login.php'; exit; } } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>User registration</title> </head> <body> <form action="#" method="POST"> <b>Username:</b><input type="text" name="username"/><br/> <b>Password:</b><input type="password" name="password"/><br/> <b>Confirm password:</b><input type="password" name="confirm"/><br/> <b>Email:</b><input type="text" name="email"/><br/> <input type="submit" value="submit" name="submit" /> </form> <?php if (isset($reg_error)){ echo $reg_error; } ?> <a href="login.php">Or login</a> </body> </html> Link to comment https://forums.phpfreaks.com/topic/202254-php-registration-login/#findComment-1060556 Share on other sites More sharing options...
macross Posted May 19, 2010 Author Share Posted May 19, 2010 Thank you! This is exactly what i wanted. Link to comment https://forums.phpfreaks.com/topic/202254-php-registration-login/#findComment-1060560 Share on other sites More sharing options...
ignace Posted May 19, 2010 Share Posted May 19, 2010 if (isset($_POST['Submit'])){ Does not exist as you wrote: <input type="submit" value="submit"/> Add name="Submit" and it should work. I always want to point out that your functions are tightly coupled to your code and it will be quite hard to use them elsewhere. For example a registration form that uses some different name's then username and password wouldn't work. Or if you would ever use something different then mysql then this wouldn't work either due to mysql_real_escape_string. Link to comment https://forums.phpfreaks.com/topic/202254-php-registration-login/#findComment-1060567 Share on other sites More sharing options...
macross Posted May 19, 2010 Author Share Posted May 19, 2010 Quote if (isset($_POST['Submit'])){ Does not exist as you wrote: <input type="submit" value="submit"/> Add name="Submit" and it should work. I always want to point out that your functions are tightly coupled to your code and it will be quite hard to use them elsewhere. For example a registration form that uses some different name's then username and password wouldn't work. Or if you would ever use something different then mysql then this wouldn't work either due to mysql_real_escape_string. Thanks for pointing that out. I will definitely change some stuff around. Link to comment https://forums.phpfreaks.com/topic/202254-php-registration-login/#findComment-1060574 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.