Jump to content

php registration system - added to database even if there's errors

Ruko

By Ruko
in PHP Coding Help

Recommended Posts

Ruko Member

Ruko

Posted
Posted

Ok, first off, I tested my own coded reg system and when I make an error test, the error shows but the user info gets added to the database. How can I stop letting the code add the user to the database when an error occurs.

<?php include "lang.php"; ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>PokePals - Registering</title>
<script type="text/javascript" src="http://code.jquery.com/jquery-1.4.2.min.js" />
<link rel="stylesheet" type="text/css" href="style.css" /></head>
<body>
<?php include "navbar.php"; ?>
<?php 
// Important stuff goes here
include "sql_local.php";
include "ban.php";
// Now for the registration page
  echo "<div class='panel'>";
	if (isset($_POST["submit"])) {
		// Define the variables here
		$user = mysql_real_escape_string ($_POST["user"]);
		$pass1 = mysql_real_escape_string ($_POST["pass"]);
		$pass2 = mysql_real_escape_string ($_POST["passconf"]);
		$email = mysql_real_escape_string ($_POST["email"]);
		$email2 = mysql_real_escape_string ($_POST["email2"]);
		$dpfc = mysql_real_escape_string ($_POST["dpfc"]);
		$platinumfc = mysql_real_escape_string ($_POST["platinumfc"]);
		$hgssfc = mysql_real_escape_string ($_POST["hgssfc"]);
		$otherfc = mysql_real_escape_string ($_POST["otherfc"]);
		$favoritepkmn = mysql_real_escape_string ($_POST["favoritepkmn"]);
		$aboutme = mysql_real_escape_string ($_POST["aboutme"]);
		$hobbies = mysql_real_escape_string ($_POST["hobbies"]);
		$favorites = mysql_real_escape_string ($_POST["favorites"]);
		$gender = mysql_real_escape_string ($_POST["gender"]);

		// Now check for some errors
			// Did he/she fill out the form completely? Lets find out
	function errors() {
			if (!$_POST["user"] | !$_POST["pass"] | !$_POST["email"] ) { 
  echo "<div class='error'>Please fill in the required fields</div>";
			}
			// Passwords match
			 if ($_POST['pass'] != $_POST['passconf']) {
  				echo "<div class='error'>Password does not match with the other one</div>";
			}
			// Email match
			 if ($_POST['email'] != $_POST['email2']) {
				 echo "<div class='error'>Email does not match with the other one</div>";
			 }
	}

						// Is the user banned?
			foreach($banned_ips as $ip_ban) {
    			if($user_ip == $ip_ban) {
		 		die ("<div class='error'>Your IP address is banned from registering. Contact the site administrator for more info</div>");
			}
			}
		// If there are no errors, start adding the information to the database
		if (!errors()) {
		// Secure the passwords
			$securepass = md5($pass1);
		// Submit to the database
			$insertuser = "INSERT INTO users (user, password, email, dpfc, platinumfc, hgssfc, otherfc, favoritepkmn, aboutme, hobbies, favorites, gender, regip) values ('$user', '$securepass', '$email', '$dpfc', '$platinumfc', '$hgssfc', '$otherfc', '$favoritepkmn', '$aboutme', '$hobbies', '$favorites', '$gender', '$user_ip')";
			$add = mysql_query($insertuser, $con) or die ('Error: ' . mysql_error() . ' Please contact an admin');
			if ($add) {
			echo ("<h3>Registration Success</h3><p>You may now login using your username and password. Start hatching some eggs now!</p>"); }
		}
	}
  ?> <div class='registerform'><form action='register.php' method='post'>
      <label>Username *</label>
      <input type='text' name='user' class='form1' value='<?php echo @$_POST['user']; ?>' />
      <fieldset><legend>Password</legend>
      <label>Enter your password *</label>
      <input type='password' name='pass' class='form1' value='<?php echo @$_POST['pass']; ?>' />
      <label>Password again *</label>
      <input type='password' name='passconf' class='form1' value='<?php echo @$_POST['passconf']; ?>' />
      </fieldset>
      <fieldset><legend>Email</legend>
      <label>Enter your email *</label>
      <input type="text" name="email" class="form1" value="<?php echo @$_POST['email']; ?>" />
      <label>Enter email again *</label>
      <input type="text" name="email2" class="form1" value="<?php echo @$_POST['email2']; ?>" />
      </fieldset>
      <input type="submit" name="submit" class="submitbutton" value="Register!" />
      </form>

 

harristweed Newbie

harristweed

Posted
Posted

this is a bit 'cor blimmey' but a simple way is with a flag.

$errors=0;

// add flag to all error checks
if (!$_POST["user"] | !$_POST["pass"] | !$_POST["email"] ) { 
      echo "<div class='error'>Please fill in the required fields</div>";
$errors=1;
                }

// then test the flag before putting data into database

if ($flag < 1){
// add data
}else{
//show error message
}

 

dezkit Advanced Member

dezkit

Posted
Posted 

function errors() {
			$error = 0;
			if (!$_POST["user"] | !$_POST["pass"] | !$_POST["email"] ) { 
				echo "<div class='error'>Please fill in the required fields</div>";
				$error = 1;
			}
			if ($_POST['pass'] != $_POST['passconf']) {
  				echo "<div class='error'>Password does not match with the other one</div>";
				$error = 1;
			} 
			if ($_POST['email'] != $_POST['email2']) {
				 echo "<div class='error'>Email does not match with the other one</div>";
				$error = 1;
			 }

			return $error;
	}

 

if (errors() == 0) {

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.