Jump to content

register script problems

Namtip

By Namtip
in PHP Coding Help

 Share

Recommended Posts

Namtip Member

Namtip

Posted
Posted

I'm sorry this code is a mess, this is my attempt at a online youtube tutorial http://www.youtube.com/user/phpacademy#p/c/9CC58D1B2A2D83D6/9/cBJZZlLrXGo

 

The script runs with no parse errors but it does not the following:

- present error messages when input is incorrect

- enter correct input into the database

- retain the user input in the form so the user does not need to re enter the information.

 

I would just use another script but this is the 2nd part of a tutorial that will really help me learn so I need this to work  :'(. Any help appreciated.

   1.  
   2. <?php
   3. include("design/header.php");
   4. require("connect.php");
   5.  
   6. //register code
   7.  
   8.  
   9. if(isset($POST['submit']))
  10. {
  11. //grab submitted data
  12. $firstname =        $_POST['firstname'];
  13.  $lastname =            $_POST['lastname'];
  14.  $username =            $_POST['username'];
  15.  $password =            $_POST['password'];
  16.  $password_repeat = $_POST['password_repeat'];
  17.  
  18.  $dob_year =            $_POST['dob_year'];
  19.  $dob_month =       $_POST['dob_month'];
  20.  $dob_day =         $_POST['dob_day'];
  21.  
  22.  $gender =          $_POST['gender'];
  23.  
  24. if (
  25. $firstname&&
  26. $lastname&&
  27. $username&&
  28. $password&&
  29. $password_repeat&&
  30. $dob_year&&
  31. $dob_month&&
  32. $dob_day&&
  33. $gender
  34. )
  35. {
  36.  
  37. //validation
  38.     if(strlen($firstname)>25 || strlen($lastname)>25 || strlen($username)>25)
  39.         echo "Firstname, lastname and username must be no more than 25 characters.";
  40.    
  41.    
  42.         else
  43.         {
  44.         if (strlen($password)>25 || strlen($password)<6)
  45.             echo "Password must be between 6 and 25 characters.";
  46.            
  47.             else
  48.             {
  49.                 if (is_numberic($dob_year)&&is_numberic($dob_month)&&is_numberic($dob_day))
  50.                 {
  51.                
  52.                 if (strlen($dob_year)>4||strlen($dob_year)>2||strlen($dob_year)>2)
  53.                     echo "Date of birth must be 4 characters, month and must be 2.";
  54.                     else
  55.                     {
  56.                         if ($gender=="Male"||$gender=="Female")
  57.                         {
  58.                          //compare pass
  59.                          if ($password==$password_repeat)
  60.                          {
  61.                             //check dob limits for month and day
  62.                             if ($dob_month>12||$dob_day>31)
  63.                                 echo "Date of birth month or day is bigger than expected!";
  64.                                 else{
  65.                                 //check for existing user
  66.                                 $query =mysql_query("SELECT * FROM users WHERE username='$username'");
  67.                                 if (mysql_num_rows($query)>=1)
  68.                                     echo "That username is already taken.";
  69.                                         else {
  70.                                         //success!!
  71.                             $dob_db = "$dob_year-$dob_month-$dob_day";
  72.                             $password_db = md5($password);
  73.                            
  74.                             switch ($gender)
  75.                                     {
  76.                                 case "Male":
  77.                                 $gender_db = "M";
  78.                                 break;
  79.                                 case "Female":
  80.                                 $gender_db = "F";
  81.                                 break;
  82.                             $register = mysql_query("INSERT INTO user VALUES ('','$firstname','$lastname','$username','$password_db','$dob_db','$gender_db')");
  83.                             echo "success!";
  84.                                     }
  85.                                 }
  86.                             }
  87.                          }
  88.                          else
  89.                          {echo "Passwords must match";
  90.                          }
  91.                     }
  92.                     else
  93.                     echo "Gender must be Male or Female.";
  94.                 }
  95.             }
  96.                 else
  97.                     echo "Date of birth must be in number form. For example 1993/05/30";
  98.         }
  99.         }
100. }else{
101.     echo "Please enter your details and click Register!";
102.     }
103. }
104.  
105. ?>
106.  
107. <p>
108. <form action='register.php' method='POST'>
109.  
110.     <table width='60%'>
111.         <tr>
112.                 <td width='40%' align='right'>
113.                 <font size='2' face='arial'>Firstname:
114.                 </td>
115.                 <td>
116.                 <input type='text' value='<?php echo $firstname; ?>' name='firstname' maxlength='25'>
117.                 </td>
118.         </tr>
119.         <tr>
120.                 <td width='40%' align='right'>
121.                 <font size='2' face='arial'>Lastname:
122.                 </td>
123.                 <td>
124.                 <input type='text' value='<?php echo $lastname; ?>' name='lastname' maxlength='25'>
125.                 </td>
126.         </tr>
127.         <tr>
128.                 <td width='40%' align='right'>
129.                 <font size='2' face='arial'>Username:
130.                 </td>
131.                 <td>
132.                 <input type='text' value='<?php echo $username; ?>' name='username' maxlength='25'>
133.                 </td>
134.         </tr>
135.         <tr>
136.                 <td width='40%' align='right'>
137.                 <font size='2' face='arial'>Password:
138.                 </td>
139.                 <td>
140.                 <input type='password'  name='password' maxlength='25'>
141.                 </td>
142.         </tr>
143.         <tr>
144.                 <td width='40%' align='right'>
145.                 <font size='2' face='arial'>Repeat Password:
146.                 </td>
147.                 <td>
148.                 <input type='password'  name='password_repeat' maxlength='25'>
149.                 </td>
150.         </tr>
151.         <tr>
152.                 <td width='40%' align='right'>
153.                 <font size='2' face='arial'>Date of birth:
154.                 </td>
155.                 <td>
156.                 <input type='text' name='dob_year' maxlength='4' size='3' value='<?php if ($dob_year) echo $dob_year; else echo "YYYY";?>'> /<input type='text' name='dob_month' maxlength='2' size='1' value='<?php if ($dob_month) echo $dob_month; else echo "MM";?>'> / <input type='text' name='dob_day' maxlength='2' size='1' value='<?php if ($dob_day) echo $dob_day; else echo "DD";?>'>
157.                 </td>
158.         </tr>
159.         <tr>
160.                 <td width='40%' align='right'>
161.                 <font size='2' face='arial'>Gender:
162.                 </td>
163.                 <td>
164.                 <select name='gender'>
165.                     <option>Female</option>
166.                     <option>Male</option>
167.                 </select>
168.                 </td>
169.         </tr>
170.  
171.     </table>
172.     <div align='right'><input type='submit' name='submit' value='Register'>
173. </form>
174.  
175.  
176. <?php
177. include("design/footer.php");
178.  
179. ?>
180. 

 

 

Link to comment
https://forums.phpfreaks.com/topic/213335-register-script-problems/
Share on other sites
Andy-H Advanced Member

Andy-H

Posted
Posted

is_numberic() isn't a function, unless it's one you have defined yourself. However, I think the function you're looking for is is_numeric. BTW, find a better tutorial, the code you have from this one doesn't even have any protection against SQL injection and just has bad programing practice's written all over it.

 

Take a look at:

isset && empty

ctype (_digit/_alpha/_alnum)

filter_var (FILTER_VALIDATE_EMAIL flag in particular)

mysql_real_escape_string

 

 

 

Namtip Member

Namtip

Posted
  • Author
Posted

Could you edit your post and post the code without the line numbers so that someone would have a chance at helping you.

 

<?php
include("design/header.php");
require("connect.php");

//register code


if(isset($POST['submit']))
{
//grab submitted data
$firstname = 		$_POST['firstname'];
$lastname =			$_POST['lastname'];
$username =			$_POST['username'];
$password =			$_POST['password'];
$password_repeat =	$_POST['password_repeat'];

$dob_year =			$_POST['dob_year'];
$dob_month =		$_POST['dob_month'];
$dob_day =			$_POST['dob_day'];

$gender =			$_POST['gender'];

if (
$firstname&&
$lastname&&
$username&&
$password&&
$password_repeat&&
$dob_year&&
$dob_month&&
$dob_day&&
$gender
)
{

//validation
if(strlen($firstname)>25 || strlen($lastname)>25 || strlen($username)>25)
	echo "Firstname, lastname and username must be no more than 25 characters.";


	else
	{
	if (strlen($password)>25 || strlen($password)<6)
		echo "Password must be between 6 and 25 characters.";

		else
		{
			if (is_numberic($dob_year)&&is_numberic($dob_month)&&is_numberic($dob_day))
			{

			if (strlen($dob_year)>4||strlen($dob_year)>2||strlen($dob_year)>2)
				echo "Date of birth must be 4 characters, month and must be 2.";
				else
				{
					if ($gender=="Male"||$gender=="Female")
					{
					 //compare pass
					 if ($password==$password_repeat)
					 {
						//check dob limits for month and day
						if ($dob_month>12||$dob_day>31)
							echo "Date of birth month or day is bigger than expected!";
							else{
							//check for existing user
							$query =mysql_query("SELECT * FROM users WHERE username='$username'");
							if (mysql_num_rows($query)>=1)
								echo "That username is already taken.";
									else {
									//success!!
						$dob_db = "$dob_year-$dob_month-$dob_day";
						$password_db = md5($password);

						switch ($gender)
								{
							case "Male":
							$gender_db = "M";
							break;
							case "Female":
							$gender_db = "F";
							break;
						$register = mysql_query("INSERT INTO user VALUES ('','$firstname','$lastname','$username','$password_db','$dob_db','$gender_db')");
						echo "success!";
								}
							}
						}
					 }
					 else
					 {echo "Passwords must match";
					 }
				}
				else
				echo "Gender must be Male or Female.";
			}
		}
			else
				echo "Date of birth must be in number form. For example 1993/05/30";
	}
	}
}else{
echo "Please enter your details and click Register!";
}
}

?>

<p>
<form action='register.php' method='POST'>

<table width='60%'>
	<tr>
			<td width='40%' align='right'>
			<font size='2' face='arial'>Firstname:
			</td>
			<td>
			<input type='text' value='<?php echo $firstname; ?>' name='firstname' maxlength='25'>
			</td>
	</tr>
	<tr>
			<td width='40%' align='right'>
			<font size='2' face='arial'>Lastname:
			</td>
			<td>
			<input type='text' value='<?php echo $lastname; ?>' name='lastname' maxlength='25'>
			</td>
	</tr>
	<tr>
			<td width='40%' align='right'>
			<font size='2' face='arial'>Username:
			</td>
			<td>
			<input type='text' value='<?php echo $username; ?>' name='username' maxlength='25'>
			</td>
	</tr>
	<tr>
			<td width='40%' align='right'>
			<font size='2' face='arial'>Password:
			</td>
			<td>
			<input type='password'  name='password' maxlength='25'>
			</td>
	</tr>
	<tr>
			<td width='40%' align='right'>
			<font size='2' face='arial'>Repeat Password:
			</td>
			<td>
			<input type='password'  name='password_repeat' maxlength='25'>
			</td>
	</tr>
	<tr>
			<td width='40%' align='right'>
			<font size='2' face='arial'>Date of birth:
			</td>
			<td>
			<input type='text' name='dob_year' maxlength='4' size='3' value='<?php if ($dob_year) echo $dob_year; else echo "YYYY";?>'> /<input type='text' name='dob_month' maxlength='2' size='1' value='<?php if ($dob_month) echo $dob_month; else echo "MM";?>'> / <input type='text' name='dob_day' maxlength='2' size='1' value='<?php if ($dob_day) echo $dob_day; else echo "DD";?>'>
			</td>
	</tr>
	<tr>
			<td width='40%' align='right'>
			<font size='2' face='arial'>Gender:
			</td>
			<td>
			<select name='gender'>
				<option>Female</option>
				<option>Male</option>
			</select>
			</td>
	</tr>

</table>
<div align='right'><input type='submit' name='submit' value='Register'>
</form>


<?php
include("design/footer.php");

?>

 

Sorry, I don't even know how to help you to help me.  :shy:

 

Thanks andy, I've changed the "is_numeric function". I know of half of the functions you recommended. So I better get to work on the other half! Still doesn't work though. I'm going to keep plugging away at it.

Andy-H Advanced Member

Andy-H

Posted
Posted 

<?php
include("design/header.php");
require("connect.php");

//register code


   if(isset($POST['submit']))
   {

      //grab submitted data
      $firstname       =   isset($_POST['firstname'])       ? $_POST['firstname']       : '';
      $lastname        =   isset($_POST['lastname'])        ? $_POST['lastname']        : '';
      $username        =   isset($_POST['username'])        ? $_POST['username']        : '';
      $password        =   isset($_POST['password'])        ? $_POST['password']        : '';
      $password_repeat =   isset($_POST['password_repeat']) ? $_POST['password_repeat'] : '';

      $dob_year        =   isset($_POST['dob_year'])        ? $_POST['dob_year']        : '';
      $dob_month       =   isset($_POST['dob_month'])       ? $_POST['dob_month']       : '';
      $dob_day         =   isset($_POST['dob_day'])         ? $_POST['dob_day']         : '';

      $gender          =   isset($_POST['gender'])          ? $_POST['gender']          : '';

         //validation
         if( strlen($firstname) > 25 || strlen($lastname) > 25 || strlen($username) > 25)
         {
            echo "Firstname, lastname and username must be no more than 25 characters.";
            unset($firstname);
            unset($lastname);
            unset($username);
         }
         else
         {

            if ( strlen($password) > 25 || strlen($password) < 6)
            {
               echo "Password must be between 6 and 25 characters.";
            }
            else
            {
              

               if ( ctype_digit($dob_year) && ctype_digit($dob_month) && ctype_digit($dob_day) )
               {
                  echo "Year, month and day of birth must be numeric values.";
                  unset($dob_year);
                  unset($dob_month);
                  unset($dob_day);
               }
               else
               {

                  if ( strlen($dob_year) > 4 || strlen($dob_year) > 2 || strlen($dob_year) > 2 )
                     echo "Year of birth must be 4 characters long, month and day must be 2.";
                     unset($dob_year);
                     unset($dob_month);
                     unset($dob_day);
                  }
                  else
                  {
                     //compare pass
                     if ( $password != $password_repeat )
                     {
                        echo "Password's didn't match.";
                     }
                     else
                     {
                        //check dob limits for month and day
                        if ($dob_month>12||$dob_day>31)
                        {
                           echo "Date of birth month or day is higher than expected!";
                           unset($dob_year);
                           unset($dob_month);
                           unset($dob_day);
                        }
                        else
                        {

                           //check for existing user
                           $query = mysql_query("SELECT * FROM users WHERE username='" . mysql_real_escape_string($username) . "' LIMIT 1");
                           if (mysql_num_rows($query) > 0)
                           {
                              echo "That username is already taken.";
                           }
                           else
                           {
                              //success!!
                              $dob_db = "$dob_year-$dob_month-$dob_day";
                              $password_db = md5($password);
                     
                              $register = mysql_query("INSERT INTO user VALUES ('','" . mysql_real_escape_string($firstname) . "','" . mysql_real_escape_string($lastname) . "','" . mysql_real_escape_string($username) . "','$password_db','$dob_db','" . mysql_real_escape_string($gender) . "')");

                              echo "Your account has been registered, you can now log in!";
                           }
                        }
                     }
                  }
               }
            }
         }
   }
?>

<p>
<form action='register.php' method='POST'>

   <table width='60%'>
      <tr>
            <td width='40%' align='right'>
            <font size='2' face='arial'>Firstname:
            </td>
            <td>
            <input type='text' value='<?php echo $firstname; ?>' name='firstname' maxlength='25'>
            </td>
      </tr>
      <tr>
            <td width='40%' align='right'>
            <font size='2' face='arial'>Lastname:
            </td>
            <td>
            <input type='text' value='<?php echo $lastname; ?>' name='lastname' maxlength='25'>
            </td>
      </tr>
      <tr>
            <td width='40%' align='right'>
            <font size='2' face='arial'>Username:
            </td>
            <td>
            <input type='text' value='<?php echo $username; ?>' name='username' maxlength='25'>
            </td>
      </tr>
      <tr>
            <td width='40%' align='right'>
            <font size='2' face='arial'>Password:
            </td>
            <td>
            <input type='password'  name='password' maxlength='25'>
            </td>
      </tr>
      <tr>
            <td width='40%' align='right'>
            <font size='2' face='arial'>Repeat Password:
            </td>
            <td>
            <input type='password'  name='password_repeat' maxlength='25'>
            </td>
      </tr>
      <tr>
            <td width='40%' align='right'>
            <font size='2' face='arial'>Date of birth:
            </td>
            <td>
            <input type='text' name='dob_year' maxlength='4' size='3' value='<?php if ($dob_year) echo $dob_year; else echo "YYYY";?>'> /<input type='text' name='dob_month' maxlength='2' size='1' value='<?php if ($dob_month) echo $dob_month; else echo "MM";?>'> / <input type='text' name='dob_day' maxlength='2' size='1' value='<?php if ($dob_day) echo $dob_day; else echo "DD";?>'>
            </td>
      </tr>
      <tr>
            <td width='40%' align='right'>
            <font size='2' face='arial'>Gender:
            </td>
            <td>
            <select name='gender'>
               <option value="F">Female</option>
               <option value="M">Male</option>
            </select>
            </td>
      </tr>

   </table>
   <div align='right'><input type='submit' name='submit' value='Register'>
</form>


<?php
include("design/footer.php");

?>

 

Namtip Member

Namtip

Posted
  • Author
Posted

Oh wow! Thank you andy, that's certainly tidied things up.  :D

copied and pasted the code, added a curly bracket(to get it past a T_else parse error) and.. still the code won't enter into the data base, the error messages still won't come up and I have to reenter the information from the forms.

 

I typied "print_r($_POST);" at the top of the form and all the variables make it past the submit okay

 

"Array ( [firstname] => roger [lastname] => gracie [username] =>  roger [password] => onward [password_repeat] => onward [dob_year] => 1984 [dob_month] => 05 [dob_day] => 30 [gender] => Male [submit] => Register )"

 

Which leads me to think that there's something fundamentally wrong with the logic? Or my database is wrong or my include/require files may be interferring(is that possible).

PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted
if(isset($POST['submit']))

 

^^^^ Should be $_POST

 

The symptom is that of the php code being skipped over (i.e. none of the $firstname... variables have been set.)

 

You should be developing and debugging your php code on a system with error_reporting set to E_ALL and display_errors set to ON in your master php.ini so that all the php detected errors will be reported and displayed. You will save a ton of time.

Mod-Jay Member

Mod-Jay

Posted
Posted

Try a New Insert Method Like

              mysql_query("INSERT INTO main (date, username, rights, ip, password, email, banned) VALUES ('" . date("Y-m-d") . "', '". realEscape($_POST['username']) ."', 0, '". $_SERVER['REMOTE_ADDR'] ."', '". md5($_POST['password1']) ."', '". realEscape($_POST['email']) ."', 0)");

 

Notice How i have The Database names in the Correct Order

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.