registeration problem

[MrEngineer]

Dear All,

It is my first time to be in your forum, which seems to be gorgeous. I would like to seek your help with my php script where I want to match two passwords together but it is not working. In addition to that, can anyone suggest to me more scripts for security enhancements.

I appreciate your help and time.

<?php
$username=$_POST["usrename"];
$title=$_POST["title"];
$fname=$_POST["firstname"];
$lname=$_POST["surname"];
$birth[d]=$_POST["day"];
$birth[m]=$_POST["month"];
$birth[y]=$_POST["year"];
$prof=$_POST["prof"];
$password = md5($_POST["pass"]);
$pass= md5($_POST["pass_conf"]);
$mobno=$_POST['tele1'];
$lanno=$_POST['tele2'];
$worno=$_POST['tele3'];
$e_add[1]=$_POST["email1"];
$e_add[2]=$_POST["email2"];
$address[hn]=$_POST["housen"];
$address[st]=$_POST["street"];
$address[ci]=$_POST["city"];
$address[co]=$_POST["county"];
$address[cy]=$_POST["country"];
$zip=$_POST["post"];
$details=$_POST["details"];
include ("db.php");
if ($title && $fname && $lname && $birth[d] && $birth[m]&& $birth[y]&& $password && $pass)
{
if ($password==$pass)
{
$query = "SELECT FirstName FROM users WHERE FirstName = '$fname'";
          $result = @mysql_query($query);
           $num = @mysql_num_rows($result);
           if ($num==0)
{
$users = "INSERT INTO users (User_ID, UserName, Title, FirstName, LastName, Password, Birth)
VALUES('', '$username', '$title', '$fname', '$lname', '$password', '$birth[d] $birth[m] $birth[y] ')";
$phone = "INSERT INTO phones (Phone_ID, Mobile_NO, Work_NO, Landline_NO)
VALUES('', '$mobno', '$worno', '$lanno')";
$address = "INSERT INTO Address (Address_ID, House_NO, Street, City, Region, Country, ZIP_POST, Other_Details)
VALUES('', '$address[hn]', '$address[st]', '$address[ci]', '$address[co]', '$address[cy]', '$zip', '$details')";
$email = "INSERT INTO Emails (Email_ID, Email1, Email2)
VALUES('', '$e_add[1]', '$e_add[2]')";
$input[1]=mysql_query($users) or die(mysql_error());
$input[2]=mysql_query($phone) or die(mysql_error());
$input[3]=mysql_query($address) or die(mysql_error());
$input[4]=mysql_query($email) or die(mysql_error());
mysql_close();
echo "Account Created ";
}
else
echo "Passwords don't match";
}
    else
   die("This username has already been taken");
}
else
die("Please make sure that all fields are filled in")
?>

[MrEngineer]

Notice: Undefined index: usrename in C:\xampp\htdocs\ly.php on line 4

 

Notice: Use of undefined constant d - assumed 'd' in C:\xampp\htdocs\ly.php on line 8

 

Notice: Use of undefined constant m - assumed 'm' in C:\xampp\htdocs\ly.php on line 9

 

Notice: Use of undefined constant y - assumed 'y' in C:\xampp\htdocs\ly.php on line 10

 

Notice: Undefined index: pass in C:\xampp\htdocs\ly.php on line 12

 

Notice: Use of undefined constant hn - assumed 'hn' in C:\xampp\htdocs\ly.php on line 19

 

Notice: Use of undefined constant st - assumed 'st' in C:\xampp\htdocs\ly.php on line 20

 

Notice: Use of undefined constant ci - assumed 'ci' in C:\xampp\htdocs\ly.php on line 21

 

Notice: Use of undefined constant co - assumed 'co' in C:\xampp\htdocs\ly.php on line 22

 

Notice: Use of undefined constant cy - assumed 'cy' in C:\xampp\htdocs\ly.php on line 23

 

Notice: Use of undefined constant d - assumed 'd' in C:\xampp\htdocs\ly.php on line 27

 

Notice: Use of undefined constant m - assumed 'm' in C:\xampp\htdocs\ly.php on line 27

 

Notice: Use of undefined constant y - assumed 'y' in C:\xampp\htdocs\ly.php on line 27

 

When I ran a script given by one of my friends these mistakes showed up.

Anyone know what is the problem?

[BlueSkyIS]

we can give you general info about them, but no specifics without seeing the code. for instance, the first notice,

 

Notice: Undefined index: usrename in C:\xampp\htdocs\ly.php on line 4

 

This means that you probably used the index usrename in reference to an array on line 4 of the file ly.php. in other words, you did this when there is no such thing:

 

$something = $some_array['usrename'];

 

[Pikachu2000]

The script attempts to use the value of variables that are not initialized where you see the undefined index warning, and there are associative array indices that are not quoted causing the undefined constant warning.

 

You need to make sure the variable you're using exists before using its value.

if( isset($variable) ) {
     $vew_var = $variable;
}

 

Associative array indices should be quoted.

$_POST['hn']

[PFMaBiSmAd]

Sorry to be blunt, but the problem is inconstant and minimal coding.

 

The undefined index errors are due to mistyped and nonexistent names. The 'Use of undefined constant' errors are because of missing quotes around the array index associative names.

 

Did anyone (the OP and his buddy that gave him this code) look at each line of code an TRY to determine why it is producing an error? Is usrename spelled correctly? Is there a form field named pass? For all the lines with undefined constant errors ($birth[d]) the error messages assumed 'd' told you what the php language assumed they should be.