webguync Posted December 5, 2010 Share Posted December 5, 2010 Hi, I need to insert some code into my current form code which will check to see if a username exist and if so will display an echo message. If it does not exist will post the form (assuming everything else is filled in correctly). I have tried some code in a few places but it doesn't work correctly as I get the username message exist no matter what. I think I am inserting the code into the wrong area, so need assistance as to how to incorporate the username check code. $sql="select * from Profile where username = '$username'; $result = mysql_query( $sql, $conn ) or die( "ERR: SQL 1" ); if(mysql_num_rows($result)!=0) { process form } else { echo "That username already exist!"; } the current code of the form <?PHP //session_start(); require_once "formvalidator.php"; $show_form=true; if (!isset($_POST['Submit'])) { $human_number1 = rand(1, 12); $human_number2 = rand(1, 38); $human_answer = $human_number1 + $human_number2; $_SESSION['check_answer'] = $human_answer; } if(isset($_POST['Submit'])) { if (!isset($_SESSION['check_answer'])) { echo "<p>Error: Answer session not set</p>"; } if($_POST['math'] != $_SESSION['check_answer']) { echo "<p>You did not pass the human check.</p>"; exit(); } $validator = new FormValidator(); $validator->addValidation("FirstName","req","Please fill in FirstName"); $validator->addValidation("LastName","req","Please fill in LastName"); $validator->addValidation("UserName","req","Please fill in UserName"); $validator->addValidation("Password","req","Please fill in a Password"); $validator->addValidation("Password2","req","Please re-enter your password"); $validator->addValidation("Password2","eqelmnt=Password","Your passwords do not match!"); $validator->addValidation("email","email","The input for Email should be a valid email value"); $validator->addValidation("email","req","Please fill in Email"); $validator->addValidation("Zip","req","Please fill in your Zip Code"); $validator->addValidation("Security","req","Please fill in your Security Question"); $validator->addValidation("Security2","req","Please fill in your Security Answer"); if($validator->ValidateForm()) { $con = mysql_connect("localhost","uname","pw") or die('Could not connect: ' . mysql_error()); mysql_select_db("beatthis_beatthis") or die(mysql_error()); $FirstName=mysql_real_escape_string($_POST['FirstName']); //This value has to be the same as in the HTML form file $LastName=mysql_real_escape_string($_POST['LastName']); //This value has to be the same as in the HTML form file $UserName=mysql_real_escape_string($_POST['UserName']); //This value has to be the same as in the HTML form file $Password= md5($_POST['Password']); //This value has to be the same as in the HTML form file $Password2= md5($_POST['Password2']); //This value has to be the same as in the HTML form file $email=mysql_real_escape_string($_POST['email']); //This value has to be the same as in the HTML form file $Zip=mysql_real_escape_string($_POST['Zip']); //This value has to be the same as in the HTML form file $Birthday=mysql_real_escape_string($_POST['Birthday']); //This value has to be the same as in the HTML form file $Security=mysql_real_escape_string($_POST['Security']); //This value has to be the same as in the HTML form file $Security2=mysql_real_escape_string($_POST['Security2']); //This value has to be the same as in the HTML form file $sql="INSERT INTO Profile (`FirstName`,`LastName`,`Username`,`Password`,`Password2`,`email`,`Zip`,`Birthday`,`Security`,`Security2`) VALUES ('$FirstName','$LastName','$UserName','$Password','$Password2','$email','$Zip','$Birthday','$Security','$Security2')"; //echo $sql; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } else{ mail('email@gmail.com','A profile has been submitted!',$FirstName.' has submitted their profile',$body); echo "<h3>Your profile information has been submitted successfully.</h3>"; } mysql_close($con); $show_form=false; } else { echo "<h3 class='ErrorTitle'>Validation Errors:</h3>"; $error_hash = $validator->GetErrors(); foreach($error_hash as $inpname => $inp_err) { echo "<p class='errors'>$inpname : $inp_err</p>\n"; } } } if(true == $show_form) { ?> Quote Link to comment Share on other sites More sharing options...
2-d Posted December 6, 2010 Share Posted December 6, 2010 Hello, What appears to the be the issue here is the way you are doing the comparison in the if statement: if(mysql_num_rows($result)!=0) Since you are doing a 'not equal', it will only fall into this case if a row was returned from the mysql statement above, meaning the username was already taken. So if a username does not exist, this comparison will fail and you will fall into the else case which throws the error. For example, if the mysql statement does NOT find a username, mysql_num_rows($result) will return 0. The if case willl then be "if(0 != 0)" which will return false and send you to the else. That is why you were receiving the error message each time. You will want to change the if statement to equals to: if(mysql_num_rows($result) == 0) Let me know if there are any other errors you need help with, I didn't go through all of the code, that was just the first thing I saw. Quote Link to comment Share on other sites More sharing options...
webguync Posted December 6, 2010 Author Share Posted December 6, 2010 with the code I have now, I just get the generic MySQL error. "Error: Duplicate entry 'UserName' for key 'usr'". UserName being the duplicate username in the database. I don't get the customized echo. that I put in. Here is the current code. <?PHP //session_start(); require_once "formvalidator.php"; $show_form=true; if (!isset($_POST['Submit'])) { $human_number1 = rand(1, 12); $human_number2 = rand(1, 38); $human_answer = $human_number1 + $human_number2; $_SESSION['check_answer'] = $human_answer; } if(isset($_POST['Submit'])) { if (!isset($_SESSION['check_answer'])) { echo "<p>Error: Answer session not set</p>"; } if($_POST['math'] != $_SESSION['check_answer']) { echo "<p>You did not pass the human check.</p>"; exit(); } $validator = new FormValidator(); $validator->addValidation("FirstName","req","Please fill in FirstName"); $validator->addValidation("LastName","req","Please fill in LastName"); $validator->addValidation("UserName","req","Please fill in UserName"); $validator->addValidation("Password","req","Please fill in a Password"); $validator->addValidation("Password2","req","Please re-enter your password"); $validator->addValidation("Password2","eqelmnt=Password","Your passwords do not match!"); $validator->addValidation("email","email","The input for Email should be a valid email value"); $validator->addValidation("email","req","Please fill in Email"); $validator->addValidation("Zip","req","Please fill in your Zip Code"); $validator->addValidation("Security","req","Please fill in your Security Question"); $validator->addValidation("Security2","req","Please fill in your Security Answer"); if($validator->ValidateForm()) { $con = mysql_connect("localhost","username","password") or die('Could not connect: ' . mysql_error()); mysql_select_db("DBName") or die(mysql_error()); $FirstName=mysql_real_escape_string($_POST['FirstName']); //This value has to be the same as in the HTML form file $LastName=mysql_real_escape_string($_POST['LastName']); //This value has to be the same as in the HTML form file $UserName=mysql_real_escape_string($_POST['UserName']); //This value has to be the same as in the HTML form file $Password= md5($_POST['Password']); //This value has to be the same as in the HTML form file $Password2= md5($_POST['Password2']); //This value has to be the same as in the HTML form file $email=mysql_real_escape_string($_POST['email']); //This value has to be the same as in the HTML form file $Zip=mysql_real_escape_string($_POST['Zip']); //This value has to be the same as in the HTML form file $Birthday=mysql_real_escape_string($_POST['Birthday']); //This value has to be the same as in the HTML form file $Security=mysql_real_escape_string($_POST['Security']); //This value has to be the same as in the HTML form file $Security2=mysql_real_escape_string($_POST['Security2']); //This value has to be the same as in the HTML form file $sql="select * from Profile where username = '$username'"; $result = mysql_query( $sql, $con ) or die( "ERR: SQL 1" ); if(mysql_num_rows($result) == 0) { $sql="INSERT INTO Profile (`FirstName`,`LastName`,`Username`,`Password`,`Password2`,`email`,`Zip`,`Birthday`,`Security`,`Security2`) VALUES ('$FirstName','$LastName','$UserName','$Password','$Password2','$email','$Zip','$Birthday','$Security','$Security2')"; //echo $sql; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } else{ mail('email@gmail.com','A profile has been submitted!',$FirstName.' has submitted their profile',$body); echo "<h3>Your profile information has been submitted successfully.</h3>"; } mysql_close($con); $show_form=false; } else { echo "<h3 class='ErrorTitle'>Validation Errors:</h3>"; echo "<h3>That username already exist!</h3>"; $error_hash = $validator->GetErrors(); foreach($error_hash as $inpname => $inp_err) { echo "<p class='errors'>$inpname : $inp_err</p>\n"; } } } } if(true == $show_form) { ?> <form name="test" id="ContactForm" method="POST" accept-charset="UTF-8" action="?>"> <fieldset> <div class='normal_field'><label for="LastName">First Name</label></div> <div class='element_label'> <input type='text' name='FirstName' size='20'> </div> <div class='normal_field'><label for="LastName">Last Name</label></div> <div class='element_label'> <input type='text' name='LastName' size='20'> </div> </fieldset> <fieldset> <div class='normal_field'><label for="UserName">User Name</label></div> <div class='element_label'> <input type='text' name='UserName' size='20'> </div> <div class='normal_field'><label for="Password">Password</label></div> <div class='element_label'> <input type='password' name='Password' size='20'> </div> <div class='normal_field'><label for="Password2">Re-Enter Password</label></div> <div class='element_label'> <input type='password' name='Password2' size='20'> </div> <div class='normal_field'><label for="Email">Email</label></div> <div class='element_label'> <input type='text' name='email' size='20'> </div> </fieldset> <fieldset> <div class='normal_field'><label for="Zip">Zip Code</label></div> <div class='element_label'> <input type='text' name='Zip' size='20'> </div> <div class='normal_field'><label for="Birthday">Birthday(mm/dd/yyyy format)</label></div> <div class='element_label'> <input type='text' name='Birthday' size='20'> </div> <div class='normal_field'><label for="Security">Security Question</label></div> <div class='element_label'> <input type='text' name='Security' size='20'> </div> <div class='normal_field'><label for="Security2">Security Answer</label></div> <div class='element_label'> <input type='text' name='Security2' size='20'> </div> <div class='normal_field'><label for="math">What is <?php echo $human_number1." + ".$human_number2. "?"; ?></label></div> <div class='element_label'> <input type='text' name='math' size='20'> </div> </fieldset> <div id="agree"> <label for="tos"> <input type="checkbox" id="tos" name="tos" value="yes" /> I have read and agree to the <a href="ajax/serviceterms.html" id="terms">Terms of Service</a>. </label> </div> <fieldset> <div id="service-terms" class="box rounded-all"></div> <div class="controls"> <input id="submit" type="submit" name="Submit" value="CREATE PROFILE"/> </div> </fieldset> </form> <?PHP }//true == $show_form ?> Quote Link to comment Share on other sites More sharing options...
2-d Posted December 7, 2010 Share Posted December 7, 2010 Ah alright, I see your issue now. You are doing the insert without doing any checking on it. So if the username exists, you get the error of trying to insert a duplicate key. In your code you have this: $sql="INSERT INTO Profile (`FirstName`,`LastName`,`Username`,`Password`,`Password2`,`email`,`Zip`,`Birthday`,`Security`,`Security2`) VALUES ('$FirstName','$LastName','$UserName','$Password','$Password2','$email','$Zip','$Birthday','$Security','$Security2')"; //echo $sql; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } else{ mail('email@gmail.com','A profile has been submitted!',$FirstName.' has submitted their profile',$body); echo "<h3>Your profile information has been submitted successfully.</h3>"; } This piece of code is going to need to be inside of the check you mentioned in the fist post. Like this: $sql="select * from Profile where username = '$UserName'"; $result = mysql_query( $sql, $conn ) or die( "ERR: SQL 1" ); if(!mysql_num_rows($result)){ $sql="INSERT INTO Profile (`FirstName`,`LastName`,`Username`,`Password`,`Password2`,`email`,`Zip`,`Birthday`,`Security`,`Security2`) VALUES ('$FirstName','$LastName','$UserName','$Password','$Password2','$email','$Zip','$Birthday','$Security','$Security2')"; //echo $sql; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); }else{ mail('email@gmail.com','A profile has been submitted!',$FirstName.' has submitted their profile',$body); echo "<h3>Your profile information has been submitted successfully.</h3>"; } } else{ echo "That username already exist!"; } This way, the insert will not even be run if the username is found in the database. And it will return the echoed error that you want. Hope this helps. Cheers Quote Link to comment Share on other sites More sharing options...
webguync Posted December 7, 2010 Author Share Posted December 7, 2010 thanks, the username check appears to work now. One more thing though, if the username exist and they get the error. what is the best way to display the form again? Quote Link to comment Share on other sites More sharing options...
2-d Posted December 7, 2010 Share Posted December 7, 2010 You can redirect them back to the form with an extra variable, lets say error: Header("Location: <url of form>?error=1"); Then on the HTML side of things, you can put a php snippet in that looks for that error: if ($_REQUEST('error') == 1){ echo "Lets display an error"; } Cheers Quote Link to comment Share on other sites More sharing options...
webguync Posted December 7, 2010 Author Share Posted December 7, 2010 thanks. Would the Header("Location: <url of form>?error=1") go right after echo "<h2>Sorry, that username already exist!</h2>"; or should if ($_REQUEST('error') == 1){ echo "<h2>Sorry that username already exist!</h2>"; } replace this. else{ echo "<h2>Sorry, that username already exist!</h2>"; } Quote Link to comment Share on other sites More sharing options...
2-d Posted December 7, 2010 Share Posted December 7, 2010 the Header call would need to replace the echo of the error, you cannot change the headers once something is written to the screen. As for where to put the echo error, you will need to put that in the HTML, wherever you want to display it. It would be something completely separate from the error check. Quote Link to comment Share on other sites More sharing options...
webguync Posted December 7, 2010 Author Share Posted December 7, 2010 I think I am a little confused with where to place the code again. Here is the error I am now getting. "Fatal error: Function name must be a string in new_site/register.php on line 185" and here is my current code <?PHP //session_start(); require_once "formvalidator.php"; $show_form=true; if (!isset($_POST['Submit'])) { $human_number1 = rand(1, 12); $human_number2 = rand(1, 38); $human_answer = $human_number1 + $human_number2; $_SESSION['check_answer'] = $human_answer; } if(isset($_POST['Submit'])) { if (!isset($_SESSION['check_answer'])) { echo "<p>Error: Answer session not set</p>"; } if($_POST['math'] != $_SESSION['check_answer']) { echo "<p>You did not pass the human check.</p>"; exit(); } $validator = new FormValidator(); $validator->addValidation("FirstName","req","Please fill in FirstName"); $validator->addValidation("LastName","req","Please fill in LastName"); $validator->addValidation("UserName","req","Please fill in UserName"); $validator->addValidation("Password","req","Please fill in a Password"); $validator->addValidation("Password2","req","Please re-enter your password"); $validator->addValidation("Password2","eqelmnt=Password","Your passwords do not match!"); $validator->addValidation("email","email","The input for Email should be a valid email value"); $validator->addValidation("email","req","Please fill in Email"); $validator->addValidation("Zip","req","Please fill in your Zip Code"); $validator->addValidation("Security","req","Please fill in your Security Question"); $validator->addValidation("Security2","req","Please fill in your Security Answer"); if($validator->ValidateForm()) { $con = mysql_connect("localhost","uname","pw") or die('Could not connect: ' . mysql_error()); mysql_select_db("DB_Name") or die(mysql_error()); $FirstName=mysql_real_escape_string($_POST['FirstName']); //This value has to be the same as in the HTML form file $LastName=mysql_real_escape_string($_POST['LastName']); //This value has to be the same as in the HTML form file $UserName=mysql_real_escape_string($_POST['UserName']); //This value has to be the same as in the HTML form file $Password= md5($_POST['Password']); //This value has to be the same as in the HTML form file $Password2= md5($_POST['Password2']); //This value has to be the same as in the HTML form file $email=mysql_real_escape_string($_POST['email']); //This value has to be the same as in the HTML form file $Zip=mysql_real_escape_string($_POST['Zip']); //This value has to be the same as in the HTML form file $Birthday=mysql_real_escape_string($_POST['Birthday']); //This value has to be the same as in the HTML form file $Security=mysql_real_escape_string($_POST['Security']); //This value has to be the same as in the HTML form file $Security2=mysql_real_escape_string($_POST['Security2']); //This value has to be the same as in the HTML form file $sql="select * from Profile where username = '$UserName'"; $result = mysql_query( $sql, $con ) or die( "ERR: SQL 1" ); if ($_REQUEST('error') == 1){ echo "Sorry that user name already exist!"; } if(!mysql_num_rows($result)){ $sql="INSERT INTO Profile (`FirstName`,`LastName`,`Username`,`Password`,`Password2`,`email`,`Zip`,`Birthday`,`Security`,`Security2`) VALUES ('$FirstName','$LastName','$UserName','$Password','$Password2','$email','$Zip','$Birthday','$Security','$Security2')"; //echo $sql; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } else{ mail('email@gmail.com','A profile has been submitted!',$FirstName.' has submitted their profile',$body); echo "<h3>Your profile information has been submitted successfully.</h3>"; } } else{ Header("Location: register.php?error=1"); } mysql_close($con); $show_form=false; } else { echo "<h3 class='ErrorTitle'>Validation Errors:</h3>"; $error_hash = $validator->GetErrors(); foreach($error_hash as $inpname => $inp_err) { echo "<p class='errors'>$inpname : $inp_err</p>\n"; } } } if(true == $show_form) { ?> <form name="test" id="ContactForm" method="POST" accept-charset="UTF-8" action="?>"> <fieldset> <div class='normal_field'><label for="LastName">First Name</label></div> <div class='element_label'> <input type='text' name='FirstName' size='20'> </div> <div class='normal_field'><label for="LastName">Last Name</label></div> <div class='element_label'> <input type='text' name='LastName' size='20'> </div> </fieldset> <fieldset> <div class='normal_field'><label for="UserName">User Name</label></div> <div class='element_label'> <input type='text' name='UserName' size='20'> </div> <div class='normal_field'><label for="Password">Password</label></div> <div class='element_label'> <input type='password' name='Password' size='20'> </div> <div class='normal_field'><label for="Password2">Re-Enter Password</label></div> <div class='element_label'> <input type='password' name='Password2' size='20'> </div> <div class='normal_field'><label for="Email">Email</label></div> <div class='element_label'> <input type='text' name='email' size='20'> </div> </fieldset> <fieldset> <div class='normal_field'><label for="Zip">Zip Code</label></div> <div class='element_label'> <input type='text' name='Zip' size='20'> </div> <div class='normal_field'><label for="Birthday">Birthday(mm/dd/yyyy format)</label></div> <div class='element_label'> <input type='text' name='Birthday' size='20'> </div> <div class='normal_field'><label for="Security">Security Question</label></div> <div class='element_label'> <input type='text' name='Security' size='20'> </div> <div class='normal_field'><label for="Security2">Security Answer</label></div> <div class='element_label'> <input type='text' name='Security2' size='20'> </div> <div class='normal_field'><label for="math">What is <?php echo $human_number1." + ".$human_number2. "?"; ?></label></div> <div class='element_label'> <input type='text' name='math' size='20'> </div> </fieldset> <div id="agree"> <label for="tos"> <input type="checkbox" id="tos" name="tos" value="yes" /> I have read and agree to the <a href="ajax/serviceterms.html" id="terms">Terms of Service</a>. </label> </div> <fieldset> <div id="service-terms" class="box rounded-all"></div> <div class="controls"> <input id="submit" type="submit" name="Submit" value="CREATE PROFILE"/> </div> </fieldset> </form> <?PHP }//true == $show_form ?> specifically line 185 is this if ($_REQUEST('error') == 1){ echo "Sorry that user name already exist!"; } Quote Link to comment Share on other sites More sharing options...
2-d Posted December 8, 2010 Share Posted December 8, 2010 Oops, thats a typo on my part, the request variable should be using [] to index the array, not (): if ($_REQUEST['error'] == 1){ echo "Sorry that user name already exist!"; } Quote Link to comment Share on other sites More sharing options...
webguync Posted December 8, 2010 Author Share Posted December 8, 2010 thanks again. I am now getting this error. Warning: Cannot modify header information - headers already sent by (output started at /new_site/inc/inc.header.php:11) in /new_site/register.php on line 229 not sure why I get this b/c this line is the only place I am using a header redirect. Any ideas? Header("Location: register.php?error=1"); Quote Link to comment Share on other sites More sharing options...
webguync Posted December 9, 2010 Author Share Posted December 9, 2010 any ideas on my header error? Does this code always need to be within the <head></head> tags? Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted December 9, 2010 Share Posted December 9, 2010 http://www.phpfreaks.com/forums/php-coding-help/header-errors-read-here-before-posting-them/ Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.