Jump to content

Login script help


voyde

Recommended Posts

I re-wote a login / register script to have more inputs (forms)
however when i was done I found the following error,

[quote]Column count doesn't match value count at row 1[/quote]

Code is below

[code]<?php
session_start();
require ("config.php");
//checking of install file
if (file_exists ("install.php")) die ("<font color=\"red\">FATAL ERROR. INSTALL.PHP EXISTS! POSSIBLE SECURITY RISK! TERMINATING PROGRAM</font>");
if (isset ($_SESSION['loggedin']) && isset ($_SESSION['time']))
{
header ('Location: ./');
}
else if ($allow_guest_to_register == TRUE || isset ($_SESSION['alsadmin']))
{
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Register</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body onLoad="setFocus()">
<?php
if ( isset ($_POST['submit']) )
{
$error = false;
$user_login = $_POST['user_login'];
$user_pass1 = $_POST['user_pass1'];
$user_pass2 = $_POST['user_pass2'];
$user_name = $_POST['user_name'];
$user_nick = $_POST['user_nick'];
$user_email = $_POST['user_email'];
$user_url = $_POST['user_url'];
$user_location = $_POST['user_location'];
$user_birth = $_POST['user_birth'];
$user_pic = $_POST['user_pic'];
//the validation no. user typed
$imgno = md5 ($_POST['imgno']);
//the real validation number
$realno = $_POST['realno'];

//search if the username exist
$search1 = "SELECT * from ".$mysql_pretext."users where user_login='$user_login'";
$search2 = mysql_query ($search1) or die (mysql_error());
$search3 = mysql_fetch_array ($search2);

$search_email = "SELECT * from ".$mysql_pretext."users where user_email='$user_email'";
  $search_email2 = mysql_query( $search_email ) or die(mysql_error());
    $search_email3 = mysql_fetch_array( $search_email2 );

if ( $user_pass1 == $user_pass2 )
{
if ( empty ($user_pass1) || empty ($user_pass2) )
{
print '<p align="center">You need to fill up the password and confirm password fields.</p>';
$error = true;
}
elseif ( $search3 )
{
print '<p align="center">Sorry,but that ID-Number is already taken.</p>';
$error = true;
}

elseif ( empty ($user_login) )
{
print '<p align="center">You need to fill in the ID-field.</p>';
$error = true;
}

elseif ( empty ($user_email) )
{
print '<p align="center">You need to fill in your email address.</p>';
$error = true;
}

elseif ( $search_email3 )
{
print '<p align="center">Your email address already exists on the database!If you have forgotten your password,you can reset it by clicking <a href="reset.php">here</a>.</p>';
$error = true;
}

//if the user typed a validation number of less than 4 chars
else if (strlen ($imgno) < 4 && $display_bot_image)
{
print '<p align="center">You did not enter a valid validation number.</p>';
$error = true;
}

//if validation number is wrong
else if ($imgno != $realno && $display_bot_image)
{
print '<p align="center">You did not enter a valid validation number</p>';
$error = true;
}
 
//if the email address is not valid.need at least 5 chars because the shortest valid email address will be something like a@b.cc and check that the @ sign is there
else if (strlen ($user_email) < 5 || !eregi ("@.", $user_email))
{
print '<p align="center">You did not enter a valid email</p>';
$error = true;
}

}

else
{
print '<p align="center">Your passwords doesn\'t match.</p>';
$error = true;
}

if ( $error )
{
print '<p align="center"><a href="'.$_SERVER['PHP_SELF'].'?user_login='.$user_login.'&user_email='.$user_email.'&user_pass='.$user_pass1.'">Retry?</a></p>';
}

else
{
$user_pass = md5 ($user_pass1);
$date = round (date("U")/1000);
      srand ($date);
      $validkey = rand (1,100000000);
      $validkey = md5 ($validkey);
      $SQL = "INSERT into ".$mysql_pretext."users (user_login, user_pass, user_name, user_nick, user_email, user_url, user_location, user_birth, user_pic, validkey, validated) VALUES('$user_login','$user_pass','$user_name','$user_nick','$user_email','user_url','user_location','user_birth','user_pic', '$validkey')";
      mysql_query ($SQL) or die(mysql_error());
if ($need_to_validate_acct == TRUE)
{
if (mail ("$user_email","Your Activation key","Click the URL below to activate your account at Voyde.net. \n $path/activate.php?email=$user_email&password=$password&key=$validkey","From: ".$admin_email.""))
{
print'<p><center>You are registered!An email has been sent to your email address.You need to activate your account before you can login.</p><p align="center"><a href="javascript:window.close();">Close Window</a></center></p>';
}
else
{
print '<p align="center">There is a problem with the mail server. Click on the link below to activate your account.</p><p align="center"><a href="activate.php?email='.$user_email.'&password='.$user_pass1.'&key='.$validkey.'">Activate</a></p>';
}
}
else
{
print'<p>You are registered!You can login now.</p><p align="center"><a href="javascript:window.close();">Close Window</a></p>';
}
}
}
else
{
$imgtxt = rand(1000,9999);
?>
<table width="350" cellpadding="5px" align="center" border="1" style="border-style:dashed; border-width:thin; border-collapse:collapse;" cellspacing="0px">
<form action="<?php print $_SERVER['PHP_SELF']; ?>" method="post" name="register">
<input type="hidden" name="realno" value="<?php print md5 ($imgtxt); ?>" />
<tr>
  <td width="100">School ID Number:</td><td><input type="text" name="user_login" size="20" value="2000<?php print $_GET['user_login']; ?>" />
  <br /></td>
</tr>
<tr>
  <td width="100">Password:</td><td> <input type="password" name="user_pass1" size="20" value="<?php print $_GET['user_pass']; ?>" /><br /></td>
</tr>
<tr>
  <td width="100">Confirm Password:</td><td> <input type="password" name="user_pass2" size="20" value="<?php print $_GET['user_pass']; ?>" /><br /></td>
</tr>
<tr>
  <td width="100">Full Name:</td><td> <input type="text" name="user_name" size="20" value="<?php print $_GET['user_name']; ?>" /><br /></td>
</tr>
<tr>
  <td width="100">Nick Name:</td><td> <input type="text" name="user_nick" size="20" value="<?php print $_GET['user_nick']; ?>" /><br /></td>
</tr>
<tr>
  <td width="100">Email:</td><td> <input type="text" name="user_email" size="20" value="<?php print $_GET['user_email']; ?>" /><br /></td>
</tr>
<tr>
  <td width="100">Got A Site?:</td><td> <input type="text" name="user_url" size="20" value="<?php print $_GET['user_url']; ?>" /><br /></td>
</tr>
<tr>
  <td width="100">State:</td><td> <input type="text" name="user_location" size="20" value="<?php print $_GET['user_location']; ?>" /><br /></td>
</tr>
<tr>
  <td width="100">Date of Birth :</td><td> <input type="text" name="user_birth" size="20" value="<?php print $_GET['user_birth']; ?>" /><br /></td>
</tr>
<tr>
  <td width="100">Got a avatar? :</td><td> <input type="text" name="user_pic" size="20" value="<?php print $_GET['user_pic']; ?>" /><br /></td>
</tr>

<?php
if ($display_bot_image)
{
?>
<tr>
  <td width="100">Validation:</td><td>Enter text shown in the image below:<br /><br /><img src="makeimg.php?imgtxt=<?php print base64_encode ($imgtxt); ?>" /><br /><br /><input type="text" name="imgno" size="20" maxlength="4"></td>
</tr>
<?php } ?>
<tr>
<td><input type="submit" name="submit" value="Register" /></td>

</tr></form>
</table>
</body>
</html>
<?php
}
}
//if not allowed for guests to register
else
{
print '<link rel="stylesheet" type="text/css" href="style.css" />';
if (isset ($_POST['login']))
{
//define variables incase server doesn't support global variables
$user_login = $_POST['user_login'];
$user_pass1 = md5 ($_POST['user_pass1']);
$password = md5 ($mysql_password);
//check form details against database details. if correct,
if ($user_login = $mysql_username && $password = $user_pass1)
{
//name the session the username,only encoded
$_SESSION['alsadmin'] = base64_encode ($user_login);
//redirect to the page again.
print "<meta http-equiv=\"refresh\" content=\"2; url=".$_SERVER['PHP_SELF']."\" />";
print "<center><a href=\"".$_SERVER['PHP_SELF']."\">Continue to if browser doesn't redirect you in 3 seconds</a></center>";
}
//if details doesn't match
else
{
print "<center><font face=\"verdana\" color=\"red\" size=\"2\"><b>Error!</b></font></center><p align=\"center\">Incorrect Login</p>";
print "<p align=\"center\"><a href=\"".$_SERVER['PHP_SELF']."?act=view\">Back</a></p>";
die();
}
}
else
{
print "<font color=\"red\"><center>The admin has disabled user registration. If you are the admin,you can login below to create a new user by entering your MySQL database username and MySQl database password</center></font>";
print "<table width=\"300\" cellpadding=\"5px\" align=\"center\" border=\"1\" style=\"border-style:dashed; border-width:thin; border-collapse:collapse;\" cellspacing=\"0px\">";
print "<caption style=\"font-family:Arial, Helvetica, sans-serif; font-weight:bold; font-size:12px\">Login</caption>";
print "<form action=\"".$_SERVER['PHP_SELF']."\" method=\"POST\" />";
    print "<tr><td width=\"45%\" style=\"font-size:11\">MySQL username</td><td><input type=\"text\" name=\"username\" size=\"30\" /></td></tr>";
print "<tr><td width=\"45%\"style=\"font-size:11\">MySQL Password</td><td><input type=\"password\" name=\"pass\" size=\"30\" /></td></tr>";
print "<tr><td width=\"45%\"></td><td><input type=\"submit\" name=\"login\" value=\"Login\" /></td></tr>";
print "</form>";
print "</table>";
print "<hr width=\"300\" />";
print "<div class=\"copyright\" align=\"center\"></div>";
}
}
?>

[/code]
Link to comment
Share on other sites

missing value '$validated' on the end of your insert query.
Also missing several $ on variables there

$SQL = "INSERT into ".$mysql_pretext."users
(user_login, user_pass, user_name, user_nick, user_email, user_url, user_location, user_birth, user_pic, validkey, validated)
VALUES
('$user_login','$user_pass','$user_name','$user_nick','$user_email','[color=red]$[/color]user_url','[color=red]$[/color]user_location','[color=red]$[/color]user_birth','[color=red]$[/color]user_pic', '$validkey',[color=red]'$validated'[/color])";
Link to comment
Share on other sites

The problem is your fields don't match your values

(user_login, user_pass, user_name, user_nick, user_email, user_url, user_location, user_birth, user_pic, validkey, validated)

('$user_login','$user_pass','$user_name','$user_nick','$user_email','user_url','user_location','user_birth','user_pic', '$validkey')

you are missing a validated value.
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.