Jump to content

One Page insertion with redirect

Ampboy

By Ampboy
in PHP Coding Help

 Share

Recommended Posts

Ampboy Newbie

Ampboy

Posted
Posted

I am a newbie to php.. Used to do work in Cold Fusion and I cannot figure out what I am doing with a registration page I have created. I am looking to have the page insert into two databases, which it is doing, and then redirect to the main member's page. I have been looking for something and have not found anything here or online that works for me.

 

I understand that you cannot use header() after any type of html or echo, but I have tried .js and other methods. I am not throwing errors, just no redirect... Also I am interested in hearing how bad my code is... any positive criticism is appreciated, as I am still learning  :D

 

Here is my code:

 

<?php include("dbc.php");


?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Registration Page</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <link rel="stylesheet" href="style.css" type="text/css" charset="utf-8">
<link rel="stylesheet" href="styles.css" type="text/css" charset="utf-8">

//Some Javascript...



</script>
</head>
<body>
//Some Styling...
    <!-- content goes here -->
  


<h1>Register</h1>
<?php
ob_start();
error_reporting(0);
$_POST = array_map('secure', $_POST);
if($_POST['submit'])
{
$user_name = mysql_real_escape_string($_POST['user_name']);
$query = mysql_query("SELECT * FROM xxxxusers WHERE user_name='$user_name'");
$query = mysql_query("SELECT * FROM xxxusers WHERE user_name='$user_name'");
if(mysql_num_rows($query) != 0)
{
echo "<div style="font-size: 9pt; font-weight: bold;color: red;">Username already exists</div>";
}
else
{

$user_password = mysql_real_escape_string($_POST['user_password']);
$user_pass = mysql_real_escape_string($_POST['user_pass']);
$user_email = $_POST['user_email'];
$query = mysql_query("SELECT * FROM xxxxusers WHERE user_email='$user_email'");
$query = mysql_query("SELECT * FROM xxxusers WHERE user_email='$user_email'");
if(mysql_num_rows($query) != 0)
{
echo "<div style="font-size: 9pt; font-weight: bold;color: red;">Email already exists</div>";
}
else
{

$enc_password = md5($user_password);
$enc_password = md5($user_pass);

if($user_name && $user_password && $user_pass && $user_email)
{ 

if (strlen($user_name)>20)
{
echo  "<div style="font-size: 9pt; font-weight: bold;color: red;">Your Name is Too Long</div>";
}

$email = htmlspecialchars($_POST['user_email']);
if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email))
{
    echo  "<div style="font-size: 9pt; font-weight: bold;color: red;">E-mail address not valid</div>";
}
{
require "dbc.php";

mysql_query("INSERT INTO xxxxusers
stuff....) VALUES(stuff....) ") 
or die(mysql_error());  

mysql_query("INSERT INTO xxxusers
stuff....) VALUES(stuff....) ") 
or die(mysql_error()); 
}

}
else echo "<div style="font-size: 9pt; font-weight: bold;color: red;">All Fields Are Required</div>";

}
}
}
ob_end_flush();

?>
<form action="register.php" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr>
<td>Username:</td>
<td><input type="text" name="user_name" maxlength="30" value="<?php echo "$user_name"; ?>"></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="user_password" maxlength="30" value=""></td>
</tr>
<tr>
<td>Confirm password:</td>
<td><input type="password" name="user_pass" maxlength="30" value=""></td>
</tr>
<tr>
<td>Email address:</td>
<td><input type="text" name="user_email" maxlength="50" value=""<?php echo "$user_email"; ?>""></td
</tr>

<tr><td colspan="2" align="right">
<input type="submit" value="Register!" id="submit" name="submit"></td></tr>
<tr><td colspan="2" align="left"><a href="index.php">Back to Home Page</a></td></tr>
</table>
</form>

 

Link to comment
https://forums.phpfreaks.com/topic/256023-one-page-insertion-with-redirect/
Share on other sites
scootstah Member

scootstah

Posted
Posted

This is why you want to separate business from presentation. You would need to completely re-write that with that in mind.

 

But if you want a band-aid, move your ob_start() to the very top of the page and ob_end_flush() to the very bottom. Then your header() should work.

Ampboy Newbie

Ampboy

Posted
  • Author
Posted

This is why you want to separate business from presentation. You would need to completely re-write that with that in mind.

 

But if you want a band-aid, move your ob_start() to the very top of the page and ob_end_flush() to the very bottom. Then your header() should work.

 

Thank you for the quick reply. I truly appreciate it.

 

Not sure what you mean about the business from presentation... Can you expand? Not looking for a band-aid fix per se, but trying to learn what I am doing. I will take your advice and work on a re-write based on thoughts you may have

scootstah Member

scootstah

Posted
Posted

This is presentation: 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Registration Page</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <link rel="stylesheet" href="style.css" type="text/css" charset="utf-8">
<link rel="stylesheet" href="styles.css" type="text/css" charset="utf-8">

//Some Javascript...



</script>
</head>
<body>
//Some Styling...
    <!-- content goes here -->
  


<h1>Register</h1>

 

This is business:

ob_start();
error_reporting(0);
$_POST = array_map('secure', $_POST);
if($_POST['submit'])
{
$user_name = mysql_real_escape_string($_POST['user_name']);
$query = mysql_query("SELECT * FROM xxxxusers WHERE user_name='$user_name'");
$query = mysql_query("SELECT * FROM xxxusers WHERE user_name='$user_name'");
if(mysql_num_rows($query) != 0)
{
echo "<div style="font-size: 9pt; font-weight: bold;color: red;">Username already exists</div>";
}
else
{

$user_password = mysql_real_escape_string($_POST['user_password']);
$user_pass = mysql_real_escape_string($_POST['user_pass']);
$user_email = $_POST['user_email'];
$query = mysql_query("SELECT * FROM xxxxusers WHERE user_email='$user_email'");
$query = mysql_query("SELECT * FROM xxxusers WHERE user_email='$user_email'");
if(mysql_num_rows($query) != 0)
{
echo "<div style="font-size: 9pt; font-weight: bold;color: red;">Email already exists</div>";
}
else
{

$enc_password = md5($user_password);
$enc_password = md5($user_pass);

if($user_name && $user_password && $user_pass && $user_email)
{ 

if (strlen($user_name)>20)
{
echo  "<div style="font-size: 9pt; font-weight: bold;color: red;">Your Name is Too Long</div>";
}

$email = htmlspecialchars($_POST['user_email']);
if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email))
{
    echo  "<div style="font-size: 9pt; font-weight: bold;color: red;">E-mail address not valid</div>";
}
{
require "dbc.php";

mysql_query("INSERT INTO xxxxusers
stuff....) VALUES(stuff....) ") 
or die(mysql_error());  

mysql_query("INSERT INTO xxxusers
stuff....) VALUES(stuff....) ") 
or die(mysql_error()); 
}

}
else echo "<div style="font-size: 9pt; font-weight: bold;color: red;">All Fields Are Required</div>";

}
}
}
ob_end_flush();

 

They shouldn't be intertwined together. It makes things hard to follow and maintain. Ideally, they shouldn't even be in the same file. Or directory.

 

Keep all the business in one place, keep all the presentation in another place. Use a function to call upon presentation files when you need them. Presentation files (or templates if you prefer) should only contain HTML and light PHP usage if needed. Things like variables, flow control (if/else) and loops (foreach, while) are all considered okay (as long as it's fairly light).

 

Take a look at the MVC pattern to get a better idea what I am talking about. I'm not saying you have to fully implement the MVC pattern, but simply separating business from presentation will go a long way in making your code more efficient and easier to read and maintain.

PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

Also by setting - error_reporting(0); in your code, any php detected errors won't be reported anyway.

 

You need to have php's error_reporting set to E_ALL (or even better a -1) and display_errors set to ON in your master php.ini on your development system so that all the php detected errors will be reported and displayed. By setting these in the master php.ini on your development system, fatal parse errors in your main file will be reported and you won't need to remember to put error_reporting/display_errors settings into your files for debugging or remove them when you put the code onto a live site. You should aways have error_reporting set to E_ALL and for development display_errors should be ON and on a live site, display_errors should be off and log_errors should be ON.

Ampboy Newbie

Ampboy

Posted
  • Author
Posted

Also by setting - error_reporting(0); in your code, any php detected errors won't be reported anyway.

 

I forgot that was in the code :-\ Thanks for that!

 

Also scootstah.... Thank you VERY MUCH for your help and explanation. I have used includes and templates in CF so I understand now what you were talking about.

 

I appreciate all the help from this board.

 

Thank you both again!

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.