Jump to content

Possible query issue?

andy_b_1502

By andy_b_1502
in PHP Coding Help

 Share

Recommended Posts

andy_b_1502 Regular Member

andy_b_1502

Posted
Posted

Hi everyone...

 

My script register01.php isnt working as expected, it should take variables from register00.php and insert them into the db. It is currently re-loading itself and not inserting, could you take a look at this for me:

 

register00.php

 

<form enctype="multipart/form-data" method="post" action="register01.php">
<table width="316" height="120" border="0"> 
<tr><td colspan=2><h1>Register/Sign Up</h1></td></tr> 
<tr><td>Company Name:</td><td> 
<input name="company_name" type="text" id="company_name">
</td></tr>
<tr><td>Contact Name:</td><td> 
<input name="contact_name" type="text" id="contact_name">
</td></tr>
<tr><td>Contact Number:</td><td> 
<input name="phone" type="number" id="phone" value="incl. area code">
</td></tr>
<tr><td>Address line 1:</td><td> 
<input name="street1" type="text" id="street1">
</td></tr>
<tr><td>Address line 2:</td><td> 
<input name="street2" type="text" id="street1">
</td></tr>
<tr><td>Area:</td><td> 
<input name="location" type="text" id="location">
</td></tr>
<tr><td>City:</td><td> 
<input name="city" type="text" id="city">
</td></tr>
<tr><td>Postcode:</td><td> 
<input name="postcode" type="text" id="postcode">
</td></tr>
<tr><td>Username:</td><td> 
<input name="username" type="text" id="username">
</td></tr> 
<tr><td>Password:</td><td> 
<input name="password" type="password" class="style7" id="password"> 
</td></tr> 
<tr><td>Email:</td><td> 
<input name="email" type="text" class="style7" id="email">
</td></tr> 
<tr><td>Company Logo:</td><td> 
<input name="upload" type="file" class="style7" id="upload">
</td></tr>
<tr><td>Company Description:</td><td> 
<textarea rows="20" cols="50" name="premiumuser_description" id="premiumuser_description"></textarea>
</td></tr>
<tr><td>
<input name="Submit" type="submit" value="Register" /> 
</td></tr> 
</table>

 

register01.php

 

<?PHP
session_start();
include('db.php');
/* set some validation variables */
$error_message = "";

/* DEFINE THE FUNCTION */
/* ============================================== */
/* ============================================== */
/* DO NOT MODIFY THIS FUNCTION */
function Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path) {
$s_path = trim($s_path);
$o_path = trim($o_path);
$save = $s_path . $save;
$file = $o_path . $file;
$ext = strtolower(end(explode('.',$save)));
list($width, $height) = getimagesize($file) ; 
if(($width>$t_w) OR ($height>$t_h)) {
	$r1 = $t_w/$width;
	$r2 = $t_h/$height;
	if($r1<$r2) {
	  $size = $t_w/$width;
	}else{
	  $size = $t_h/$height;
	}
}else{
	$size=1;
}
$modwidth = $width * $size; 
$modheight = $height * $size; 
$tn = imagecreatetruecolor($modwidth, $modheight) ; 
switch ($ext) {
	case 'jpg':
	case 'jpeg':
				$image = imagecreatefromjpeg($file) ; 
	break;
	case 'gif':
				$image = imagecreatefromgif($file) ; 
	break;
	case 'png':
				$image = imagecreatefrompng($file) ; 
	break;
}
imagecopyresampled($tn, $image, 0, 0, 0, 0, $modwidth, $modheight, $width, $height) ; 
imagejpeg($tn, $save, 100) ; 
return;
}
/* 		END OF RESIZE FUNCTION */

//This is the directory where images will be saved 
$target = "/home/users/web/b109/ipg.removalspacecom/images/COMPANIES/"; 
$target = $target . basename( $_FILES['upload']['name']); 

// Connects to your Database 
session_start();
include ('db.php');

//This gets all the other information from the form 
/* ============================================== */
/* ============================================== */
/* YOU NEED TO DO SOME VALIDATION AND SANITIZING OF YOUR FORM DATA */


if((!isset($_POST['company_name'])) || (strlen(trim($_POST['company_name'])) <5) || (trim($_POST['company_name']) != 
preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", 
trim($_POST['company_name'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid company name<br>";
$error_message = $error_message . "Valid names  are min 5 characters and use letters, numbers and underscores only.<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['company_name'] . "</font><hr>";
}
/* END validating company_name */
/* =============================================== */

if((!isset($_POST['contact_name'])) || (strlen(trim($_POST['contact_name'])) <5) || (trim($_POST['contact_name']) != 
preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", 
trim($_POST['contact_name'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid contact name<br>";
$error_message = $error_message . "Valid names  are min 5 characters and use letters, numbers and underscores only.<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['contact_name'] . "</font><hr>";
}
/* END validating contact_name */
/* =============================================== */



if((!isset($_POST['phone'])) || (strlen(trim($_POST['phone'])) <5) || (trim($_POST['phone']) != preg_replace("/[^0-9\s\-\_]/", "", trim($_POST['phone'])))) {
/* if it is NOT set, then set the error variable and start building the error message */
$error_message = $error_message . "You must enter a valid phone<br>";
$error_message = $error_message . "Valid phones are min 5 characters and use letters, numbers and underscores only.<br>";
$error_message = $error_message . 'Your invalid phone was: <font color="red">' . $_POST['phone'] . "</font><hr>";
}else{
$phone = trim($_POST['phone']);
}

/* END validating phone */
/* =============================================== */

/* =============================================== */
/* validating the email */
/* create a function */
function validateEmailAddress($email) {
return filter_var($email, FILTER_VALIDATE_EMAIL) && preg_match('/@.+\./', $email);
}
if(!isset($_POST['email']) || validateEmailAddress($_POST['email']) !=1) {
$error_message = $error_message . "You must enter a valid email address<br>";
$error_message = $error_message . 'The invalid email was: <font color="red">' . $_POST['email'] . "</font><hr>";
}
/* END validating email */
/* =============================================== */

if((!isset($_POST['street1'])) || (strlen(trim($_POST['street1'])) <5) || (trim($_POST['street1']) != 
preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", 
trim($_POST['street1'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid address<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['street1'] . "</font><hr>";
}
/* END validating street1 */
/* =============================================== */

if((!isset($_POST['street2'])) || (strlen(trim($_POST['street2'])) <5) || (trim($_POST['street2']) != 
preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", 
trim($_POST['street2'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid address<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['street2'] . "</font><hr>";
}
/* END validating street2 */
/* =============================================== */

if((!isset($_POST['premiumuser_description'])) || (strlen(trim($_POST['premiumuser_description'])) <5) || (trim($_POST['premiumuser_description']) != 
preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", 
trim($_POST['premiumuser_description'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid address<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['premiumuser_description'] . "</font><hr>";
}
/* END validating premiumuser_description */
/* =============================================== *


/* =============================================== */
/*
this section of code will set up an error message for the
username if ANY of the conditions occur
1) checks to see if $_POST['username'] is NOT set
2) if length of username is less than 5
3) if username has anything other than letter, numbers or underscores
*/
if((!isset($_POST['username'])) || (strlen(trim($_POST['username'])) <5) || (trim($_POST['username']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['username'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid username<br>";
$error_message = $error_message . "Valid names  are min 5 characters and use letters, numbers and underscores only.<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['username'] . "</font><hr>";
}
/* END validating username */
/* =============================================== */


/* =============================================== */
/*
this section of code will set up an error message for the
password if ANY of the conditions occur
1) checks to see if $_POST['upassword'] is NOT set
2) if length of upassword is less than 5
3) if upassword has anything other than letter, numbers or underscores
*/
if((!isset($_POST['password'])) || (strlen(trim($_POST['password'])) <5) || (trim($_POST['password']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['password'])))) {
/* if it is NOT set, then set the error variable and start building the error message */
$error_message = $error_message . "You must enter a valid password<br>";
$error_message = $error_message . "Valid passwords are min 5 characters and use letters, numbers and underscores only.<br>";
$error_message = $error_message . 'Your invalid password was: <font color="red">' . $_POST['password'] . "</font><hr>";
}else{
$password = trim($_POST['password']);
}
/* END validating password */
/* =============================================== */

/* =============================================== */
/* check to see if username is already taken */
$username = mysql_real_escape_string(trim($_POST['username']));
$query1 = "SELECT username from companies WHERE username = '$username'";
$result1 = mysql_query($query1)  or die(mysql_error());
$count = mysql_num_rows($result1);
if($count>0) {
$error_message = $error_message . 'The username: <font color="red">' . $_POST['username'] . "</font> is taken.<hr>";
}

/* =============================================== */
/* if any of the post variables are invalid */
/* set the session variable and send back to the form page */
if(strlen(trim($error_message))>0) {
$_SESSION['error_message'] =$error_message;
header("Location: register00.php");
exit();
}
/* =============================================== */

$uploadDir = 'images/COMPANIES'; /* main picture folder */
$max_height = 450;	/* 	largest height you allowed; 0 means any */
$max_width = 450; /*  largest width you allowed; 0 means any */
$max_file = 2000000;  /*  set the max file size in bytes */
$image_overwrite = 1;	 /* 0 means overwite; 1 means new name */
/* add or delete allowed image types */
$allowed_type01 = array(	"image/gif", 	"image/pjpeg", "image/jpeg", 	"image/png", "image/x-png", "image/jpg");
$do_thumb = 1;	 /*  1 make thumbnails; 0 means do NOT make */
$thumbDir = "/images/thumbs";  /*  thumbnail folder */
$thumb_prefix = "";  /*  prefix for thumbnails */
$thumb_width = 90; /*  max thumb width */
$thumb_height = 70;	// max thumb height

//Writes the photo to the server 
if(move_uploaded_file($_FILES['upload']['tmp_name'], $target)) { 
/* HERE IS WHERE WE WILL DO THE ACTUAL RESIZING */ 
/* ============================================== */
/* ============================================== */
/* THESE SIX PARAMETERS MAY BE CHANGED TO SUIT YOUR NEEDS */
$o_path ="images/COMPANIES/";
$s_path = "images/thumbs/";
$file = $upload;
$save = $file;
$t_w = 200;
$t_h = 150;
/* ============================================== */
/* ============================================== */
/* DO NOT CHANGE THIS NEXT LINE */
Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path);

 //Tells you if its all ok 
/* ============================================== */
/* ============================================== */
/* PROVIDE A WAY FOR THEM TO GO SOMWHERE */
echo "The file ". $file . " has been uploaded, and your information has been added to the directory"; 

}else { 
//Gives and error if its not 
/* ============================================== */
/* ============================================== */
/* PROVIDE A WAY FOR THEM TO GO SOMWHERE */
echo "Sorry, there was a problem uploading your file."; 
}




/* =============================================== */
/* PREPARE DATA FOR INSERTION INTO TABLE */
/* FUNCTION TO CREATE SALT */
function createSalt() {
$string = md5(uniqid(rand(), true));
return substr($string, 0, 3);
}


//Writes the information to the database 
/* ============================================== */
/* ============================================== */
/* 
ALWAYS WRITE YOUR QUERIES AS STRINGS
THAT WAY WHEN TESTING, YOU CAN MAKE
SURE THAT THE VALUES CONTAIN WHAT YOU EXPECT
*/

  
$salt = createsalt();
$passwod = trim($_POST['password']);
$hash = hash('sha256', $salt, $password);
$approved = 0;
$username = mysql_real_escape_string(trim($_POST['username']));
$email = mysql_real_escape_string(trim($_POST['email']));
$query ="INSERT INTO `companies` (company_name, contact_name, location, postcode, street1, street2, city, phone, email, basicpackage_description, premiumuser_description, password, salt, approved, upload) VALUES ('$company_name', '$contact_name', '$location', '$postcode', '$street1', '$street2', '$city', '$phone', '$email', '$basicpackage_description', '$premiumuser_description', '$password', '$salt', '$approved', '$upload')";
$result = mysql_query($query) or die(mysql_error()); 
/* =============================================== */

/*
at this point we can send an email to the admin as well
as the user. 
DO NOT send the user's password to ANYONE!!!!
*/
?>
Thank you for registering.<br>;
Your account will be approved and activated within 24 hours.<br><br>
Click here to return to the <a href="index.php">main page</a>.

Link to comment
Share on other sites
  • Replies 60
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

andy_b_1502 Regular Member

andy_b_1502

Posted
  • Author
Posted

Any ideas guys?

 

<?PHP
session_start();
include('db.php');
/* set some validation variables */
$error_message = "";

/* DEFINE THE FUNCTION */
/* ============================================== */
/* ============================================== */
/* DO NOT MODIFY THIS FUNCTION */
function Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path) {
$s_path = trim($s_path);
$o_path = trim($o_path);
$save = $s_path . $save;
$file = $o_path . $file;
$ext = strtolower(end(explode('.',$save)));
list($width, $height) = getimagesize($file) ; 
if(($width>$t_w) OR ($height>$t_h)) {
	$r1 = $t_w/$width;
	$r2 = $t_h/$height;
	if($r1<$r2) {
	  $size = $t_w/$width;
	}else{
	  $size = $t_h/$height;
	}
}else{
	$size=1;
}
$modwidth = $width * $size; 
$modheight = $height * $size; 
$tn = imagecreatetruecolor($modwidth, $modheight) ; 
switch ($ext) {
	case 'jpg':
	case 'jpeg':
				$image = imagecreatefromjpeg($file) ; 
	break;
	case 'gif':
				$image = imagecreatefromgif($file) ; 
	break;
	case 'png':
				$image = imagecreatefrompng($file) ; 
	break;
}
imagecopyresampled($tn, $image, 0, 0, 0, 0, $modwidth, $modheight, $width, $height) ; 
imagejpeg($tn, $save, 100) ; 
return;
}
/* 		END OF RESIZE FUNCTION */

//This is the directory where images will be saved 
$target = "/home/users/web/b109/ipg.removalspacecom/images/COMPANIES/"; 
$target = $target . basename( $_FILES['upload']['name']); 

// Connects to your Database 
session_start();
include ('db.php');

//This gets all the other information from the form 
/* ============================================== */
/* ============================================== */
/* YOU NEED TO DO SOME VALIDATION AND SANITIZING OF YOUR FORM DATA */


if((!isset($_POST['company_name'])) || (strlen(trim($_POST['company_name'])) <5) || (trim($_POST['company_name']) != 
preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", 
trim($_POST['company_name'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid company name<br>";
$error_message = $error_message . "Valid names  are min 5 characters and use letters, numbers and underscores only.<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['company_name'] . "</font><hr>";
}
/* END validating company_name */
/* =============================================== */

if((!isset($_POST['contact_name'])) || (strlen(trim($_POST['contact_name'])) <5) || (trim($_POST['contact_name']) != 
preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", 
trim($_POST['contact_name'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid contact name<br>";
$error_message = $error_message . "Valid names  are min 5 characters and use letters, numbers and underscores only.<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['contact_name'] . "</font><hr>";
}
/* END validating contact_name */
/* =============================================== */



if((!isset($_POST['phone'])) || (strlen(trim($_POST['phone'])) <5) || (trim($_POST['phone']) != preg_replace("/[^0-9\s\-\_]/", "", trim($_POST['phone'])))) {
/* if it is NOT set, then set the error variable and start building the error message */
$error_message = $error_message . "You must enter a valid phone<br>";
$error_message = $error_message . "Valid phones are min 5 characters and use letters, numbers and underscores only.<br>";
$error_message = $error_message . 'Your invalid phone was: <font color="red">' . $_POST['phone'] . "</font><hr>";
}else{
$phone = trim($_POST['phone']);
}

/* END validating phone */
/* =============================================== */

/* =============================================== */
/* validating the email */
/* create a function */
function validateEmailAddress($email) {
return filter_var($email, FILTER_VALIDATE_EMAIL) && preg_match('/@.+\./', $email);
}
if(!isset($_POST['email']) || validateEmailAddress($_POST['email']) !=1) {
$error_message = $error_message . "You must enter a valid email address<br>";
$error_message = $error_message . 'The invalid email was: <font color="red">' . $_POST['email'] . "</font><hr>";
}
/* END validating email */
/* =============================================== */

if((!isset($_POST['street1'])) || (strlen(trim($_POST['street1'])) <5) || (trim($_POST['street1']) != 
preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", 
trim($_POST['street1'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid address<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['street1'] . "</font><hr>";
}
/* END validating street1 */
/* =============================================== */

if((!isset($_POST['street2'])) || (strlen(trim($_POST['street2'])) <5) || (trim($_POST['street2']) != 
preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", 
trim($_POST['street2'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid address<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['street2'] . "</font><hr>";
}
/* END validating street2 */
/* =============================================== */

if((!isset($_POST['premiumuser_description'])) || (strlen(trim($_POST['premiumuser_description'])) <5) || (trim($_POST['premiumuser_description']) != 
preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", 
trim($_POST['premiumuser_description'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid address<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['premiumuser_description'] . "</font><hr>";
}
/* END validating premiumuser_description */
/* =============================================== *


/* =============================================== */
/*
this section of code will set up an error message for the
username if ANY of the conditions occur
1) checks to see if $_POST['username'] is NOT set
2) if length of username is less than 5
3) if username has anything other than letter, numbers or underscores
*/
if((!isset($_POST['username'])) || (strlen(trim($_POST['username'])) <5) || (trim($_POST['username']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['username'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid username<br>";
$error_message = $error_message . "Valid names  are min 5 characters and use letters, numbers and underscores only.<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['username'] . "</font><hr>";
}
/* END validating username */
/* =============================================== */


/* =============================================== */
/*
this section of code will set up an error message for the
password if ANY of the conditions occur
1) checks to see if $_POST['upassword'] is NOT set
2) if length of upassword is less than 5
3) if upassword has anything other than letter, numbers or underscores
*/
if((!isset($_POST['password'])) || (strlen(trim($_POST['password'])) <5) || (trim($_POST['password']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['password'])))) {
/* if it is NOT set, then set the error variable and start building the error message */
$error_message = $error_message . "You must enter a valid password<br>";
$error_message = $error_message . "Valid passwords are min 5 characters and use letters, numbers and underscores only.<br>";
$error_message = $error_message . 'Your invalid password was: <font color="red">' . $_POST['password'] . "</font><hr>";
}else{
$password = trim($_POST['password']);
}
/* END validating password */
/* =============================================== */

/* =============================================== */
/* check to see if username is already taken */
$username = mysql_real_escape_string(trim($_POST['username']));
$query1 = "SELECT username from companies WHERE username = '$username'";
$result1 = mysql_query($query1)  or die(mysql_error());
$count = mysql_num_rows($result1);
if($count>0) {
$error_message = $error_message . 'The username: <font color="red">' . $_POST['username'] . "</font> is taken.<hr>";
}

/* =============================================== */
/* if any of the post variables are invalid */
/* set the session variable and send back to the form page */
if(strlen(trim($error_message))>0) {
$_SESSION['error_message'] =$error_message;
header("Location: register00.php");
exit();
}
/* =============================================== */

$uploadDir = 'images/COMPANIES'; /* main picture folder */
$max_height = 450;	/* 	largest height you allowed; 0 means any */
$max_width = 450; /*  largest width you allowed; 0 means any */
$max_file = 2000000;  /*  set the max file size in bytes */
$image_overwrite = 1;	 /* 0 means overwite; 1 means new name */
/* add or delete allowed image types */
$allowed_type01 = array(	"image/gif", 	"image/pjpeg", "image/jpeg", 	"image/png", "image/x-png", "image/jpg");
$do_thumb = 1;	 /*  1 make thumbnails; 0 means do NOT make */
$thumbDir = "/images/thumbs";  /*  thumbnail folder */
$thumb_prefix = "";  /*  prefix for thumbnails */
$thumb_width = 90; /*  max thumb width */
$thumb_height = 70;	// max thumb height

//Writes the photo to the server 
if(move_uploaded_file($_FILES['upload']['tmp_name'], $target)) { 
/* HERE IS WHERE WE WILL DO THE ACTUAL RESIZING */ 
/* ============================================== */
/* ============================================== */
/* THESE SIX PARAMETERS MAY BE CHANGED TO SUIT YOUR NEEDS */
$o_path ="images/COMPANIES/";
$s_path = "images/thumbs/";
$file = $upload;
$save = $file;
$t_w = 200;
$t_h = 150;
/* ============================================== */
/* ============================================== */
/* DO NOT CHANGE THIS NEXT LINE */
Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path);

 //Tells you if its all ok 
/* ============================================== */
/* ============================================== */
/* PROVIDE A WAY FOR THEM TO GO SOMWHERE */
echo "The file ". $file . " has been uploaded, and your information has been added to the directory"; 

}else { 
//Gives and error if its not 
/* ============================================== */
/* ============================================== */
/* PROVIDE A WAY FOR THEM TO GO SOMWHERE */
echo "Sorry, there was a problem uploading your file."; 
}




/* =============================================== */
/* PREPARE DATA FOR INSERTION INTO TABLE */
/* FUNCTION TO CREATE SALT */
function createSalt() {
$string = md5(uniqid(rand(), true));
return substr($string, 0, 3);
}


//Writes the information to the database 
/* ============================================== */
/* ============================================== */
/* 
ALWAYS WRITE YOUR QUERIES AS STRINGS
THAT WAY WHEN TESTING, YOU CAN MAKE
SURE THAT THE VALUES CONTAIN WHAT YOU EXPECT
*/

  
$salt = createsalt();
$passwod = trim($_POST['password']);
$hash = hash('sha256', $salt, $password);
$approved = 0;
$username = mysql_real_escape_string(trim($_POST['username']));
$email = mysql_real_escape_string(trim($_POST['email']));
$query ="INSERT INTO `companies` (company_name, contact_name, location, postcode, street1, street2, city, phone, email, basicpackage_description, premiumuser_description, password, salt, approved, upload) VALUES ('$company_name', '$contact_name', '$location', '$postcode', '$street1', '$street2', '$city', '$phone', '$email', '$basicpackage_description', '$premiumuser_description', '$password', '$salt', '$approved', '$upload')";
$result = mysql_query($query) or die(mysql_error()); 
/* =============================================== */

/*
at this point we can send an email to the admin as well
as the user. 
DO NOT send the user's password to ANYONE!!!!
*/
?>

Link to comment
Share on other sites
dragon_sa Member

dragon_sa

Posted
Posted

try removing  the ticks from the table name

 

$query ="INSERT INTO companies (company_name, contact_name, location, postcode, street1, street2, city, phone, email, basicpackage_description, premiumuser_description, password, salt, approved, upload) VALUES ('$company_name', '$contact_name', '$location', '$postcode', '$street1', '$street2', '$city', '$phone', '$email', '$basicpackage_description', '$premiumuser_description', '$password', '$salt', '$approved', '$upload')";

Link to comment
Share on other sites
andy_b_1502 Regular Member

andy_b_1502

Posted
  • Author
Posted

Thanks, but that hasn't worked?

 

not sure whats wrong with it.

 

<?php
$query ="INSERT INTO companies (company_name, contact_name, location, postcode, street1, street2, city, phone, email, basicpackage_description, premiumuser_description, password, salt, approved, upload) 
VALUES ('$company_name', '$contact_name', '$location', '$postcode', '$street1', '$street2', '$city', '$phone', '$email', '$basicpackage_description', '$premiumuser_description', '$password', '$salt', '$approved', '$upload')";
$result = mysql_query($query) or die(mysql_error()); 
?>

Link to comment
Share on other sites
andy_b_1502 Regular Member

andy_b_1502

Posted
  • Author
Posted

Its not doing anything so im guessing its not liking some of the variables or something?

 

Its just reloading to the register form.

 

<?php
$query ="INSERT INTO companies (company_name, contact_name, location, postcode, street1, street2, city, phone, email, basicpackage_description, premiumuser_description, password, salt, approved, upload) 
VALUES ('$company_name', '$contact_name', '$location', '$postcode', '$street1', '$street2', '$city', '$phone', '$email', '$basicpackage_description', '$premiumuser_description', '$password', '$salt', '$approved', '$upload')";
$result = mysql_query($query) or die(mysql_error());
echo "$query"; 
?>

Link to comment
Share on other sites
Drummin Member

Drummin

Posted
Posted

andy_b_1502

jesirose was making an opinion on my code regarding echoing out the $_SESSION['error_message'] code.

 

As far as debugging, you should modify the section that has the header redirect back to the form.  This will comment out current section and echo errors.

/*
if(strlen(trim($error_message))>0) {
$_SESSION['error_message'] =$error_message;
header("Location: register00.php");
exit();
}
*/

if(strlen(trim($error_message))>0) {
echo $error_message;
}

Link to comment
Share on other sites
andy_b_1502 Regular Member

andy_b_1502

Posted
  • Author
Posted

Revised register01.php

 

it still doesn't add to the db

 

<?PHP
session_start();
include('db.php');
/* set some validation variables */
$error_message = "";

/* DEFINE THE FUNCTION */
/* ============================================== */
/* ============================================== */
/* DO NOT MODIFY THIS FUNCTION */
function Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path) {
$s_path = trim($s_path);
$o_path = trim($o_path);
$save = $s_path . $save;
$file = $o_path . $file;
$ext = strtolower(end(explode('.',$save)));
list($width, $height) = getimagesize($file) ; 
if(($width>$t_w) OR ($height>$t_h)) {
	$r1 = $t_w/$width;
	$r2 = $t_h/$height;
	if($r1<$r2) {
	  $size = $t_w/$width;
	}else{
	  $size = $t_h/$height;
	}
}else{
	$size=1;
}
$modwidth = $width * $size; 
$modheight = $height * $size; 
$tn = imagecreatetruecolor($modwidth, $modheight) ; 
switch ($ext) {
	case 'jpg':
	case 'jpeg':
				$image = imagecreatefromjpeg($file) ; 
	break;
	case 'gif':
				$image = imagecreatefromgif($file) ; 
	break;
	case 'png':
				$image = imagecreatefrompng($file) ; 
	break;
}
imagecopyresampled($tn, $image, 0, 0, 0, 0, $modwidth, $modheight, $width, $height) ; 
imagejpeg($tn, $save, 100) ; 
return;
}
/* 		END OF RESIZE FUNCTION */

//This is the directory where images will be saved 
$target = "/home/users/web/b109/ipg.removalspacecom/images/COMPANIES/"; 
$target = $target . basename( $_FILES['upload']['name']); 

//This gets all the other information from the form 
/* ============================================== */
/* ============================================== */
/* YOU NEED TO DO SOME VALIDATION AND SANITIZING OF YOUR FORM DATA */

/* DO NOT MODIFY THESE NEXT 4 VARIABLES */
$normal_Pattern = "/[^a-zA-Z0-9\s\-\'\,\.\_\(\)\&\"\!\`\~\!\@\#\$\%\^\*\+\[\]\{\}\:\;\?\/]/";
$username_Pattern = "/[^a-zA-Z0-9\_]/";
$password_Pattern= "/[^a-zA-Z0-9\_]/";
$phone_Pattern= "/[^0-9\s]/";


if((!isset($_POST['company_name'])) || (strlen(trim($_POST['company_name'])) <5) || (trim($_POST['company_name']) != preg_replace($normal_Pattern, "", trim($_POST['company_name'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid company name<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['company_name'] . "</font><hr>";
}else{
$company_name = trim($_POST['company_name']);
}
/* END validating company_name */
/* =============================================== */

if((!isset($_POST['contact_name'])) || (strlen(trim($_POST['contact_name'])) <5) || (trim($_POST['contact_name']) != preg_replace($normal_Pattern, "", trim($_POST['contact_name'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid contact name<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['contact_name'] . "</font><hr>";
}else{
$contact_name = trim($_POST['contact_name']);
}
/* END validating contact_name */
/* =============================================== */

if((!isset($_POST['phone'])) || (strlen(trim($_POST['phone'])) <5) || (trim($_POST['phone']) != preg_replace($phone_Pattern, "", trim($_POST['phone'])))) {
/* if it is NOT set, then set the error variable and start building the error message */
$error_message = $error_message . "You must enter a valid phone<br>";
$error_message = $error_message . 'Your invalid phone was: <font color="red">' . $_POST['phone'] . "</font><hr>";
}else{
$phone = trim($_POST['phone']);
}

/* END validating phone */
/* =============================================== */

/* =============================================== */
/* validating the email */
/* create a function */
function validateEmailAddress($email) {
return filter_var($email, FILTER_VALIDATE_EMAIL) && preg_match('/@.+\./', $email);
}
if(!isset($_POST['email']) || validateEmailAddress($_POST['email']) !=1) {
$error_message = $error_message . "You must enter a valid email address<br>";
$error_message = $error_message . 'The invalid email was: <font color="red">' . $_POST['email'] . "</font><hr>";
}else{
$email = $_POST['email'];
}
/* END validating email */
/* =============================================== */

if((!isset($_POST['street1'])) || (strlen(trim($_POST['street1'])) <5) || (trim($_POST['street1']) != preg_replace($normal_Pattern, "", trim($_POST['street1'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid address<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['street1'] . "</font><hr>";
}else{
$street1 = trim($_POST['street1']);
}
/* END validating street1 */
/* =============================================== */

if((!isset($_POST['street2'])) || (strlen(trim($_POST['street2'])) <5) || (trim($_POST['street2']) != preg_replace($normal_Pattern, "", trim($_POST['street2'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid address<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['street2'] . "</font><hr>";
}else{
$street2 = trim($_POST['street2']);
}
/* END validating street2 */
/* =============================================== */

if((!isset($_POST['premiumuser_description'])) || (strlen(trim($_POST['premiumuser_description'])) <5) || 
(trim($_POST['premiumuser_description']) != preg_replace($normal_Pattern, "", 
trim($_POST['premiumuser_description'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a description<br>" . "<hr>";
}
else{
$premiumuser_description = trim($_POST['premiumuser_description']);
}

/* END validating premiumuser_description */
/* =============================================== */

if((!isset($_POST['basicpackage_description'])) || (strlen(trim($_POST['basicpackage_description'])) <5) || (trim($_POST['basicpackage_description']) != preg_replace($normal_Pattern, "", 
trim($_POST['basicpackage_description'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a description<br>" . "<hr>";
}
else
{
$basicpackage_description = trim($_POST['basicpackage_description']);
}
/* END validating basicpackage_description */
/* =============================================== *

/* =============================================== */
/*
this section of code will set up an error message for the
username if ANY of the conditions occur
1) checks to see if $_POST['username'] is NOT set
2) if length of username is less than 5
3) if username has anything other than letter, numbers or underscores
*/
if((!isset($_POST['username'])) || (strlen(trim($_POST['username'])) <5) || (trim($_POST['username']) != preg_replace($username_Pattern, "", trim($_POST['username'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid username<br>";
$error_message = $error_message . "Valid names  are min 5 characters and use letters, numbers and underscores only.<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['username'] . "</font><hr>";
}
/* END validating username */
/* =============================================== */


/* =============================================== */
/*
this section of code will set up an error message for the
password if ANY of the conditions occur
1) checks to see if $_POST['upassword'] is NOT set
2) if length of upassword is less than 5
3) if upassword has anything other than letter, numbers or underscores
*/
if((!isset($_POST['password'])) || (strlen(trim($_POST['password'])) <5) || (trim($_POST['password']) != preg_replace($pawword_Pattern, "", trim($_POST['password'])))) {
/* if it is NOT set, then set the error variable and start building the error message */
$error_message = $error_message . "You must enter a valid password<br>";
$error_message = $error_message . "Valid passwords are min 5 characters and use letters, numbers and underscores only.<br>";
$error_message = $error_message . 'Your invalid password was: <font color="red">' . $_POST['password'] . "</font><hr>";
}else{
$password = trim($_POST['password']);
}
/* END validating password */
/* =============================================== */

/* =============================================== */
/* check to see if username is already taken */
$username = mysql_real_escape_string(trim($_POST['username']));
$query1 = "SELECT username from companies WHERE username = '$username'";
$result1 = mysql_query($query1)  or die(mysql_error());
$count = mysql_num_rows($result1);
if($count>0) {
$error_message = $error_message . 'The username: <font color="red">' . $_POST['username'] . "</font> is taken.<hr>";
}

/* =============================================== */
/* if any of the post variables are invalid */
/* set the session variable and send back to the form page */
if(strlen(trim($error_message))>0) {
$_SESSION['error_message'] =$error_message;
header("Location: register00.php");
exit();
}
/* =============================================== */

$uploadDir = 'images/COMPANIES'; /* main picture folder */
$max_height = 450;	/* 	largest height you allowed; 0 means any */
$max_width = 450; /*  largest width you allowed; 0 means any */
$max_file = 2000000;  /*  set the max file size in bytes */
$image_overwrite = 1;	 /* 0 means overwite; 1 means new name */
/* add or delete allowed image types */
$allowed_type01 = array(	"image/gif", 	"image/pjpeg", "image/jpeg", 	"image/png", "image/x-png", "image/jpg");
$do_thumb = 1;	 /*  1 make thumbnails; 0 means do NOT make */
$thumbDir = "/images/thumbs";  /*  thumbnail folder */
$thumb_prefix = "";  /*  prefix for thumbnails */
$thumb_width = 90; /*  max thumb width */
$thumb_height = 70;	// max thumb height

//Writes the photo to the server 
if(move_uploaded_file($_FILES['upload']['tmp_name'], $target)) { 
/* HERE IS WHERE WE WILL DO THE ACTUAL RESIZING */ 
/* ============================================== */
/* ============================================== */
/* THESE SIX PARAMETERS MAY BE CHANGED TO SUIT YOUR NEEDS */
$o_path ="images/COMPANIES/";
$s_path = "images/thumbs/";
$file = $upload;
$save = $file;
$t_w = 200;
$t_h = 150;
/* ============================================== */
/* ============================================== */
/* DO NOT CHANGE THIS NEXT LINE */
Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path);

 //Tells you if its all ok 
/* ============================================== */
/* ============================================== */
/* PROVIDE A WAY FOR THEM TO GO SOMWHERE */
echo "The file ". $file . " has been uploaded, and your information has been added to the directory"; 

}else { 
//Gives and error if its not 
/* ============================================== */
/* ============================================== */
/* PROVIDE A WAY FOR THEM TO GO SOMWHERE */
echo "Sorry, there was a problem uploading your file."; 
exit();
}




/* =============================================== */
/* PREPARE DATA FOR INSERTION INTO TABLE */
/* FUNCTION TO CREATE SALT */
function createSalt() {
$string = md5(uniqid(rand(), true));
return substr($string, 0, 3);
}


//Writes the information to the database 
/* ============================================== */
/* ============================================== */
/* 
ALWAYS WRITE YOUR QUERIES AS STRINGS
THAT WAY WHEN TESTING, YOU CAN MAKE
SURE THAT THE VALUES CONTAIN WHAT YOU EXPECT
*/

  
$salt = createsalt();
$password = trim($_POST['password']);
$hash = hash('sha256', $salt, $password);
$approved = 0;
$username = mysql_real_escape_string(trim($_POST['username']));
$email = mysql_real_escape_string(trim($_POST['email']));
$query ="INSERT INTO `companies` (company_name, contact_name, location, postcode, street1, street2, city, phone, email, basicpackage_description, premiumuser_description, password, salt, approved, upload) VALUES ('$company_name', '$contact_name', '$location', '$postcode', '$street1', '$street2', '$city', '$phone', '$email', '$basicpackage_description', '$premiumuser_description', '$password', '$salt', '$approved', '$upload')";
$result = mysql_query($query) or die(mysql_error()); 
/* =============================================== */

/*
at this point we can send an email to the admin as well
as the user. 
DO NOT send the user's password to ANYONE!!!!
*/
?>
Thank you for registering.<br>;
Your account will be approved and activated within 24 hours.<br><br>
Click here to return to the <a href="index.php">main page</a>.

Link to comment
Share on other sites
Jessica Advanced Member

Jessica

Posted
Posted

Okay, here's what I would try. Anywhere you see a "header("Location: register00.php");" you need to comment that out, and kill the script then with die();

 

Do something like

die('Error: '.$error_message);

 

I think you're getting to the redirect because of validation, and need to see where in the process it's falling apart.

Link to comment
Share on other sites
litebearer Member

litebearer

Posted
Posted

Try doing what Drummin said...

andy_b_1502

jesirose was making an opinion on my code regarding echoing out the $_SESSION['error_message'] code.

 

As far as debugging, you should modify the section that has the header redirect back to the form.  This will comment out current section and echo errors.

/*
if(strlen(trim($error_message))>0) {
$_SESSION['error_message'] =$error_message;
header("Location: register00.php");
exit();
}
*/

if(strlen(trim($error_message))>0) {
echo $error_message;
}

Link to comment
Share on other sites
Drummin Member

Drummin

Posted
Posted

Error on processing page.

$password = trim($_POST['password']);
$hash = hash('sha256', $salt, $password);

 

Also, it can be a REAL PAIN for the user to re-enter all values if they mess something up.  Put it all on one page.

Not tested.

<?PHP
session_start();
include('db.php');
/* set some validation variables */	 
if (isset($_POST['Submit'])){
$error_message = "";

/* DEFINE THE FUNCTION */
/* ============================================== */
/* ============================================== */
/* DO NOT MODIFY THIS FUNCTION */
function Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path) {
$s_path = trim($s_path);
$o_path = trim($o_path);
$save = $s_path . $save;
$file = $o_path . $file;
$ext = strtolower(end(explode('.',$save)));
list($width, $height) = getimagesize($file) ; 
if(($width>$t_w) OR ($height>$t_h)) {
	$r1 = $t_w/$width;
	$r2 = $t_h/$height;
	if($r1<$r2) {
	  $size = $t_w/$width;
	}else{
	  $size = $t_h/$height;
	}
}else{
	$size=1;
}
$modwidth = $width * $size; 
$modheight = $height * $size; 
$tn = imagecreatetruecolor($modwidth, $modheight) ; 
switch ($ext) {
	case 'jpg':
	case 'jpeg':
				$image = imagecreatefromjpeg($file) ; 
	break;
	case 'gif':
				$image = imagecreatefromgif($file) ; 
	break;
	case 'png':
				$image = imagecreatefrompng($file) ; 
	break;
}
imagecopyresampled($tn, $image, 0, 0, 0, 0, $modwidth, $modheight, $width, $height) ; 
imagejpeg($tn, $save, 100) ; 
return;
}
/* 		END OF RESIZE FUNCTION */

//This is the directory where images will be saved 
$target = "/home/users/web/b109/ipg.removalspacecom/images/COMPANIES/"; 
$target = $target . basename( $_FILES['upload']['name']); 

// Connects to your Database 
// session_start();
// include ('db.php');

//This gets all the other information from the form 
/* ============================================== */
/* ============================================== */
/* YOU NEED TO DO SOME VALIDATION AND SANITIZING OF YOUR FORM DATA */


if((!isset($_POST['company_name'])) || (strlen(trim($_POST['company_name'])) <5) || (trim($_POST['company_name']) != 
preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", 
trim($_POST['company_name'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid company name<br>";
$error_message = $error_message . "Valid names  are min 5 characters and use letters, numbers and underscores only.<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['company_name'] . "</font><hr>";
}
/* END validating company_name */
/* =============================================== */

if((!isset($_POST['contact_name'])) || (strlen(trim($_POST['contact_name'])) <5) || (trim($_POST['contact_name']) != 
preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", 
trim($_POST['contact_name'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid contact name<br>";
$error_message = $error_message . "Valid names  are min 5 characters and use letters, numbers and underscores only.<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['contact_name'] . "</font><hr>";
}
/* END validating contact_name */
/* =============================================== */



if((!isset($_POST['phone'])) || (strlen(trim($_POST['phone'])) <5) || (trim($_POST['phone']) != preg_replace("/[^0-9\s\-\_]/", "", trim($_POST['phone'])))) {
/* if it is NOT set, then set the error variable and start building the error message */
$error_message = $error_message . "You must enter a valid phone<br>";
$error_message = $error_message . "Valid phones are min 5 characters and use letters, numbers and underscores only.<br>";
$error_message = $error_message . 'Your invalid phone was: <font color="red">' . $_POST['phone'] . "</font><hr>";
}else{
$phone = trim($_POST['phone']);
}

/* END validating phone */
/* =============================================== */

/* =============================================== */
/* validating the email */
/* create a function */
function validateEmailAddress($email) {
return filter_var($email, FILTER_VALIDATE_EMAIL) && preg_match('/@.+\./', $email);
}
if(!isset($_POST['email']) || validateEmailAddress($_POST['email']) !=1) {
$error_message = $error_message . "You must enter a valid email address<br>";
$error_message = $error_message . 'The invalid email was: <font color="red">' . $_POST['email'] . "</font><hr>";
}
/* END validating email */
/* =============================================== */

if((!isset($_POST['street1'])) || (strlen(trim($_POST['street1'])) <5) || (trim($_POST['street1']) != 
preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", 
trim($_POST['street1'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid address<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['street1'] . "</font><hr>";
}
/* END validating street1 */
/* =============================================== */

if((!isset($_POST['street2'])) || (strlen(trim($_POST['street2'])) <5) || (trim($_POST['street2']) != 
preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", 
trim($_POST['street2'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid address<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['street2'] . "</font><hr>";
}
/* END validating street2 */
/* =============================================== */

if((!isset($_POST['premiumuser_description'])) || (strlen(trim($_POST['premiumuser_description'])) <5) || (trim($_POST['premiumuser_description']) != 
preg_replace("/[^a-zA-Z0-9\s\-\'\,\.\_]/", "", 
trim($_POST['premiumuser_description'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid address<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['premiumuser_description'] . "</font><hr>";
}
/* END validating premiumuser_description */
/* =============================================== *


/* =============================================== */
/*
this section of code will set up an error message for the
username if ANY of the conditions occur
1) checks to see if $_POST['username'] is NOT set
2) if length of username is less than 5
3) if username has anything other than letter, numbers or underscores
*/
if((!isset($_POST['username'])) || (strlen(trim($_POST['username'])) <5) || (trim($_POST['username']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['username'])))) {
/* if username is bad start building the error message */
$error_message = "You must enter a valid username<br>";
$error_message = $error_message . "Valid names  are min 5 characters and use letters, numbers and underscores only.<br>";
$error_message = $error_message . 'Your invalid name was: <font color="red">' . $_POST['username'] . "</font><hr>";
}
/* END validating username */
/* =============================================== */


/* =============================================== */
/*
this section of code will set up an error message for the
password if ANY of the conditions occur
1) checks to see if $_POST['upassword'] is NOT set
2) if length of upassword is less than 5
3) if upassword has anything other than letter, numbers or underscores
*/
if((!isset($_POST['password'])) || (strlen(trim($_POST['password'])) <5) || (trim($_POST['password']) != preg_replace("/[^a-zA-Z0-9\_]/", "", trim($_POST['password'])))) {
/* if it is NOT set, then set the error variable and start building the error message */
$error_message = $error_message . "You must enter a valid password<br>";
$error_message = $error_message . "Valid passwords are min 5 characters and use letters, numbers and underscores only.<br>";
$error_message = $error_message . 'Your invalid password was: <font color="red">' . $_POST['password'] . "</font><hr>";
}else{
$password = trim($_POST['password']);
}
/* END validating password */
/* =============================================== */

/* =============================================== */
/* check to see if username is already taken */
$username = mysql_real_escape_string(trim($_POST['username']));

$query1 = "SELECT username from companies WHERE username = '$username'";
$result1 = mysql_query($query1)  or die(mysql_error());
$count = mysql_num_rows($result1);
if($count>0) {
$error_message = $error_message . 'The username: <font color="red">' . $_POST['username'] . "</font> is taken.<hr>";
}

/* =============================================== */
/* if any of the post variables are invalid */
/* set the session variable and send back to the form page */
/*
NOT USED IN THIS EXAMPLE
if(strlen(trim($error_message))>0) {
$_SESSION['error_message'] =$error_message;
//	header("Location: register00.php");
//	exit();
}
*/
/* =============================================== */

$uploadDir = 'images/COMPANIES'; /* main picture folder */
$max_height = 450;	/* 	largest height you allowed; 0 means any */
$max_width = 450; /*  largest width you allowed; 0 means any */
$max_file = 2000000;  /*  set the max file size in bytes */
$image_overwrite = 1;	 /* 0 means overwite; 1 means new name */
/* add or delete allowed image types */
$allowed_type01 = array(	"image/gif", 	"image/pjpeg", "image/jpeg", 	"image/png", "image/x-png", "image/jpg");
$do_thumb = 1;	 /*  1 make thumbnails; 0 means do NOT make */
$thumbDir = "/images/thumbs";  /*  thumbnail folder */
$thumb_prefix = "";  /*  prefix for thumbnails */
$thumb_width = 90; /*  max thumb width */
$thumb_height = 70;	// max thumb height

//Writes the photo to the server 
if(move_uploaded_file($_FILES['upload']['tmp_name'], $target)) { 
/* HERE IS WHERE WE WILL DO THE ACTUAL RESIZING */ 
/* ============================================== */
/* ============================================== */
/* THESE SIX PARAMETERS MAY BE CHANGED TO SUIT YOUR NEEDS */
$o_path ="images/COMPANIES/";
$s_path = "images/thumbs/";
$file = $upload;
$save = $file;
$t_w = 200;
$t_h = 150;
/* ============================================== */
/* ============================================== */
/* DO NOT CHANGE THIS NEXT LINE */
Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path);

 //Tells you if its all ok 
/* ============================================== */
/* ============================================== */
/* PROVIDE A WAY FOR THEM TO GO SOMWHERE */
echo "The file ". $file . " has been uploaded, and your information has been added to the directory"; 

}else { 
//Gives and error if its not 
/* ============================================== */
/* ============================================== */
/* PROVIDE A WAY FOR THEM TO GO SOMWHERE */
echo "Sorry, there was a problem uploading your file."; 
}




/* =============================================== */
/* PREPARE DATA FOR INSERTION INTO TABLE */
/* FUNCTION TO CREATE SALT */
function createSalt() {
$string = md5(uniqid(rand(), true));
return substr($string, 0, 3);
}


//Writes the information to the database 
/* ============================================== */
/* ============================================== */
/* 
ALWAYS WRITE YOUR QUERIES AS STRINGS
THAT WAY WHEN TESTING, YOU CAN MAKE
SURE THAT THE VALUES CONTAIN WHAT YOU EXPECT
*/

if(empty($error_message)){  
$salt = createsalt();
$password = trim($_POST['password']);
$hash = hash('sha256', $salt, $password);
$approved = 0;

$username = mysql_real_escape_string(trim($_POST['username']));
$email = mysql_real_escape_string(trim($_POST['email']));
$query ="INSERT INTO `companies` (company_name, contact_name, location, postcode, street1, street2, city, phone, email, basicpackage_description, premiumuser_description, password, salt, approved, upload) VALUES ('$company_name', '$contact_name', '$location', '$postcode', '$street1', '$street2', '$city', '$phone', '$email', '$basicpackage_description', '$premiumuser_description', '$password', '$salt', '$approved', '$upload')";
$result = mysql_query($query) or die(mysql_error()); 
}//if(empty($error_message))
/* =============================================== */

/*
at this point we can send an email to the admin as well
as the user. 
DO NOT send the user's password to ANYONE!!!!
*/
}//if (isset($_POST['submit']))
?>

<html>
<body>
<?php
if (!empty($error_message)){ echo $error_message; }
?>
<form enctype="multipart/form-data" method="post" action="register00.php">
<table width="316" height="120" border="0"> 
<tr><td colspan=2><h1>Register/Sign Up</h1></td></tr> 
<tr><td>Company Name:</td><td> 
<input name="company_name" type="text" id="company_name" value="<?php
if (isset($_POST['company_name'])){ echo $_POST['company_name']; } ?>" />
</td></tr>
<tr><td>Contact Name:</td><td> 
<input name="contact_name" type="text" id="contact_name" value="<?php
if (isset($_POST['contact_name'])){ echo $_POST['contact_name']; } ?>" />
</td></tr>
<tr><td>Contact Number:</td><td> 
<input name="phone" type="number" id="phone" value="<?php
if (isset($_POST['phone'])){ echo $_POST['phone']; }else{ echo "incl. area code";} ?>" />
</td></tr>
<tr><td>Address line 1:</td><td> 
<input name="street1" type="text" id="street1" value="<?php
if (isset($_POST['street1'])){ echo $_POST['street1']; } ?>" />
</td></tr>
<tr><td>Address line 2:</td><td> 
<input name="street2" type="text" id="street1" value="<?php
if (isset($_POST['street2'])){ echo $_POST['street2']; } ?>" />
</td></tr>
<tr><td>Area:</td><td> 
<input name="location" type="text" id="location" value="<?php
if (isset($_POST['location'])){ echo $_POST['location']; } ?>" />
</td></tr>
<tr><td>City:</td><td> 
<input name="city" type="text" id="city" value="<?php
if (isset($_POST['city'])){ echo $_POST['city']; } ?>" />
</td></tr>
<tr><td>Postcode:</td><td> 
<input name="postcode" type="text" id="postcode" value="<?php
if (isset($_POST['postcode'])){ echo $_POST['postcode']; } ?>" />
</td></tr>
<tr><td>Username:</td><td> 
<input name="username" type="text" id="username" value="<?php
if (isset($_POST['username'])){ echo $_POST['username']; } ?>" />
</td></tr> 
<tr><td>Password:</td><td> 
<input name="password" type="password" class="style7" id="password" value="<?php
if (isset($_POST['password'])){ echo $_POST['password']; } ?>" /> 
</td></tr> 
<tr><td>Email:</td><td> 
<input name="email" type="text" class="style7" id="email" value="<?php
if (isset($_POST['email'])){ echo $_POST['email']; } ?>" />
</td></tr> 
<tr><td>Company Logo:</td><td> 
<input name="upload" type="file" class="style7" id="upload">
</td></tr>
<tr><td>Company Description:</td><td> 
<textarea rows="20" cols="50" name="premiumuser_description" id="premiumuser_description"><?php
if (isset($_POST['premiumuser_description'])){ echo $_POST['premiumuser_description']; } ?></textarea>
</td></tr>
<tr><td>
<input name="Submit" type="submit" value="Register" /> 
</td></tr> 
</table> 

</body>
</html>

Link to comment
Share on other sites
Jessica Advanced Member

Jessica

Posted
Posted

Aside...

Jes, how far from the storm were you?

We had to hide in the breakroom at work. Out of the 13 tornadoes that touched down, the worst were about 1.5 hours away. Which just illustrates how freaking huge DFW is. Where I am only got rain and some small hail.

Link to comment
Share on other sites
andy_b_1502 Regular Member

andy_b_1502

Posted
  • Author
Posted

i have a syntax error in here:

 

</td></tr> <tr><td>Company Description:</td><td>  
    <textarea rows="20" cols="50" name="premiumuser_description" id="premiumuser_description">
    <?php
    if (isset($_POST['premiumuser_description'])){ 
echo $_POST['premiumuser_description']; } ?>"  
    </textarea> 
    </td></tr> <tr><td> 
    <input name="Submit" type="submit" value="Register" />  
    </td></tr>  </table>

 

on the echo line

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.