PF2G Posted May 30, 2012 Share Posted May 30, 2012 Hi, i trying to do a registration form (easiest thing ever) but i'm having trouble doing the validation :S <?php include 'db_connect.php'; ?> <html> <head> <title>Adminstração</title> </head> <body style="color=#FFFFFF" bgcolor="#666666"> <table width="100%" height="100%" border="0" align="center" cellpadding="0" cellspacing="1"> <tr> <form method="post" action=""> <td align="center" valign="middle"> <table width="300px" cellpadding="0" cellspacing="3" bgcolor="#FFFFFF" style=" border: 1px solid #000000;"> <tr> <td style=" border-style:none;"> <br> </td> </tr> <tr> <td align="right" style="font-size: 13;font-family: Arial, Helvetica, sans-serif;font-weight: bold;border-style:none;"> Utlizador: </td> <td style=" border-style:none;"> <input name="user" type="text"> </td> </tr> <tr> <td align="right" style="font-size: 13;font-family: Arial, Helvetica, sans-serif;font-weight: bold;border-style:none;"> Password: </td> <td style=" border-style:none;"> <input name="password" type="password"> </td> </tr> <tr> <td colspan="2" align="center" style=" border-style:none;"> <input type="submit" name="registar" value="Registar"> </td> </tr> <tr> <td style=" border-style:none;"> <br> </td> </tr> </table> <span class="style1" style="font-size: 13;font-family: Arial, Helvetica, sans-serif;font-weight: bold;color: red;"> </span> </td> </form> </tr> </table> </body> </html> <?PHP if(isset($_POST['registar'])) { $username = $_POST['user']; $password = $_POST['password']; if (empty($username) OR empty($password)) { echo "<script>alert('Todos os campos são obrigatórios.') location.href = 'add_user.php';</script>"; } if ($username!="" && $password!="") { $sel_user="SELECT * FROM utilizadores"; $user=mysql_query($sel_user, $connect); $row_user=mysql_fetch_assoc($user); if ($username=$row_user['username']) { "<script>alert('O nome do utilizador ja existe.')</script>"; } else { $sql="INSERT INTO utilizadores (username, password) VALUES ('".$username."','".sha1($password)."')"; $result = mysql_query($sql); if(!$result) { echo "<script>alert('Erro a adicionar utilizador.')</script>"; } else { echo "<script>alert('Utilizador adicionado com sucesso.'); location.href = 'admin.php';</script>"; } } mysql_close($connect); } } ?> Please help me... Link to comment https://forums.phpfreaks.com/topic/263380-validate-insert-problem/ Share on other sites More sharing options...
Pikachu2000 Posted May 30, 2012 Share Posted May 30, 2012 You haven't said what the problem actually is. Link to comment https://forums.phpfreaks.com/topic/263380-validate-insert-problem/#findComment-1349782 Share on other sites More sharing options...
Psycho Posted May 30, 2012 Share Posted May 30, 2012 1. You first check to see if username or password are empty. Then you do a second check to see if they are not equal to "" - ??? 2. Your select query is selecting ALL the records where it is apparent you are looking for a matching record. So, the following lines doing a check of username are only checking the first record. 3. You have a string that is sitting in the code doing nothing (i.e. there is no echo and no assignment) "<script>alert('O nome do utilizador ja existe.')</script>"; 4. Don't use JS alerts for error messaging, it is sloppy. Here is a quick rewrite <?php include 'db_connect.php'; $result_msg = ''; $username = isset($_POST['user']) ? trim($_POST['user']) : ''; $password = isset($_POST['password']) ? $_POST['password'] : ''; if($_SERVER['REQUEST_METHOD']=='POST') { if (empty($username) OR empty($password)) { $result_msg = "<span style='color:red'>Todos os campos são obrigatórios.</span>"; } else { $usernameSQL = mysql_real_escape_string($username); $passwordSQL = sha1($password); $query = "SELECT username FROM utilizadores WHERE username = '$usernameSQL'"; $result = mysql_query($query); if(mysql_num_rows($result)) { $result_msg = "<span style='color:red'>O nome do utilizador ja existe.</span>"; } else { $query = "INSERT INTO utilizadores (username, password) VALUES ('{$usernameSQL}','{$passwordSQL}')"; $result= mysql_query($query); if(!$result) { $result_msg = "<span style='color:red'>Erro a adicionar utilizador.')</span>"; } else { $result_msg = "<span>Utilizador adicionado com sucesso.</span>"; $result_msg .= "<br><a href='admin.php'>Admin Page</a>"; } } } } ?> <html> <head> <title>Adminstração</title> </head> <body style="color=#FFFFFF" bgcolor="#666666"> <?php echo $result_msg; ?></span> <table width="100%" height="100%" border="0" align="center" cellpadding="0" cellspacing="1"> <tr> <form method="post" action=""> <td align="center" valign="middle"> <table width="300px" cellpadding="0" cellspacing="3" bgcolor="#FFFFFF" style=" border: 1px solid #000000;"> <tr> <td style=" border-style:none;"> <br> </td> </tr> <tr> <td align="right" style="font-size: 13;font-family: Arial, Helvetica, sans-serif;font-weight: bold;border-style:none;"> Utlizador: </td> <td style=" border-style:none;"> <input name="user" type="text" value="<?php echo $username; ?>"> </td> </tr> <tr> <td align="right" style="font-size: 13;font-family: Arial, Helvetica, sans-serif;font-weight: bold;border-style:none;"> Password: </td> <td style=" border-style:none;"> <input name="password" type="password"> </td> </tr> <tr> <td colspan="2" align="center" style=" border-style:none;"> <button type="submit">Registar</button> </td> </tr> <tr> <td style=" border-style:none;"> <br> </td> </tr> </table> <span class="style1" style="font-size: 13;font-family: Arial, Helvetica, sans-serif;font-weight: bold;color: red;"> </span> </td> </form> </tr> </table> </body> </html> Link to comment https://forums.phpfreaks.com/topic/263380-validate-insert-problem/#findComment-1349792 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.