Jump to content

Validate Insert Problem

PF2G

By PF2G
in PHP Coding Help

 Share

Recommended Posts

PF2G Member

PF2G

Posted
Posted

Hi,

i trying to do a registration form (easiest thing ever) but i'm having trouble doing the validation  :S

 

    <?php
    	include 'db_connect.php';
    ?>
    <html>
    
    <head>
    	<title>Adminstração</title>
    </head>
    	
    <body style="color=#FFFFFF" bgcolor="#666666">
    	<table width="100%" height="100%" border="0" align="center" cellpadding="0" cellspacing="1">
    		<tr>
    			<form method="post" action="">
    				<td align="center" valign="middle">
    					<table width="300px" cellpadding="0" cellspacing="3" bgcolor="#FFFFFF" style=" border: 1px solid #000000;">
    						<tr>
    							<td style=" border-style:none;">
    								<br>
    							</td>
    						</tr>
    					
    						<tr>
    							<td align="right" style="font-size: 13;font-family: Arial, Helvetica, sans-serif;font-weight: bold;border-style:none;">
    								Utlizador:
    							</td>
    					
    							<td style=" border-style:none;">
    								<input name="user" type="text">
    							</td>
    						</tr>
    					
    						<tr>
    							<td align="right" style="font-size: 13;font-family: Arial, Helvetica, sans-serif;font-weight: bold;border-style:none;">
    								Password:
    							</td>
    							<td style=" border-style:none;">
    								<input name="password" type="password">
    							</td>
    						</tr>
    					
    						<tr>
    							<td colspan="2" align="center" style=" border-style:none;">
    								<input type="submit" name="registar" value="Registar">
    							</td>
    						</tr>
    					
    						<tr>
    							<td style=" border-style:none;">
    								<br>
    							</td>
    						</tr>
    					</table>
    					<span class="style1" style="font-size: 13;font-family: Arial, Helvetica, sans-serif;font-weight: bold;color: red;"> </span>
    				</td>
    			</form>
    		</tr>
    	</table>
    </body>
    </html>
    <?PHP
        if(isset($_POST['registar'])) 
    	{
    		$username = $_POST['user'];
    		$password = $_POST['password'];
    		
    		if (empty($username) OR empty($password))
    		{
    			echo "<script>alert('Todos os campos são obrigatórios.')
    				location.href = 'add_user.php';</script>";
    		}
    		
    		if ($username!="" && $password!="")
    		{
    			$sel_user="SELECT * FROM utilizadores";
    			$user=mysql_query($sel_user, $connect);
    			$row_user=mysql_fetch_assoc($user);
    			
    			if ($username=$row_user['username'])
    			{
    				"<script>alert('O nome do utilizador ja existe.')</script>";
    			}
    			else
    			{
    				$sql="INSERT INTO utilizadores (username, password) VALUES ('".$username."','".sha1($password)."')";
    				$result = mysql_query($sql);
    								
    				if(!$result) 
    				{
    					echo "<script>alert('Erro a adicionar utilizador.')</script>";
    				}
    				else 
    				{
    					echo "<script>alert('Utilizador adicionado com sucesso.');
    						location.href = 'admin.php';</script>";
    				}
    			}
    			mysql_close($connect);
    		}
    	}
    ?>

 

 

Please help me...

Link to comment
Share on other sites
Psycho Prolific Member

Psycho

Posted
Posted

1. You first check to see if username or password are empty. Then you do a second check to see if they are not equal to "" - ???

2. Your select query is selecting ALL the records where it is apparent you are looking for a matching record. So, the following lines doing a check of username are only checking the first record.

3. You have a string that is sitting in the code doing nothing (i.e. there is no echo and no assignment)

"<script>alert('O nome do utilizador ja existe.')</script>";

4. Don't use JS alerts for error messaging, it is sloppy.

 

Here is a quick rewrite

<?php

include 'db_connect.php';
$result_msg = '';
$username = isset($_POST['user']) ? trim($_POST['user']) : '';
$password = isset($_POST['password']) ? $_POST['password'] : '';

if($_SERVER['REQUEST_METHOD']=='POST') 
{
    if (empty($username) OR empty($password))
    {
        $result_msg = "<span style='color:red'>Todos os campos são obrigatórios.</span>";
    }
    else
    {
        $usernameSQL = mysql_real_escape_string($username);
        $passwordSQL = sha1($password);

        $query = "SELECT username FROM utilizadores WHERE username = '$usernameSQL'";
        $result = mysql_query($query);

        if(mysql_num_rows($result))
        {
            $result_msg = "<span style='color:red'>O nome do utilizador ja existe.</span>";
        }
        else
        {
            $query = "INSERT INTO utilizadores (username, password) VALUES ('{$usernameSQL}','{$passwordSQL}')";
            $result= mysql_query($query);
            if(!$result) 
            {
                $result_msg = "<span style='color:red'>Erro a adicionar utilizador.')</span>";
            }
            else 
            {
                $result_msg = "<span>Utilizador adicionado com sucesso.</span>";
                $result_msg .= "<br><a href='admin.php'>Admin Page</a>";
            }
        }
    }
}

?>
    <html>
    
    <head>
    	<title>Adminstração</title>
    </head>
    	
    <body style="color=#FFFFFF" bgcolor="#666666">
        <?php echo $result_msg; ?></span>
    	<table width="100%" height="100%" border="0" align="center" cellpadding="0" cellspacing="1">
    		<tr>
    			<form method="post" action="">
    				<td align="center" valign="middle">
    					<table width="300px" cellpadding="0" cellspacing="3" bgcolor="#FFFFFF" style=" border: 1px solid #000000;">
    						<tr>
    							<td style=" border-style:none;">
    								<br>
    							</td>
    						</tr>
    						<tr>
    							<td align="right" style="font-size: 13;font-family: Arial, Helvetica, sans-serif;font-weight: bold;border-style:none;">
    								Utlizador:
    							</td>
    					
    							<td style=" border-style:none;">
    								<input name="user" type="text" value="<?php echo $username; ?>">
    							</td>
    						</tr>
    						<tr>
    							<td align="right" style="font-size: 13;font-family: Arial, Helvetica, sans-serif;font-weight: bold;border-style:none;">
    								Password:
    							</td>
    							<td style=" border-style:none;">
    								<input name="password" type="password">
    							</td>
    						</tr>
    						<tr>
    							<td colspan="2" align="center" style=" border-style:none;">
    								<button type="submit">Registar</button>
    							</td>
    						</tr>
    						<tr>
    							<td style=" border-style:none;">
    								<br>
    							</td>
    						</tr>
    					</table>
    					<span class="style1" style="font-size: 13;font-family: Arial, Helvetica, sans-serif;font-weight: bold;color: red;"> </span>
    				</td>
    			</form>
    		</tr>
    	</table>
    </body>
    </html>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.