slannesh Posted June 29, 2012 Share Posted June 29, 2012 Hi I'm trying to figure out how to make a log in page. I found some script and I have been playing around with it. I can't seem to insert anything into the database. I don't have any errors from both the code or from mysql. <?php $uname = ""; $pword = ""; $rpword = ""; $firstname = ""; $lastname = ""; $errorMessage = ""; $num_rows = 0; function quote_smart($value, $handle) { if (get_magic_quotes_gpc()) { $value = stripslashes($value); } if (!is_numeric($value)) { $value = "'" . mysql_real_escape_string($value, $handle) . "'"; } return $value; } if ($_SERVER['REQUEST_METHOD'] == 'POST'){ //==================================================================== // GET THE CHOSEN U AND P, AND CHECK IT FOR DANGEROUS CHARCTERS //==================================================================== $uname = $_POST['username']; $pword = $_POST['password']; $firstname = $_POST['firstname']; $lastname = $_POST['lastname']; $uname = htmlspecialchars($uname); $pword = htmlspecialchars($pword); $firstname = htmlspecialchars($firstname); $lastname = htmlspecialchars($lastname); //==================================================================== // Validations //==================================================================== $uLength = strlen($uname); $pLength = strlen($pword); $fnLength = strlen($firstname); $lnLength = strlen($lastname); if ($uLength >= 8 && $uLength <= 20) { $errorMessage = ""; } else { $errorMessage = $errorMessage . "Username must be between 8 and 20 characters" . "<BR>"; } if ($pLength >= 8 && $pLength <= 16) { $errorMessage = ""; } else { $errorMessage = $errorMessage . "Password must be between 8 and 16 characters" . "<BR>"; } if ($pword != $rpword) { $errorMessage = ""; } else { $errorMessage = $errorMessage . "The two passwords do not match." . "<BR>"; } if ($fnLength > 0) { $errorMessage = ""; } else { $errorMessage = $errorMessage . "Please enter in a First Name" . "<BR>"; } if ($lnLength > 0) { $errorMessage = ""; } else { $errorMessage = $errorMessage . "Please enter in a Last Name" . "<BR>"; } //test to see if $errorMessage is blank //if it is, then we can go ahead with the rest of the code //if it's not, we can display the error //==================================================================== // Write to the database //==================================================================== if ($errorMessage == "") { $user_name = "**********"; $pass_word = "**********"; $database = "***********"; $server = "************"; $db_handle = mysql_connect($server, $user_name, $pass_word) or die(mysql_error()); $db_found = mysql_select_db($database, $db_handle); if ($db_found) { $uname = quote_smart($uname, $db_handle); $pword = quote_smart($pword, $db_handle); //==================================================================== // CHECK THAT THE USERNAME IS NOT TAKEN //==================================================================== $SQL = "SELECT * FROM account WHERE username = $uname"; $result = mysql_query($SQL); $num_rows = mysql_num_rows($result); if ($num_rows > 0) { $errorMessage = "Username already taken"; } else { $SQL = "INSERT INTO account (uid, username, password, first_bane, last_name) VALUES ('', $uname, md5($pword), $firstname, $lastname)"; $result = mysql_query($SQL); mysql_close($db_handle); //================================================================================= // START THE SESSION AND PUT SOMETHING INTO THE SESSION VARIABLE CALLED login // SEND USER TO A DIFFERENT PAGE AFTER SIGN UP //================================================================================= session_start(); $_SESSION['login'] = "1"; header ("Location: page1.php"); } } else { $errorMessage = "Database Not Found"; } } } ?> <html> <head> <title>Basic Login Script</title> </head> <body> <FORM NAME ="form1" METHOD ="POST" ACTION ="signup.php"> Username: <INPUT TYPE = 'test' Name ='username' value="<?PHP print $uname;?>" maxlength="20"><br /><br /> Password: <INPUT TYPE = 'password' Name ='password' value="<?PHP print $pword;?>" maxlength="16"><br /> Please re-enter <br /> Password: <INPUT TYPE = 'password' Name ='repassword' value="<?PHP print $rpword;?>" maxlength="16"><br /><br /> First Name:<input type="text" name="firstname" value="<?php print $firstname;?>" maxlength="20"><br /> Last Name:<input type="text" name="lastname" value="<?php print $lastname;?>" maxlength="20"><br /> <P> <INPUT TYPE = "Submit" Name = "Submit1" VALUE = "Register"> </FORM> <P> <?PHP print $errorMessage;?> </body> </html> Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted June 29, 2012 Share Posted June 29, 2012 When posting code, enclose it within the forum's . . . BBCode tags. Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted June 29, 2012 Share Posted June 29, 2012 For insert/update queries, check that mysql_query is succeeding and that mysql_affected_rows is (at least) 1, and if not, echo mysql_error. Quote Link to comment Share on other sites More sharing options...
ManiacDan Posted June 30, 2012 Share Posted June 30, 2012 Your INSERT statement contains "first_bane" as a column name. Pretty sure that's wrong. Always, always check the errors, that would have produced a VERY clear error message. Quote Link to comment Share on other sites More sharing options...
slannesh Posted July 5, 2012 Author Share Posted July 5, 2012 LOL thanks all, I figured out my problem. I forgot to put quotes in the SQL statement. Lesson learned Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.