Jump to content

Recommended Posts

Hi, I have this script to stop usernames being duplicated, but it is allowing the data to be written to the sql db even if a match occurs. Here is the selection of code that checks duplication and writes to db.

 

$con = mysql_connect("localhost", "username", "password") or die(mysql_error());
if (!$con)
 {
 die('Could not connect: ' . mysql_error());
 }
else {
mysql_select_db("my_db", $con);
$result = mysql_query("SELECT username FROM members WHERE username = ' " . $username. " ' ");
$rows = mysql_num_rows($result);
if ($rows > 0)
 echo "Sorry, that username is already in use";
}
/* Write to MySQL database */

$sql="INSERT INTO members (username, hash, firstname, surname, email, address1, address2, town, county, postcode, birthday, birthmonth, birthyear, paypalemail, terms)
VALUES
('$_POST[username]','$hash','$_POST[firstname]','$_POST[surname]','$_POST[email]','$_POST[address1]','$_POST[address2]','$_POST[town]','$_POST[county]','$_POST[postcode]','$_POST[birthday]','$_POST[birthmonth]','$_POST[birthyear]','$_POST[paypalemail]','$_POST[terms]')";
if (!mysql_query($sql,$con))
 {
 die('Error: ' . mysql_error());
 }

 /* Redirect visitor to the thank you page */
header('Location: thanks.htm');
exit();
mysql_close($con);

 

I have removed my database and connection settings for security

 

Any idea how to get the duplication check to work would be much appreciated

Why not just set the column to be "unique" in MySQL? And the reason your code continues to add the user, is that you never kill the script, or set an else after checking the rows.

 

mysql_select_db("my_db", $con);
$result = mysql_query("SELECT username FROM members WHERE username = ' " . $username. " ' ");
$rows = mysql_num_rows($result);
if ($rows > 0)
        echo "Sorry, that username is already in use";
}else {
/* Write to MySQL database */

$sql="INSERT INTO members (username, hash, firstname, surname, email, address1, address2, town, county, postcode, birthday, birthmonth, birthyear, paypalemail, terms)
VALUES
('$_POST[username]','$hash','$_POST[firstname]','$_POST[surname]','$_POST[email]','$_POST[address1]','$_POST[address2]','$_POST[town]','$_POST[county]','$_POST[postcode]','$_POST[birthday]','$_POST[birthmonth]','$_POST[birthyear]','$_POST[paypalemail]','$_POST[terms]')";
if (!mysql_query($sql,$con))
 {
 die('Error: ' . mysql_error());
 }

 /* Redirect visitor to the thank you page */
header('Location: thanks.htm');
exit();
}

 

Should solve your problems here.

 

Edit:

As a side note, I would look into SQL Injection and how to prevent it. Just a side note :)

Edited by premiso

Hi, thanks for your reply. I had to add a couple of { but it still registers the user without checking to see if there is a match.

 

edited code

 

mysql_select_db("zambiheadshop_c", $con);
$result = mysql_query("SELECT username FROM members WHERE username = ' " . $username. " ' ");
$rows = mysql_num_rows($result);
if ($rows > 0) {
			 echo "Sorry, that username is already in use";
} else {
/* Write to MySQL database */
$sql="INSERT INTO members (username, hash, firstname, surname, email, address1, address2, town, county, postcode, birthday, birthmonth, birthyear, paypalemail, terms)
VALUES
('$_POST[username]','$hash','$_POST[firstname]','$_POST[surname]','$_POST[email]','$_POST[address1]','$_POST[address2]','$_POST[town]','$_POST[county]','$_POST[postcode]','$_POST[birthday]','$_POST[birthmonth]','$_POST[birthyear]','$_POST[paypalemail]','$_POST[terms]')";
if (!mysql_query($sql,$con))
 {
 die('Error: ' . mysql_error());
 }
 /* Redirect visitor to the thank you page */
header('Location: thanks.htm');
exit();
}

 

It still bypasses the check. Any ideas?

 

Many Thanks

I assign the $username variable in the form field verify part of the script

 

$username = check_input($_POST['username'], "Enter your username");

 

I should have thought I would be able to use the $username variable further on in the script? Am I correct?

Hi guys, thanks for your reply. I altered the script to this and it works

 

/* Check no duplicate usernames */
$con = mysql_connect("zambiheadshop.com.mysql", "zambiheadshop_c", "Ozzie200407") or die(mysql_error());
$query = "SELECT COUNT(*) AS count FROM members WHERE username='$username'";
@mysql_select_db('zambiheadshop_c') or die( "Unable to select database");
$results = mysql_query($query) or die ("Error reading from database");
$existingUsernames = mysql_fetch_array($results);

if ($existingUsernames['count'] > 0) {
   header('Location: usererror.php');
} else {

/* Write to MySQL database */
$sql="INSERT INTO members (username, hash, firstname, surname, email, address1, address2, town, county, postcode, birthday, birthmonth, birthyear, paypalemail, terms)
VALUES
('$_POST[username]','$hash','$_POST[firstname]','$_POST[surname]','$_POST[email]','$_POST[address1]','$_POST[address2]','$_POST[town]','$_POST[county]','$_POST[postcode]','$_POST[birthday]','$_POST[birthmonth]','$_POST[birthyear]','$_POST[paypalemail]','$_POST[terms]')";
if (!mysql_query($sql,$con))
 {
 die('Error: ' . mysql_error());
 }
 /* Redirect visitor to the thank you page */

header('Location: thanks.php');
exit();
}

 

But when I tried to add in a duplicate email check, so the code reads this:

 

/* Check no duplicate usernames */
$con = mysql_connect("zambiheadshop.com.mysql", "zambiheadshop_c", "Ozzie200407") or die(mysql_error());
$query = "SELECT COUNT(*) AS count FROM members WHERE username='$username'";
@mysql_select_db('zambiheadshop_c') or die( "Unable to select database");
$results = mysql_query($query) or die ("Error reading from database");
$existingUsernames = mysql_fetch_array($results);

if ($existingUsernames['count'] > 0) {
   header('Location: usererror.php');
} else {
$con = mysql_connect("zambiheadshop.com.mysql", "zambiheadshop_c", "Ozzie200407") or die(mysql_error());
$query1 = "SELECT COUNT(*) AS count FROM members WHERE email='$email'";
@mysql_select_db('zambiheadshop_c') or die( "Unable to select database");
$results1 = mysql_query($query1) or die ("Error reading from database");
$existingEmails = mysql_fetch_array($results1);

if ($existingEmails['count'] > 0) {
header('Location: emailerror.php');
} else {
/* Write to MySQL database */
$sql="INSERT INTO members (username, hash, firstname, surname, email, address1, address2, town, county, postcode, birthday, birthmonth, birthyear, paypalemail, terms)
VALUES
('$_POST[username]','$hash','$_POST[firstname]','$_POST[surname]','$_POST[email]','$_POST[address1]','$_POST[address2]','$_POST[town]','$_POST[county]','$_POST[postcode]','$_POST[birthday]','$_POST[birthmonth]','$_POST[birthyear]','$_POST[paypalemail]','$_POST[terms]')";
if (!mysql_query($sql,$con))
 {
 die('Error: ' . mysql_error());
 }
 /* Redirect visitor to the thank you page */

header('Location: thanks.php');
exit();
}

 

and I get a

 

Parse error: syntax error, unexpected $end in /customers/4/0/d/zambiheadshop.com/httpd.www/registration/processRegister.php on line 357

 

Anyone know how to fix this?

 

Many Thanks

With proper indenting:

/* Check no duplicate usernames */
$con = mysql_connect("zambiheadshop.com.mysql", "zambiheadshop_c", "Ozzie200407") or die(mysql_error());
$query = "SELECT COUNT(*) AS count FROM members WHERE username='$username'";
@mysql_select_db('zambiheadshop_c') or die( "Unable to select database");
$results = mysql_query($query) or die ("Error reading from database");
$existingUsernames = mysql_fetch_array($results);

if ($existingUsernames['count'] > 0) {
header('Location: usererror.php');
} 
else {
$con = mysql_connect("zambiheadshop.com.mysql", "zambiheadshop_c", "Ozzie200407") or die(mysql_error());
$query1 = "SELECT COUNT(*) AS count FROM members WHERE email='$email'";
@mysql_select_db('zambiheadshop_c') or die( "Unable to select database");
$results1 = mysql_query($query1) or die ("Error reading from database");
$existingEmails = mysql_fetch_array($results1);

if ($existingEmails['count'] > 0) {
	header('Location: emailerror.php');
} 
else {
	/* Write to MySQL database */
	$sql="INSERT INTO members (username, hash, firstname, surname, email, address1, address2, town, county, postcode, birthday, birthmonth, birthyear, paypalemail, terms)
	VALUES ('$_POST[username]','$hash','$_POST[firstname]','$_POST[surname]','$_POST[email]','$_POST[address1]','$_POST[address2]','$_POST[town]','$_POST[county]','$_POST[postcode]','$_POST[birthday]','$_POST[birthmonth]','$_POST[birthyear]','$_POST[paypalemail]','$_POST[terms]')";
	if (!mysql_query($sql,$con))
	{
		die('Error: ' . mysql_error());
	}
	/* Redirect visitor to the thank you page */

	header('Location: thanks.php');
	exit();
}

 

As you can see, you are missing a closing brace } at the end.

 

Hi Kicken, I made the change as suggested but get this error now

 

Parse error: syntax error, unexpected $end in /customers/4/0/d/zambiheadshop.com/httpd.www/registration/processRegister.php on line 349

 

This is the code for the whole page

 

<?php
/* Set e-mail recipient */
$myemail  = "you@domain.com";
/* Check all form inputs using check_input function */
$username = check_input($_POST['username'], "Enter your username");
/* Show error message if Passwords do not match */
if ($_POST['password1']!= $_POST['password2'])
{
 show_error("Sorry your passwords did not match ");
}
$firstname  = check_input($_POST['firstname'], "Please tell us your name");
$surname = check_input($_POST['surname'], "Please tell us your surname");
$address1  = check_input($_POST['address1'], "Please enter your address");
$address2   = check_input($_POST['address2'], "Please enter your address");
$town = check_input($_POST['town'], "Please enter your town, village or city");
$county = check_input($_POST['county'], "Please enter your state or county");
$postcode = check_input($_POST['postcode'], "Please enter your postcode");
$birthday = check_input($_POST['birthday'], "Please select your birthday");
$birthmonth = check_input($_POST['birthmonth'], "Please select your birth month");
$birthyear = check_input($_POST['birthyear'], "Please select your birth year");
$terms = check_input($_POST['terms'], "Please accept the terms of this site");
/* Assign POSTS to variables */
$email = ($_POST['email']);
$emailconfirm = ($_POST['emailconfirm']);
$paypalemail = ($_POST['paypalemail']);
$paypalconfirm = ($_POST['paypalconfirm']);
/* Check email is valid */
if(!filter_var($email, FILTER_VALIDATE_EMAIL))
 {
 show_error("E-mail is not valid");
 }

 /* Check email confirm is valid */

 if(!filter_var($emailconfirm, FILTER_VALIDATE_EMAIL))
 {
 show_error("Confirmed E-mail is not valid");
 }

 /* Show error message if emails do not match */
if ($_POST['email']!= $_POST['emailconfirm'])
{
 show_error("Sorry your emails did not match ");
}
/* Check PayPal email is valid */

 if(!filter_var($paypalemail, FILTER_VALIDATE_EMAIL))
 {
 show_error("PayPal E-mail is not valid");
 }

 /* Check PayPal email confirm is valid */

 if(!filter_var($paypalconfirm, FILTER_VALIDATE_EMAIL))
 {
 show_error("PayPal Confirmed E-mail is not valid");
 }

 /* Show error message if PayPal emails do not match */
if ($_POST['paypalemail']!= $_POST['paypalconfirm'])
{
 show_error("Sorry your PayPal emails did not match ");
}

/* If URL is not valid set $website to empty */
if (!preg_match("/^(https?:\/\/+[\w\-]+\.[\w\-]+)/i", $website))
{
   $website = '';
}
/* Let's prepare the password encryption */
// Create a 256 bit (64 characters) long random salt
// Let's add 'something random' and the username
// to the salt as well for added security
$salt = hash('sha256', uniqid(mt_rand(), true) . 'something random' . strtolower($username));
// Prefix the password with the salt
$hash = $salt . $password1;
// Hash the salted password a bunch of times
for ( $i = 0; $i < 100000; $i ++ ) {
 $hash = hash('sha256', $hash);
}
// Prefix the hash with the salt so we can find it back later
$hash = $salt . $hash;
/* Check no duplicate usernames */
$con = mysql_connect("zambiheadshop.com.mysql", "zambiheadshop_c", "Ozzie200407") or die(mysql_error());
$query = "SELECT COUNT(*) AS count FROM members WHERE username='$username'";
@mysql_select_db('zambiheadshop_c') or die( "Unable to select database");
$results = mysql_query($query) or die ("Error reading from database");
$existingUsernames = mysql_fetch_array($results);
if ($existingUsernames['count'] > 0) {
    header('Location: usererror.php');
}
else {
    $con = mysql_connect("zambiheadshop.com.mysql", "zambiheadshop_c", "Ozzie200407") or die(mysql_error());
    $query1 = "SELECT COUNT(*) AS count FROM members WHERE email='$email'";
    @mysql_select_db('zambiheadshop_c') or die( "Unable to select database");
    $results1 = mysql_query($query1) or die ("Error reading from database");
    $existingEmails = mysql_fetch_array($results1);
    if ($existingEmails['count'] > 0) {
		    header('Location: emailerror.php');
    }
    else {
		    /* Write to MySQL database */
		    $sql="INSERT INTO members (username, hash, firstname, surname, email, address1, address2, town, county, postcode, birthday, birthmonth, birthyear, paypalemail, terms)
		    VALUES ('$_POST[username]','$hash','$_POST[firstname]','$_POST[surname]','$_POST[email]','$_POST[address1]','$_POST[address2]','$_POST[town]','$_POST[county]','$_POST[postcode]','$_POST[birthday]','$_POST[birthmonth]','$_POST[birthyear]','$_POST[paypalemail]','$_POST[terms]')";
		    if (!mysql_query($sql,$con))
		    {
				    die('Error: ' . mysql_error());
		    }
		    /* Redirect visitor to the thank you page */
		    header('Location: thanks.php');
		    exit();
    }


/* Functions we used */
function check_input($data, $problem='')
{
   $data = trim($data);
   $data = stripslashes($data);
   $data = htmlspecialchars($data);
   if ($problem && strlen($data) == 0)
   {
    show_error($problem);
   }
   return $data;
}
function show_error($myError)
{
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
<meta http-equiv="Content-Type" content"text="" html;="" charset="UTF-8"">
<title>AquaTradeHub.com Low Low Prices</title>
<link href="/index_files/stdtheme.css" rel="stylesheet" type="text/css">
<meta name="description" content="Buy and sell your fish and aquatic equipment here at low low prices. Extensive information about all fish can be found here.">

</head>
<body>
<div id="wrapper" class="group">
<div id="header">
<h1><a href="/index.html" title="Return to home page"></a></h1>
</div>

<div id="leftSideBar">
<div id="mainNav">
<span>
<h6>Navigation</h6>
<a href="index.php" title="Home Page" class="index">Home</a><br>
<a href="register.php" title="register" class="register">Register</a><br>
<a href="forum.php" title="forum" class="forum">Forum</a><br>
<a href="wanted.php" title="wanted" class="wanted">Wanted</a><br>
<a href="contact.php" title="contact" class="contact">Contact</a><br>
</span>
</div>
<div id="mainNavBottomLeft">
<span>
<h6>Tropical Care Guides</h6>
<a href="/tropical/anabantids.php" title="Anabantids" class="anabantids">Anabantids</a><br>
<a href="/tropical/catfish.php" title="Catfish" class="catfish">Catfish</a><br>
<a href="/tropical/characins.php" title="Characins" class="characins">Characins</a><br>
<a href="/tropical/cichlids.php" title="Cichlids" class="cichlids">Cichlids</a><br>
<a href="/tropical/cypriniformes.php" title="Cypriniformes" class="cypriniformes">Cypriniformes</a><br><a href="/frogs.php" title="Frogs" class="frogs">Frogs</a><br>
<a href="/tropical/livebearers.php" title="Livebearers" class="livebearers">Livebearers</a><br>
<a href="/tropical/rainbowfish.php" title="Rainbow Fish" class="rainbowfish">Rainbowfish</a><br>
<a href="/tropical/miscellaneous.php" title="Miscellaneous" class="miscellaneous">Miscellaneous FW</a><br>
<a href="/tropical/brackish.php" title="Brackish" class="brackish">Brackish</a><br>
<a href="/tropical/shrimp.php" title="shrimp" class="shrimp">Shrimp</a><br>
<br>
</span>
</div>
<div id="mainNavLastBottomLeft">
<span>
<h6>Marine Care Guides</h6>
<a href="/marine/angelfishLarge.php" title="Angelfish Large" class="angelfishLarge">Angelfish Large</a><br>
<a href="/marine/angelfishDwarf.php" title="Angelfish Dwarf" class="angelfishDwarf">Angelfish Dwarf</a><br>
<a href="/marine/anthias.php" title="Anthias" class="anthias">Anthias</a><br>
<a href="/marine/bassAndGroupers.php" title="Bass and Groupers" class="bassAndGroupers">Bass and Groupers</a><br>
<a href="/marine/bassletsAndAssessors.php" title="Basslets & Assessors" class="bassletsAndAssessors">Basslets & Assessors</a><br>
<a href="/marine/batfish.php" title="Batfish" class="Batfish">Batfish</a><br>
<a href="/marine/blennies.php" title="Blennies" class="blennies">Blennies</a><br>
<a href="/marine/boxfishAndBlowfish.php" title="Boxfish And Blowfish" class="boxfishAndBlowfish">Boxfish And Blowfish</a><br>
<a href="/marine/butterflyfish.php" title="Butterfly Fish" class="butterflyFish">Butterflyfish</a><br>
<a href="/marine/cardinalfish.php" title="Cardinal Fish" class="cardinalFish">Cardinalfish</a><br>
<a href="/marine/chromis.php" title="Chromis" class="chromis">Chromis</a><br>
<a href="/marine/clownfish.php" title="Clownfish" class="clownfish">Clownfish</a><br>
<a href="/marine/damsels.php" title="Damsels" class="damsels">Damsels</a><br>
<a href="/marine/dartfish.php" title="Dartfish" class="dartfish">Dartfish</a><br>
<a href="/marine/dragonets.php" title="Dragonets" class="dragonets">Dragonets</a><br>
<a href="/marine/eels.php" title="Eels" class="Eels">Eels</a><br>
<a href="/marine/filefish.php" title="Filefish" class="filefish">Filefish</a><br>
<a href="/marine/foxface.php" title="Foxface" class="foxface">Foxface</a><br>
<a href="/marine/flatfish.php" title="Flatfish" class="flatfish">Flatfish</a><br>
<a href="/marine/frogfish.php" title="Frogfish" class="frogfish">Frogfish</a><br>
<a href="/marine/goatfish.php" title="Goatfish" class="goatfish">Goatfish</a><br>
<a href="/marine/gobies.php" title="Gobies" class="gobies">Gobies</a><br>
<a href="/marine/grunts.php" title="Grunts" class="grunts">Grunts</a><br>
<a href="/marine/hamlet.php" title="Hamlet" class="hamlet">Hamlet</a><br>
<a href="/marine/hawkfish.php" title="Hawkfish" class="hawkfish">Hawkfish</a><br>
<a href="/marine/hogfish.php" title="Hogfish" class="hogfish">Hogfish</a><br>
<a href="/marine/jacks.php" title="Jacks" class="jacks">Jacks</a><br>
<a href="/marine/jawfish.php" title="Jawfish" class="jawfish">Jawfish</a><br>
<a href="/marine/lionfish.php" title="Lionfish" class="lionfish">Lionfish</a><br>
<a href="/marine/parrotfish.php" title="Parrotfish" class="parrotfish">Parrotfish</a><br>
<a href="/marine/pipefish.php" title="Pipefish" class="pipefish">Pipefish</a><br>
<a href="/marine/pseudochromis.php" title="Pseudochromis" class="pseudochromis">Pseudochromis</a><br>
<a href="/marine/rabbitfish.php" title="Rabbitfish" class="rabbitfish">Rabbitfish</a><br>
<a href="/marine/rays.php" title="Rays" class="rays">Rays</a><br>
<a href="/marine/scorpionfish.php" title="Scorpionfish" class="scorpionfish">Scorpionfish</a><br>
<a href="/marine/seahorse.php" title="Seahorse" class="seahorse">Seahorse<br>
<a href="/marine/squirrelfish.php" title="Squirrelfish" class="squirrelfish">Squirrelfish</a><br>
<a href="/marine/sharks.php" title="Sharks" class="sharks">Sharks</a><br>
<a href="/marine/snappers.php" title="Snappers" class="snappers">Snappers</a><br>
<a href="/marine/tangs.php" title="Tangs" class="tangs">Tangs</a><br>
<a href="/marine/tilefish.php" title="Tilefish" class="tilefish">Tilefish</a><br>
<a href="/marine/triggerfish.php" title="Triggerfish" class="triggerfish">Triggerfish</a><br>
<a href="/marine/wrasse.php" title="Wrasse" class="wrasse">Wrasse</a><br>


<br>
</span>
</div>
</div>
<div id="rightSideBar">
<div id="rightNav">
<span>
Featured Listings
</span>
</div>
<div id="middleNavRight">
<span>
<a href="bannerApplication.php"><?
include_once("banners.php"); echo"$bannerAd1";
?> </a>
</span>
</div>
<div id="bottomNavRight">
<span>
<h6>Featured Listings</h6>
</span>
</div>
<div id="bottomNavLastRight">
<span>
<a href="photosubmission.php"><?
include_once("bannerlarge.php"); echo"$bannerAd2";
?> </a>
</span>
</div>
</div>
<div id="mainContent">
<div id="topNav">
<span>
<a href="bannerApplication.php">
<?
include_once("bannerAds.php"); echo"$bannerAd";
?></a>
</span>
</div>
<div id="topLogin">
<span>
<form action="login.php">
Username:<input size="10" name="username" type="text">   Password: <input size="10" name="password1" type="password1">  <input value="Login" type="submit">
</form></span>
</div>
<br>
<span>
<div id="topSearch">
<span>
<form action="login.php" method="post"><font color="#ffffff"><strong>Search:</strong> <input type="text" size="15" name="searchtxt">  <text color="#ffffff"><strong>Category</strong></font> <select>
 <option value="coldwater">Coldwater Fish</option>
 <option value="marine">Marine Fish</option>
 <option value="tropical">Tropical Fish</option>
 <option value="aquariums">Aquariums / Bowls / Tanks</option>
 <option value="foods">Foods</option>
 <option value="liveplants">Live Plants</option>
 <option value="artificialplants">Artificial Plants</option>
 <option value="filtration">Filtration System</option>
 <option value="heating">Heaters</option>
 <option value="crabs">Crabs / Snails / Algae Eaters</option>
 <option value="frogs">Tropical Frogs</option>
 <option value="turtles">Turtles</option>
 <option value="other">Other Fish Supplies</option>
</select>
  
<input type="submit" value="Submit">

</form>
</span>
</div>

<div class="mainText">
<h2> Please correct the following error:</h2>
   <?php echo $myError; ?>
<br />
</div>

</div></body></html>
<?php
exit();
}
?>

 

Many Thanks

Need your help again guys. I have tried adding some code to send a validation email to the member once registered, but although registration is successful, the email is not sent :(

 

<code>

/* Check no duplicate usernames */

$con = mysql_connect("zambiheadshop.com.mysql", "zambiheadshop_c", "Ozzie200407") or die(mysql_error());

$query = "SELECT COUNT(*) AS count FROM members WHERE username='$username'";

@mysql_select_db('zambiheadshop_c') or die( "Unable to select database");

$results = mysql_query($query) or die ("Error reading from database");

$existingUsernames = mysql_fetch_array($results);

 

if ($existingUsernames['count'] > 0) {

header('Location: usererror.php');

}

else {

$con = mysql_connect("zambiheadshop.com.mysql", "zambiheadshop_c", "Ozzie200407") or die(mysql_error());

$query1 = "SELECT COUNT(*) AS count FROM members WHERE email='$email'";

@mysql_select_db('zambiheadshop_c') or die( "Unable to select database");

$results1 = mysql_query($query1) or die ("Error reading from database");

$existingEmails = mysql_fetch_array($results1);

 

if ($existingEmails['count'] > 0) {

header('Location: emailerror.php');

}

else {

/* Write to MySQL database */

$sql="INSERT INTO members (username, hash, firstname, surname, email, address1, address2, town, county, postcode, birthday, birthmonth, birthyear, paypalemail, terms)

VALUES ('$_POST[username]','$hash','$_POST[firstname]','$_POST[surname]','$_POST','$_POST[address1]','$_POST[address2]','$_POST[town]','$_POST[county]','$_POST[postcode]','$_POST[birthday]','$_POST[birthmonth]','$_POST[birthyear]','$_POST[paypalemail]','$_POST[terms]')";

if (!mysql_query($sql,$con))

{

die('Error: ' . mysql_error());

}

 

/* Send validation email */

 

// recipients

$to = '$_POST';

 

// subject

$subject = 'AquaTradeHub.com Validation Email';

 

// message

$message = '

Please validate';

 

// To send HTML mail, the Content-type header must be set

$headers = 'MIME-Version: 1.0' . "\r\n";

$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";

 

// Additional headers

$headers .= '$_POST' . "\r\n";

$headers .= 'From: AquaTradeHub.com <validate@aquatradehub.com>' . "\r\n";

 

// Mail it

mail($to, $subject, $message, $headers);

 

 

/* Redirect visitor to the thank you page */

 

header('Location: thanks.php');

exit();

}}

</code>

Edited by aquatradehub
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.