Jump to content

Check if username exists

Sarkons

By Sarkons
in PHP Coding Help

 Share

Recommended Posts

Sarkons Newbie

Sarkons

Posted
Posted (edited)

Hi There,

I'm rather new to php so please bare with me!

After many attempts i still have been unable to return success, even existing usernames still come up as free.

this is the code i've been attempting to use;

 

<?php
}else{


$usr = new Users;
$usr->storeFormValues( $_POST );
if( $_POST['password'] == $_POST['confpass'] ) {
//passwords do match//
} else {
echo "Passwords do not match";
exit;
}
$con = new PDO( DB_DSN, DB_USERNAME, DB_PASSWORD );
$con->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
$stmt = $con->prepare("SELECT COUNT (*) FROM users WHERE username = :username");
if ($stmt->fetchColumn() > 0) {

echo "username is taken";
}else{

echo "username is free";
}
}

Thanks, I Appreciate it!

Edited by Sarkons
Link to comment
Share on other sites
Sarkons Newbie

Sarkons

Posted
  • Author
Posted

I have it on my user.php page which contains;

<?php
class Users {
 public $username = null;
 public $password = null;
 public $salt = "Zo4rU5Z1YyKJAASY0PT6EUg7BBYdlEhPaNLuxAwU8lqu1ElzHv0Ri7EM6irpx5w";
 public $email = null;
 public $first = null;
 public $middle = null;
 public $last = null;
 public $question = null;
 public $answer = null;

 public function __construct( $data = array() ) {
  if( isset( $data['username'] ) ) $this->username = stripslashes( strip_tags( $data['username'] ) );
  if( isset( $data['password'] ) ) $this->password = stripslashes( strip_tags( $data['password'] ) );
  if( isset( $data['email'] ) ) $this->email = stripslashes( strip_tags( $data['email'] ) );
  if( isset( $data['first'] ) ) $this->first = stripslashes( strip_tags( $data['first'] ) );
  if( isset( $data['middle'] ) ) $this->middle = stripslashes( strip_tags( $data['middle'] ) );
  if( isset( $data['last'] ) ) $this->last = stripslashes( strip_tags( $data['last'] ) );
  if( isset( $data['question'] ) ) $this->question = stripslashes( strip_tags( $data['question'] ) );
  if( isset( $data['answer'] ) ) $this->answer = stripslashes( strip_tags( $data['answer'] ) );
 }

 public function storeFormValues( $params ) {
 //store the parameters
 $this->__construct( $params );
 }

 public function userLogin() {
  $success = false;
  try{
  $con = new PDO( DB_DSN, DB_USERNAME, DB_PASSWORD );
  $con->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
  $sql = "SELECT * FROM users WHERE username = :username AND password = :password LIMIT 1";

  $stmt = $con->prepare( $sql );
  $stmt->bindValue( "username", $this->username, PDO::PARAM_STR );
  $stmt->bindValue( "password", hash("sha256", $this->password . $this->salt), PDO::PARAM_STR );
  $stmt->execute();

  $valid = $stmt->fetchColumn();

  if( $valid ) {
   $success = true;
  }

  $con = null;
  return $success;
  }catch (PDOException $e) {
   echo $e->getMessage();
   return $success;
  }
 }

 public function register() {
 $correct = false;
  try {
   $con = new PDO( DB_DSN, DB_USERNAME, DB_PASSWORD );
   $con->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
   $sql = "INSERT INTO users (username, password, email, first, middle, last, question, answer)
   VALUES(:username, :password, :email, :first, :middle, :last, :question, :answer)";

   $stmt = $con->prepare( $sql );
   $stmt->bindValue( "username", $this->username, PDO::PARAM_STR );
   $stmt->bindValue( "password", hash("sha256", $this->password . $this->salt), PDO::PARAM_STR );
   $stmt->bindValue( "email", $this->email, PDO::PARAM_STR );
   $stmt->bindValue( "first", $this->first, PDO::PARAM_STR );
   $stmt->bindValue( "middle", $this->middle, PDO::PARAM_STR );
   $stmt->bindValue( "last", $this->last, PDO::PARAM_STR );
   $stmt->bindValue( "question", $this->question, PDO::PARAM_STR );
   $stmt->bindValue( "answer", $this->answer, PDO::PARAM_STR );
   $stmt->execute();
   return "Registration Successful <br/> <a href='index.php'>Login Now</a>";
  }catch( PDOException $e ) {
 return $e->getMessage();
  }
  }
 }
?>

Link to comment
Share on other sites
requinix Prolific Member

requinix

Posted
Posted (edited)

I have it on my user.php page which contains irrelevant stuff

That's fine buggy and all but

$con = new PDO( DB_DSN, DB_USERNAME, DB_PASSWORD );
$con->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
$stmt = $con->prepare("SELECT COUNT (*) FROM users WHERE username = :username");

that code has absolutely nothing to do with your Users class.

 

Where do you bind a username to $stmt?

Edited by requinix
Link to comment
Share on other sites
White_Lily Regular Member

White_Lily

Posted
Posted

I am constantly having to write registration and login scripts for clients, and therefore I prefer simple ways of comparing usernames.

 

This is the code i use to get a taken name, and display an error if the user tries to use a taken name:

 

$compare = select("users", "user_username", NULL, NULL, 1) or die(mysql_error()); // my select function is a custom and so you should swap this for a query or your personal select function.
$use = mysql_fetch_assoc($compare);

if($username == $use["user_username"]){
$error .= "<li class='error'>That username is already in use. Choose another.</li>";
}

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.