Submit Form not working but no error shown

[rayman]

Hi, I am designing a website which includes a membership system that allows people to register. However when i enter the information to sign up and try to submit the form it keeps telling me i havent entered anything in the 'email' field even though i have. it doesnt happen with any other attributes, just the email one. its not an sql error and im sure the php is correct, i have used this script on a different host and it has worked before so im not sure why it isnt working now.

 

the error shows "You did not submit the following required information! Email Address"

 

here is the code

 

<?php

// Set error message as blank upon arrival to page
$errorMsg = "";
// First we check to see if the form has been submitted
if (isset($_POST['username'])){
//Connect to the database through our include
include_once "connect_to_mysql.php";
// Filter the posted variables
$username = preg_replace("[^A-Za-z0-9]", "", $_POST['username']); // filter everything but numbers and letters
$country = preg_replace("[^A-Z a-z0-9]", "", $_POST['country']); // filter everything but spaces, numbers, and letters
$state = preg_replace("[^A-Z a-z0-9]", "", $_POST['state']); // filter everything but spaces, numbers, and letters
$city = preg_replace("[^A-Z a-z0-9]", "", $_POST['city']); // filter everything but spaces, numbers, and letters
$accounttype = preg_replace("[^a-z]", "", $_POST['accounttype']); // filter everything but lowercase letters
$email = stripslashes($_POST['email']);
$email = strip_tags($email);
$email = mysql_real_escape_string($email);
$password = preg_replace("[^A-Za-z0-9]", "", $_POST['password']); // filter everything but numbers and letters
// Check to see if the user filled all fields with
// the "Required"(*) symbol next to them in the join form
// and print out to them what they have forgotten to put in
if((!$username) || (!$country) || (!$state) || (!$city) || (!$accounttype) || (!$email) || (!$password)){

$errorMsg = "You did not submit the following required information!<br /><br />";
if(!$username){
$errorMsg .= "--- User Name";
} else if(!$country){
$errorMsg .= "--- Country";
} else if(!$state){
$errorMsg .= "--- State";
} else if(!$city){
$errorMsg .= "--- City";
} else if(!$accounttype){
$errorMsg .= "--- Account Type";
} else if(!$email){
$errorMsg .= "--- Email Address";
} else if(!$password){
$errorMsg .= "--- Password";
}
} else {
// Database duplicate Fields Check
$sql_username_check = mysql_query("SELECT id FROM members WHERE username='$username' LIMIT 1");
$sql_email_check = mysql_query("SELECT id FROM members WHERE email='$email' LIMIT 1");
$username_check = mysql_num_rows($sql_username_check);
$email_check = mysql_num_rows($sql_email_check);
if ($username_check > 0){
$errorMsg = "<u>ERROR:</u><br />Your User Name is already in use inside our system. Please try another.";
} else if ($email_check > 0){
$errorMsg = "<u>ERROR:</u><br />Your Email address is already in use inside our system. Please try another.";
} else {
// Add MD5 Hash to the password variable
$hashedPass = md5($password);
// Add user info into the database table, claim your fields then values
$sql = mysql_query("INSERT INTO members (username, country, state, city, accounttype, email, password, signupdate)
VALUES('$username','$country','$state','$city','$accounttype','$email','$hashedPass', now())") or die (mysql_error());
// Get the inserted ID here to use in the activation email
$id = mysql_insert_id();
// Create directory(folder) to hold each user files(pics, MP3s, etc.)
mkdir("memberFiles/$id", 0755);
// Start assembly of Email Member the activation link
$to = "$email";
// Change this to your site admin email
$from = "no-reply@jattbeats.co.uk";
$subject = "Complete your registration";
//Begin HTML Email Message where you need to change the activation URL inside
$message = '<html>
<body bgcolor="#FFFFFF">
Hi ' . $username . ',
<br /><br />
You must complete this step to activate your account with us.
<br /><br />
Please click here to activate now >>
<a href="http://www.jattbeats.co.uk/activation.php?id=' . $id . '">
ACTIVATE NOW</a>
<br /><br />
Your Login Data is as follows:
<br /><br />
E-mail Address: ' . $email . ' <br />
Password: ' . $password . '
<br /><br />
Thanks!
</body>
</html>';
// end of message
$headers = "From: $from\r\n";
$headers .= "Content-type: text/html\r\n";
$to = "$to";
// Finally send the activation email to the member
mail($to, $subject, $message, $headers);
// Then print a message to the browser for the joiner
print "<br /><br /><br /><h4>OK $firstname, one last step to verify your email identity:</h4><br />
We just sent an Activation link to: $email<br /><br />
<strong><font color=\"#990000\">Please check your email inbox in a moment</font></strong> to click on the Activation <br />
Link inside the message. After email activation you can log in.";
exit(); // Exit so the form and page does not display, just this success message
} // Close else after database duplicate field value checks
} // Close else after missing vars check
} //Close if $_POST
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Member Registration</title>
<style type="text/css">
body,td,th {
font-family: Verdana, Geneva, sans-serif;
color: #F00;
}
body {
background-color: #000;
}
</style>
</head>
<body>
<table width="600" align="center" cellpadding="4">
<tr>
<td width="7%">REGISTER AS A MEMBER HERE </td>
</tr>
</table>
<table width="600" align="center" cellpadding="5">
<form action="join_form.php" method="post" enctype="multipart/form-data">
<tr>
<td colspan="2"><font color="#FF0000"><?php echo "$errorMsg"; ?></font></td>
</tr>
<tr>
<td width="163"><div align="right">User Name:</div></td>
<td width="409"><input name="username" type="text" value="<?php echo "$username"; ?>" /></td>
</tr>
<tr>
<td><div align="right">Country:</div></td>
<td><select name="country">
<option value="<?php echo "$country"; ?>"><?php echo "$country"; ?></option>
<option value="Australia">Australia</option>
<option value="Canada">Canada</option>
<option value="Mexico">Mexico</option>
<option value="United Kingdom">United Kingdom</option>
<option value="United States">United States</option>
<option value="Zimbabwe">Zimbabwe</option>
</select></td>
</tr>
<tr>
<td><div align="right">State: </div></td>
<td><input name="state" type="text" value="<?php echo "$state"; ?>" /></td>
</tr>
<tr>
<td><div align="right">City: </div></td>
<td>
<input name="city" type="text" value="<?php echo "$city"; ?>" />
</td>
</tr>
<tr>
<td><div align="right">Account Type: </div></td>
<td><select name="accounttype">
<option value="<?php echo "$accounttype"; ?>"><?php echo "$accounttype"; ?></option>
<option value="a">Normal User</option>
<option value="b">Expert User</option>
<option value="c">Super User</option>
</select></td>
</tr>
<tr>
<td><div align="right">Email: </div></td>
<td><input name="email" type="text" value="<?php echo "$email"; ?>" /></td>
</tr>
<tr>
<td><div align="right"> Password: </div></td>
<td><input name="password" type="password" value="<?php echo "$password"; ?>" />
<font size="-2" color="#006600">(letters or numbers only, no spaces no symbols)</font></td>
</tr>
<tr>
</tr>
<tr>
<td><div align="right"></div></td>
<td><input type="submit" name="Submit" value="Submit Form" /></td>
</tr>
</form>
</table>
</body>
</html>

 

would really appreciate any input you guys can offer, thanks!

Edited February 22, 2013 by rayman

[AyKay47]

Have you output $_POST['email'] to the screen to verify its contents?

[rayman]

Have you output $_POST['email'] to the screen to verify its contents?

Im not sure sorry, I actually followed a youtube tutorial to help me with this, im a complete noob

 

how would I go about doing this?

Edited February 22, 2013 by rayman

[AyKay47]

after the if (isset($_POST['username'])){ line place these 2 lines:

 

echo $_POST['email'];
exit;

[rayman]

after the if (isset($_POST['username'])){ line place these 2 lines:

 

echo $_POST['email'];
exit;

Ok ive tried this and now when i submit the form, the email address that i entered just pops up on a white screen

[AyKay47]

Then I believe that mysql_real_escape_string($email) is returning false.

Debug your mysql connection.

[rayman]

How do I do that?

[AyKay47]

Sigh. Display the contents of connect_to_mysql.php

[Psycho]

STOP

 

1. Your script has many more problems aside from this issue. You really need to go back and rewrite it to improve efficiency. And stripping characters out of the password?! Ridiculous, you are only reducing the security of their password and creating a security hole.

 

2. You have a simple problem to debug. You've already verified that $_POST contains the value that you expect. The problem you have is that the check of if(!$email) is returning false. So, do a check at each step where that variable is created and changed. Then you will see EXACTLY where the problem lies

 

    echo "Email Post: {$_POST['email']}<br>\n";
   $email = stripslashes($_POST['email']);
   echo "Email after stripslashes: {$email}<br>\n";
   $email = strip_tags($email);
   echo "Email after striptags: {$email}<br>\n";
   $email = mysql_real_escape_string($email);
   echo "Email after mysql_real_escape_string: {$email}<br>\n";

[AyKay47]

Psyco, I believe that you are teaching the OP good debugging practices in your above post so my next comment can most likely be ignored. The reason I pointed the OP to the mysql_real_escape_string() call directly is because the other function calls will not return a boolean false value given the fact that $_POST['email'] is in fact a valid string.

Edited February 22, 2013 by AyKay47

[rayman]

Thanks for your replies guys, having just checked on my ftp ive found that my sql connect file wasnt even there, must have deleted it by accident or something, strange, i feel like an idiot now

 

although now that i have put that file in there, it is saying my table doesnt exist

 

 

<?php

$db_host = "localhost";

// Place the username for the MySQL database here

$db_username = "web17-manraj";

// Place the password for the MySQL database here

$db_pass = "mypassword";

// Place the name for the MySQL database here

$db_name = "web17-manraj";

 

mysql_connect("$db_host","$db_username","$db_pass") or die(mysql_error());

mysql_select_db("$db_name") or die("no database by that name");

?>

 

"Table 'web17-manraj.members' doesn't exist"

[rayman]

STOP

 

1. Your script has many more problems aside from this issue. You really need to go back and rewrite it to improve efficiency. And stripping characters out of the password?! Ridiculous, you are only reducing the security of their password and creating a security hole.

 

2. You have a simple problem to debug. You've already verified that $_POST contains the value that you expect. The problem you have is that the check of if(!$email) is returning false. So, do a check at each step where that variable is created and changed. Then you will see EXACTLY where the problem lies

 

 echo "Email Post: {$_POST['email']}<br>\n";
$email = stripslashes($_POST['email']);
echo "Email after stripslashes: {$email}<br>\n";
$email = strip_tags($email);
echo "Email after striptags: {$email}<br>\n";
$email = mysql_real_escape_string($email);
echo "Email after mysql_real_escape_string: {$email}<br>\n";

 

Thanks, I have to head out now so I will do this when I can and let you know how it goes

[AyKay47]

Thanks for your replies guys, having just checked on my ftp ive found that my sql connect file wasnt even there, must have deleted it by accident or something, strange, i feel like an idiot now

 

although now that i have put that file in there, it is saying my table doesnt exist

 

 

<?php

$db_host = "localhost";

// Place the username for the MySQL database here

$db_username = "web17-manraj";

// Place the password for the MySQL database here

$db_pass = "mypassword";

// Place the name for the MySQL database here

$db_name = "web17-manraj";

 

mysql_connect("$db_host","$db_username","$db_pass") or die(mysql_error());

mysql_select_db("$db_name") or die("no database by that name");

?>

 

"Table 'web17-manraj.members' doesn't exist"

 

So that you receive help quickly, that would most likely be the scope of a new thread.