cjdev Posted December 5, 2013 Share Posted December 5, 2013 (edited) So I am unsure if it's my server but the same method worked on the other project I did. Can someone please help me find out why it's not working. I think I am missing something. After using mysql_real_escape_string it erases all the values. Thanks. P.S. I already know I need a better encryption method if you see the way i am doing it. It's just for now. <?PHP if(!isset($_SESSION['user'])) { session_start(); } else { header('Location: index.php'); } //Register User if(!empty($_REQUEST['txtusername'])) { //Make All Varibles Safe $fname = mysql_real_escape_string($_REQUEST['fname']); $lname = mysql_real_escape_string($_REQUEST['lname']); $username = mysql_real_escape_string($_REQUEST['txtusername']); $password = mysql_real_escape_string($_REQUEST['password']); $r_password = mysql_real_escape_string($_REQUEST['repeat_password']); $email = mysql_real_escape_string($_REQUEST['email']); $recq = mysql_real_escape_string($_REQUEST['recovery_q']); $reca = mysql_real_escape_string($_REQUEST['recovery_a']); $s_password = base64_encode(md5(md5($password))); if(empty($fname)) { header('Location: signup.php?error=5x0011&var=fname&fname='.$fname.''); } elseif(empty($lname)) { header('Location: signup.php?error=5x0011&var=lname'); } elseif(empty($username)) { header('Location: signup.php?error=5x0011&var=user'); } elseif(empty($password)) { header('Location: signup.php?error=5x0011&var=pass'); } elseif(empty($r_password)) { header('Location: signup.php?error=5x0011&var=rpass'); } elseif(empty($email)) { header('Location: signup.php?error=5x0011&var=email'); } elseif(empty($recq)) { header('Location: signup.php?error=5x0011&var=recq'); } elseif(empty($reca)) { header('Location: signup.php?error=5x0011&var=reca'); } $rtime = date("Y-m-d H:i:s"); if('1' == '1') { if($password == $r_password) { include("includes/db.php"); $cur_q = mysql_query("SELECT * FROM sharics.users WHERE username = '$username'") or die('Line 65 - Sign Up '.mysql_error().''); if((mysql_num_rows($cur_q) == '0')) { function check_secure($pass) { return true; } if((check_secure($password)) == 'true') { $ip = $_SERVER['REMOTE_ADDR']; mysql_select_db('sharics', $con) or die('NO DB SELECTED'); $insert = mysql_query('INSERT INTO `users` (`first_name`, `last_name`, `email`, `username`, `password`, `recovery_question`, `recovery_answer`, `ip`, `registration_time`) VALUES ('.$fname.', '.$lname.', '.$email.', '.$username.', '.$s_password.', '.$recq.', '.$reca.', '.$ip.', '.$rtime.')') or die('MySQL Error: <b>'.mysql_error().'</b><br />'); $_SESSION['user'] = $username; header('Location: index.php?status=8x0001'); } else { //Password insecure header('Location: signup.php?error=5x0010'); } } else { //Username or account with enetered email already exsits header('location: signup.php?error=5x0009&nr='.mysql_num_rows($cur_q).'&email='.$_REQUEST["email"].'&email_c='.$cur_q["email"].''); } } else { //Passwords do not match header('location: signup.php?error=5x0006'); } } } ?> <!DOCTYPE html> <meta http-equiv="content-type" content="text/html;charset=UTF-8" /> <head> <meta charset="utf-8" /> <title>***** - Login or Signup</title> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /> <meta content="" name="description" /> <meta content="" name="author" /> <!-- BEGIN CORE CSS FRAMEWORK --> <link href="assets/plugins/pace/pace-theme-flash.css" rel="stylesheet" type="text/css" media="screen"/> <link href="assets/plugins/boostrapv3/css/bootstrap.min.css" rel="stylesheet" type="text/css"/> <link href="assets/plugins/boostrapv3/css/bootstrap-theme.min.css" rel="stylesheet" type="text/css"/> <link href="assets/plugins/font-awesome/css/font-awesome.css" rel="stylesheet" type="text/css"/> <link href="assets/css/animate.min.css" rel="stylesheet" type="text/css"/> <!-- END CORE CSS FRAMEWORK --> <!-- BEGIN CSS TEMPLATE --> <link href="assets/css/style.css" rel="stylesheet" type="text/css"/> <link href="assets/css/responsive.css" rel="stylesheet" type="text/css"/> <link href="assets/css/custom-icon-set.css" rel="stylesheet" type="text/css"/> <!-- END CSS TEMPLATE --> </head> <!-- END HEAD --> <!-- BEGIN BODY --> <body class="error-body no-top"> <div class="container"> <div class="row login-container column-seperation"> <div class="col-md-5 col-md-offset-1"> <h2>Sign Up for My Project Name</h2> <p>Use Facebook, Twitter or your email to sign in.<br> Have an Account? <a href="login.php">Login Here</a></p> <br> <button class="btn btn-block btn-info col-md-8" type="button"> <div class="pull-left"><i class="icon-facebook"></i></div> <span class="bold">Login with Facebook</span> </button> <button class="btn btn-block btn-success col-md-8" type="button"> <div class="pull-left"><i class="icon-twitter"></i></div> <span class="bold">Login with Twitter</span> </button> </div> <div class="col-md-5 "> <br> <form name="sign-up" class="login-form" action="signup.php" method="post"> <div class="row"> <div class="form-group col-md-10"> <label class="form-label">First Name</label> <span class="help">Your First Name</span> <div class="controls"> <input id="fname" value="<?PHP echo $_REQUEST['fname']; ?>" name="fname" type="text" class="form-control"> </div> </div> </div> <div class="row"> <div class="form-group col-md-10"> <label class="form-label">Last Name</label> <span class="help">Your Last Name</span> <div class="controls"> <input id="lname" value="<?PHP echo $_REQUEST['lname']; ?>" name="lname" type="text" class="form-control"> </div> </div> </div> <div class="row"> <div class="form-group col-md-10"> <label class="form-label">Username</label> <div class="controls"> <div class="input-with-icon right"> <i class=""></i> <input value="<?PHP echo $_REQUEST['txtusername']; ?>" type="text" name="txtusername" id="txtusername" class="form-control"> </div> </div> </div> </div> <div class="row"> <div class="form-group col-md-10"> <label class="form-label">Password</label> <span class="help"></span> <div class="controls"> <div class="input-with-icon right"> <i class=""></i> <input type="password" name="txtpassword" id="txtpassword" class="form-control"> </div> </div> </div> </div> <div class="row"> <div class="form-group col-md-10"> <label class="form-label">Repeat Password</label> <span class="help"></span> <div class="controls"> <input type="password" id="repeat_password" name="repeat_password" class="form-control"> </div> </div> </div> <div class="row"> <div class="form-group col-md-10"> <label class="form-label">Email</label> <span class="help">e.g. "sample@sample.com"</span> <div class="controls"> <input id="email" value="<?PHP echo $_REQUEST['email']; ?>" name="email" type="text" class="form-control"> </div> </div> </div> <div class="row"> <div class="form-group col-md-10"> <label class="form-label">Recovery Question</label> <span class="help">A question to answer that only you would know.</span> <div class="controls"> <input id="recovery_q" value="<?PHP echo $_REQUEST['recovery_question']; ?>" name="recovery_q" type="text" class="form-control"> </div> </div> </div> <div class="row"> <div class="form-group col-md-10"> <label class="form-label">Recovery Answer</label> <span class="help">The answer to your recovery question.</span> <div class="controls"> <input id="recovery_a" value="<?PHP echo $_REQUEST['recovery_answer']; ?>" name="recovery_a" type="text" class="form-control"> </div> </div> </div> <div class="row"> <div class="col-md-10"> <input class="btn btn-primary btn-cons pull-right" type="submit" value="Sign Up"/> </div> </div> </form> </div> </div> <br /> <br /> <br /> </div> <!-- END CONTAINER --> <!-- BEGIN CORE JS FRAMEWORK--> <script src="assets/plugins/jquery-1.8.3.min.js" type="text/javascript"></script> <script src="assets/plugins/bootstrap/js/bootstrap.min.js" type="text/javascript"></script> <script src="assets/plugins/pace/pace.min.js" type="text/javascript"></script> <script src="assets/plugins/jquery-validation/js/jquery.validate.min.js" type="text/javascript"></script> <script src="assets/js/login.js" type="text/javascript"></script> <!-- BEGIN CORE TEMPLATE JS --> <!-- END CORE TEMPLATE JS --> </body> </html> Edited December 5, 2013 by cjdev Quote Link to comment Share on other sites More sharing options...
requinix Posted December 6, 2013 Share Posted December 6, 2013 So are you saying that it does insert something but they're all blank values? And that you are not getting a "MySQL Error" every time you try? Quote Link to comment Share on other sites More sharing options...
cjdev Posted December 6, 2013 Author Share Posted December 6, 2013 So are you saying that it does insert something but they're all blank values? And that you are not getting a "MySQL Error" every time you try? I haven't had an issue with mysql. What happens is $fname = mysql_real_escape_string($_REQUEST['fname']); won't have a value. $fname will equal nothing. But if I use $_REQUEST['fname']; a value will be present. If I could, I would have revised the title of this post. Quote Link to comment Share on other sites More sharing options...
Solution cjdev Posted December 6, 2013 Author Solution Share Posted December 6, 2013 I used mysql_escape_string instead of mysql_real_escape_string and it worked. Quote Link to comment Share on other sites More sharing options...
requinix Posted December 6, 2013 Share Posted December 6, 2013 Ah. No, keep using mysql_real_escape_string(), but you have to connect to the database before you can use it. So move that include("includes/db.php");up higher in the script. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.