PHP matchmaking system

robisok · March 22, 2014

Hi all and thank you for any help in advance

Right i will try and make this as clear as possible,but firstly i will mention i am just learning PHP and am no expert, i understand the basics

What i am trying to create is a basic matchmaking system, for a boxing club i go to, so what we have is a form with 3 fields age,weight and experience and login fields of firstname, lastname and password

I have created a sign up and login script using the "username" as a session, this all works fine, i have linked this to the matchmaking form with the session, the problem im having is, the data age,weight and experience is going into the table but not in the currently logged in users part with their login details, does anyone know where i am going wrong. Thanktou.

Login page

<?php

session_start();

$username = $_POST['username'];

$password = $_POST['password'];

if ($username&&$password)

{

$connect = mysql_connect("localhost","root","","project") or die("Couldn't Connect!");

mysql_select_db("project") or die("Couldn't Find DB!");

$query = mysql_query("SELECT * FROM users WHERE username='".$username."'");

$numrows = mysql_num_rows($query);

if ($numrows!=0)

{

while ($row = mysql_fetch_assoc($query))

{

$dbusername = $row['username'];

$dbpassword = $row['password'];

}

// check to see if they match!

if ($username==$dbusername&&$password==$dbpassword)

{

echo "Your're in! Click <a href='member.php'>here</a> to enter the member page.";

$_SESSION['username']=$dbusername;

}

else

echo "Incorrect password!";

}

else

die("That user doesn't exist");

}

else

die("Please enter and username and password!");

?>

members page

<?php

session_start();

if (isset($_SESSION['username']))

echo "Welcome, ".$_SESSION['username']."!<br />Enter matchmaking<a href='useradd.php'>here</a></br> Alternatively logout<a href='logout.php'>here</a></br> ";

else

die("You must be logged in!");

?>

user add form page

<?php

session_start();

if ( !isset ($_SESSION["username"]))

{

echo "You're not logged in. Go away!";

}

else

{

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<head>

<title>Find a match</title>

</head>

<?php echo ($_SESSION["username"]); ?>

<h1><a>Find a match</a></h1>

<h2>Matchmaking</h2>

<p>First we need your details</p>

</div>

<ul >

<div>

</div>

</li> <li id="li_3" >

<label class="description" for="weight">Weight </label>

<div>

<option value="1">Super Heavyweight</option>

<option value="2">Heavyweight</option>

<option value="3">Middleweight</option>

<option value="4">Welterweight</option>

<option value="5">Light Welterweight</option>

<option value="6">Lightweight</option>

<option value="7">Featherweight</option>

<option value="8">Bantamweight</option>

</select>

</div>

</li> <li id="li_4" >

<label class="description" for="experience">Experience </label>

<div>

<option value="beginner">1-3 years</option>

<option value="intermediate">3-6 years</option>

<option value="experienced">6 or more years</option>

</select>

</div>

</li>

</li>

</ul>

</form>

</div>

</body>

</html>

<?php

}

?>

user add script

<?php

session_start();

if (isset($_SESSION['username']))

$con=mysqli_connect("localhost","root","","project");

// Check connection

if (mysqli_connect_errno())

{

echo "Failed to connect to MySQL: " . mysqli_connect_error();

}

$sql="INSERT INTO users (age,weight,experience)

VALUES

('$_POST[age]','$_POST[weight]','$_POST[experience]')";

if (!mysqli_query($con,$sql))

{

die('Error: ' . mysqli_error($con));

}

echo "Thank you! we have your details, you can now <a href='form2.html'>return</a> to find a match";

mysqli_close($con);

?>

Again than kyou for any help in advance

QuickOldCar · March 23, 2014

This could use lots of improving.

You are inserting just the age,weight and experience into a database, but not including the username from the session

Consider adding another column to your table for username

ALTER TABLE users ADD username VARCHAR(30) FIRST;

You should be checking if the POST inputs are set and also that it's not empty with also correct data types you expect, then sanitize/filter before inserting anything into your database.

mysqli.real-escape-string() to sanitize data, for numbers...checking for numeric or ctype first will be fine for those.

if($_POST){
if (isset($_SESSION['username'])){
$username = mysqli_real_escape_string($con,$_SESSION['username']);
}else{
die("username failed");
}
 
if (isset($_POST['age']) && trim($_POST['age']) != '' && is_numeric($_POST['age'])){
$age = trim($_POST['age']);
}else{
die("age failed");
}
 
if (isset($_POST['weight']) && trim($_POST['weight']) != '' && ctype_digit($_POST['weight'])){
$weight = trim($_POST['weight']);
}else{
die("weight failed");
}
 
if (isset($_POST['experience']) && trim($_POST['experience']) != '' && is_numeric($_POST['experience'])){
$experience = trim($_POST['experience']);
}else{
die("experience failed");
}
 
 
}else{
die("Nothing was submitted");
}

$sql="INSERT INTO users (username,age,weight,experience)
VALUES
('$username','$age','$weight','$experience')";

Some javascript to check for empty forms, but still check server side

	
		
			
				<form id="form_814832" class="appnitro"  method="post" action="mmaking.php" onsubmit="if (document.getElementById('s').value.length < 1) return false;">

Just some suggestions, is other ways to do it as well.

I just noticed you use mysql to connect first, and for the second using mysqli, mysql is deprecated, use mysqli instead.

Edited March 23, 2014 by QuickOldCar

robisok · March 23, 2014

Hi and thanks for your reply, i did notice later i used both sql and sqli to use just sql(i know sql is deprecated but it is all i know at this time, i have been advised to look at PDO, so will soon ) so have changed this, i have created the extra table columns to include username and have created an extra script for updating user records and all of this is working fine, the next bit i am having trouble with is the actual matchmaking script, i dont think it is far off but it isnt working and as i say im a novice at the moment so learning all the time

Matchmaking script

<?php

session_start();

if ( !isset ($_SESSION["username"]))

{

echo "You're not logged in. Go away!";

}

else

{

$age = $_POST["age"];

$weight = $_POST["weight"];

$experience = $_POST["experience"];

$user = $_SESSION["username"];

$conn=mysql_connect("localhost","root","","project");

mysql_select_db("project");

$result = mysql_query ("SELECT * FROM users WHERE weight BETWEEN $_SESSION['username'] +1 AND $_SESSION['username'] -1");

while($row = mysql_fetch_array($result))

echo "<p>";

echo " age - $age <br/> ";

echo " weight - $weight <br/> ";

echo " experience - $experience <br/> ";

echo " username - $user <br/> ";

echo "</p>";

}

mysql_close($conn);

?>

Thanks again for your help it is much appreciated

here is the error im getting..

Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE), expecting identifier (T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING) in C:\xampp\htdocs\matchmaking\findmatches2.phpon line 15

Edited March 23, 2014 by robisok

robisok · March 23, 2014

Hi and thanks for your reply, i did notice later i used both sql and sqli to use just sql(i know sql is deprecated but it is all i know at this time, i have been advised to look at PDO, so will soon ) so have changed this, i have created the extra table columns to include username and have created an extra script for updating user records and all of this is working fine, the next bit i am having trouble with is the actual matchmaking script, i dont think it is far off but it isnt working and as i say im a novice at the moment so learning all the time

Matchmaking script

<?php

session_start();

if ( !isset ($_SESSION["username"]))

{

echo "You're not logged in. Go away!";

}

else

{

$age = $_POST["age"];

$weight = $_POST["weight"];

$experience = $_POST["experience"];

$user = $_SESSION["username"];

$conn=mysql_connect("localhost","root","","project");

mysql_select_db("project");

$result = mysql_query ("SELECT * FROM users WHERE weight BETWEEN $_SESSION['username'] +1 AND $_SESSION['username'] -1");

while($row = mysql_fetch_array($result))

{

echo "<p>";

echo " age - $age <br/> ";

echo " weight - $weight <br/> ";

echo " experience - $experience <br/> ";

echo " username - $user <br/> ";

echo "</p>";

}

}

mysql_close($conn);

?>

Thanks again for your help it is much appreciated

here is the error im getting..

Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\matchmaking\findmatches2.php on line 16

Edited March 23, 2014 by robisok

QuickOldCar · March 23, 2014

If you are looking to match their weight in the query, use $weight versus $_SESSION['username']

To display from the query results

echo "<p>";
  echo " age -  " . $row['age'] . "<br />";
  echo " weight -  " . $row['weight'] . "<br />";
  echo " experience -  " . $row['experience'] . "<br />";
  echo " username -  " . $row['user']  . "<br />"; //is the new column you created user?
  echo "</p>";

Sign In

PHP matchmaking system

Recommended Posts

robisok

Link to comment

Share on other sites

QuickOldCar

Link to comment

Share on other sites

robisok

Link to comment

Share on other sites

robisok

Link to comment

Share on other sites

QuickOldCar

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Important Information