Jump to content

Recommended Posts

Hi all and thank you for any help in advance :)

 

Right i will try and make this as clear as possible,but firstly i will mention i am just learning PHP and am no expert, i understand the basics
smile.gif
What i am trying to create is a basic matchmaking system, for a boxing club i go to, so what we have is a form with 3 fields age,weight and experience and login fields of firstname, lastname and password

I have created a sign up and login script using the "username" as a session, this all works fine, i have linked this to the matchmaking form with the session, the problem im having is, the data age,weight and experience is going into the table but not in the currently logged in users part with their login details, does anyone know where i am going wrong. Thanktou.

 

Login page

 

<?php

 
session_start();
 
$username = $_POST['username'];
$password = $_POST['password'];
 
if ($username&&$password)
{
        $connect = mysql_connect("localhost","root","","project") or die("Couldn't Connect!");
        mysql_select_db("project") or die("Couldn't Find DB!");
 
        $query = mysql_query("SELECT * FROM users WHERE username='".$username."'");
 
        $numrows = mysql_num_rows($query);
 
        if ($numrows!=0)
        {
               
                while ($row = mysql_fetch_assoc($query))
                {
                        $dbusername = $row['username'];
                        $dbpassword = $row['password'];
                }
 
                // check to see if they match!
                if ($username==$dbusername&&$password==$dbpassword)
                {
                        echo "Your're in! Click <a href='member.php'>here</a> to enter the member page.";
                        $_SESSION['username']=$dbusername;
                }
                else
                        echo "Incorrect password!";
 
        }
        else
                die("That user doesn't exist");
 
}
else
        die("Please enter and username and password!");
?>
 
members page
 
<?php
 
session_start();
 
if (isset($_SESSION['username']))
        echo "Welcome, ".$_SESSION['username']."!<br />Enter matchmaking<a href='useradd.php'>here</a></br> Alternatively logout<a href='logout.php'>here</a></br> ";
 
else
        die("You must be logged in!");
?>
 
user add form page
 
<?php
session_start();
if ( !isset ($_SESSION["username"]))
{
    echo "You're not logged in. Go away!";
}
else
{
    ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<head>
 
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Find a match</title>
<link rel="stylesheet" type="text/css" href="view.css" media="all">
<script type="text/javascript" src="view.js"></script>
 
</head>
<body id="main_body" >
<?php echo ($_SESSION["username"]); ?>
 
<div id="form_container">
 
<h1><a>Find a match</a></h1>
<form id="form_814832" class="appnitro"  method="post" action="mmaking.php">
<div class="form_description">
<h2>Matchmaking</h2>
<p>First we need your details</p>
</div>
<ul >
 
<li id="li_2" >
<label class="description" for="age">Your Age </label>
<div>
<input id="age" name="age" class="element text medium" type="number" maxlength="255" value="" placeholder="" required> 
</div> 
</li> <li id="li_3" >
<label class="description" for="weight">Weight </label>
<div>
<select class="element select medium" id="weight" name="weight" placeholder="" required>  
<option value="" selected="selected"></option>
<option value="1">Super Heavyweight</option>
<option value="2">Heavyweight</option>
<option value="3">Middleweight</option>
<option value="4">Welterweight</option>
<option value="5">Light Welterweight</option>
<option value="6">Lightweight</option>
<option value="7">Featherweight</option>
<option value="8">Bantamweight</option>
 
</select>
</div> 
</li> <li id="li_4" >
<label class="description" for="experience">Experience </label>
<div>
<select class="element select medium" id="experience" name="experience" placeholder="" required> 
<option value="" selected="selected"></option>
    <option value="below">less than one year</option>
<option value="beginner">1-3 years</option>
<option value="intermediate">3-6 years</option>
<option value="experienced">6 or more years</option>
 
</select>
</div> 
</li>
 
<li class="buttons">
   <input type="hidden" name="form_id" value="814832" />
   
<input id="saveForm" class="button_text" type="submit" name="submit" value="Submit" />
</li>
</ul>
</form>
<div id="footer">
 
</div>
</div>
 
</body>
</html>
   <?php
}
?>
 
user add script
 
<?php
session_start();
 
if (isset($_SESSION['username']))
 
$con=mysqli_connect("localhost","root","","project");
// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }
 
$sql="INSERT INTO users (age,weight,experience)
VALUES
('$_POST[age]','$_POST[weight]','$_POST[experience]')";
 
if (!mysqli_query($con,$sql))
  {
  die('Error: ' . mysqli_error($con));
  }
 
echo "Thank you! we have your details, you can now  <a href='form2.html'>return</a> to find a match";
 
mysqli_close($con);
?>
 
 

Again than kyou for any help in advance :)

 

Link to comment
https://forums.phpfreaks.com/topic/287173-php-matchmaking-system/
Share on other sites

This could use lots of improving.

 

You are inserting just the age,weight and experience into a database, but not including the username from the session

Consider adding another column to your table for username

ALTER TABLE users ADD username VARCHAR(30) FIRST;

You should be checking if the POST inputs are set and also that it's not empty with also correct data types you expect, then sanitize/filter before inserting anything into your database.

mysqli.real-escape-string() to sanitize data, for numbers...checking for numeric or ctype first will be fine for those.

if($_POST){
if (isset($_SESSION['username'])){
$username = mysqli_real_escape_string($con,$_SESSION['username']);
}else{
die("username failed");
}
 
if (isset($_POST['age']) && trim($_POST['age']) != '' && is_numeric($_POST['age'])){
$age = trim($_POST['age']);
}else{
die("age failed");
}
 
if (isset($_POST['weight']) && trim($_POST['weight']) != '' && ctype_digit($_POST['weight'])){
$weight = trim($_POST['weight']);
}else{
die("weight failed");
}
 
if (isset($_POST['experience']) && trim($_POST['experience']) != '' && is_numeric($_POST['experience'])){
$experience = trim($_POST['experience']);
}else{
die("experience failed");
}
 
 
}else{
die("Nothing was submitted");
}
 
 
$sql="INSERT INTO users (username,age,weight,experience)
VALUES
('$username','$age','$weight','$experience')";

Some javascript to check for empty forms, but still check server side

	
		
			
				<form id="form_814832" class="appnitro"  method="post" action="mmaking.php" onsubmit="if (document.getElementById('s').value.length < 1) return false;">
			
		
	

Just some suggestions, is other ways to do it as well.

I just noticed you use mysql to connect first, and for the second using mysqli, mysql is deprecated, use mysqli instead.

Edited by QuickOldCar

Hi and thanks for your reply, i did notice later i used both sql and sqli to use just sql(i know sql is deprecated but it is all i know at this time, i have been advised to look at PDO, so will soon :) ) so have changed this, i have created the extra table columns to include username and have created an extra script for updating user records and all of this is working fine, the next bit i am having trouble with is the actual matchmaking script, i dont think it is far off but it isnt working and as i say im a novice at the moment so learning all the time :)

 

Matchmaking script

 

<?php

session_start();
if ( !isset ($_SESSION["username"]))
{
    echo "You're not logged in. Go away!";
}
else
{
$age = $_POST["age"];
$weight = $_POST["weight"];
$experience = $_POST["experience"];
$user = $_SESSION["username"];
$conn=mysql_connect("localhost","root","","project");
mysql_select_db("project");
$result = mysql_query ("SELECT * FROM users WHERE weight BETWEEN $_SESSION['username'] +1 AND $_SESSION['username'] -1");
while($row = mysql_fetch_array($result))
 
  
  echo "<p>";
  echo " age -  $age  <br/> ";
  echo " weight -  $weight  <br/> ";
  echo " experience -  $experience  <br/> ";
  echo " username -  $user  <br/> ";
  echo "</p>";
}
mysql_close($conn);
?>
 
Thanks again for your help it is much appreciated :)
here is the error im getting..
 
Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE), expecting identifier (T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING) in C:\xampp\htdocs\matchmaking\findmatches2.phpon line 15
Edited by robisok

 

Hi and thanks for your reply, i did notice later i used both sql and sqli to use just sql(i know sql is deprecated but it is all i know at this time, i have been advised to look at PDO, so will soon :) ) so have changed this, i have created the extra table columns to include username and have created an extra script for updating user records and all of this is working fine, the next bit i am having trouble with is the actual matchmaking script, i dont think it is far off but it isnt working and as i say im a novice at the moment so learning all the time :)

 

Matchmaking script

 

<?php

session_start();
if ( !isset ($_SESSION["username"]))
{
    echo "You're not logged in. Go away!";
}
else
{
$age = $_POST["age"];
$weight = $_POST["weight"];
$experience = $_POST["experience"];
$user = $_SESSION["username"];
$conn=mysql_connect("localhost","root","","project");
mysql_select_db("project");
$result = mysql_query ("SELECT * FROM users WHERE weight BETWEEN $_SESSION['username'] +1 AND $_SESSION['username'] -1");
while($row = mysql_fetch_array($result))
{
  
  echo "<p>";
  echo " age -  $age  <br/> ";
  echo " weight -  $weight  <br/> ";
  echo " experience -  $experience  <br/> ";
  echo " username -  $user  <br/> ";
  echo "</p>";
}
}
mysql_close($conn);
?>
 
Thanks again for your help it is much appreciated :)
here is the error im getting..
 
Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\matchmaking\findmatches2.php on line 16
 
 

 

Edited by robisok

If you are looking to match their weight in the query, use $weight versus $_SESSION['username']

 

To display from the query results

 

echo "<p>";
  echo " age -  " . $row['age'] . "<br />";
  echo " weight -  " . $row['weight'] . "<br />";
  echo " experience -  " . $row['experience'] . "<br />";
  echo " username -  " . $row['user']  . "<br />"; //is the new column you created user?
  echo "</p>";
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.