registration script

[chriscloyd]

let just set one thing here now they way i code things is the way i like so please dont judge saying this is bad and stuff but here goes
i get the error from my code the key you entered was not the key shown
and heres my form code and my proccess script

form code
[code]<?php
echo '<form name="form2" method="post" action="register.php">
      <div align="center">
        <br>
        <table width="400" border="0" cellspacing="3" cellpadding="0">
              <tr>
                <td width="148"><div align="right">First Name :</div></td>
                <td width="252"><label>
                  <input name="first" type="text" id="first">
                </label></td>
              </tr>
              <tr>
                <td><div align="right">Last Name :</div></td>
                <td><input name="last" type="text" id="last"></td>
              </tr>
              <tr>
                <td><div align="right">Email Address :</div></td>
                <td><input name="email" type="text" id="email"></td>
              </tr>
              <tr>
                <td><div align="right">Confirm Email Address : </div></td>
                <td><input name="email2" type="text" id="email2"></td>
              </tr>
              <tr>
                <td><div align="right">Password :</div></td>
                <td><input name="password" type="text" id="password"></td>
              </tr>
              <tr>
                <td><div align="right">Confirm Password :</div></td>
                <td><input name="password2" type="text" id="password2"></td>
              </tr>
              <tr>
                <td><div align="right">Leaders Name :</div></td>
                <td><input name="emperorname" type="text" id="emperorname"></td>
              </tr>
              <tr>
                <td><div align="right">City Name :</div></td>
                <td><input name="cityname" type="text" id="cityname"></td>
              </tr>
              <tr>
                <td><div align="right">Security Code :<br>
                    <span class="style3">Enter The Code Thats Below </span></div></td>
                <td><label>
                  <input name="key" type="text" id="key">
                </label></td>
              </tr>
              <tr>
                <td><div align="right">
                  <input name="keyc" type="hidden" id="keyc" value="'.$key.'">
                </div></td>
                <td><span class="style4">';
                  $RandomStr = md5(microtime());
$key = substr($RandomStr,0,5);
                  echo '<label>
                  <input name="key3" type="text" id="key3" disabled value="'.$key.'">
                  </label>
                </span></td>
              </tr>
          <tr>
            <td><div align="right">Your IP :</div></td>
            <td>';
$ip = $_SERVER['REMOTE_ADDR'];
echo $ip;
echo '<input name="ip" type="hidden" id="ip" value="<?php echo $ip; ?>" /></td>
              </tr>
          <tr>
            <td>&nbsp;</td>
            <td><label>
              <input type="submit" name="register" value="Register" />
              <input type="reset" name="Submit3" value="Reset" />
            </label></td>
              </tr>
                      </table>
          </div>
    </form>';
?>[/code]

prcess script
[code]<?php
session_start();
include("db.php");
if (isset($_POST['register'])){
$first = $_POST['first'];
$last = $_POST['last'];
$email = $_POST['email'];
$email2 = $_POST['email2'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
$emperorname = $_POST['emperorname'];
$cityname = $_POST['cityname'];
$key = $_POST['key'];
$key2 = $_POST['keyc'];
$ip = $_POST['ip'];
if(!$first){
$error = 'yes';
$reason1 = '-You did not supply a first name.<br />';
$_SESSION['error'] = 'yes';
$_SESSION['reason1'] = $reason1;
}
if(!$last){
$error = 'yes';
$reason2 = '-You did not supply a last name.<br />';
$_SESSION['error'] = 'yes';
$_SESSION['reason2'] = $reason2;
}
if(!$email){
$error = 'yes';
$reason3 = '-You did not supply a email address.<br />';
$_SESSION['error'] = 'yes';
$_SESSION['reason3'] = $reason3;
} elseif (!$email2) {
$error = 'yes';
$reason4 = '-You did not supply a confirmation email address.<br />';
$_SESSION['error'] = 'yes';
$_SESSION['reason4'] = $reason4;
} else {
if($email == $email2){
if(!ereg("[0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-z]", $email)){
$error_msg.="Please enter a valid email address<br>";
$error = 'yes';
$reason5 = '-You did not supply a valid email address.<br />';
$_SESSION['error'] = 'yes';
$_SESSION['reason5'] = $reason5;
}
$error = 'no';
} else {
$error = 'yes';
$reason5 = "-Your email address's were not the same.<br />";
$_SESSION['error'] = 'yes';
$_SESSION['reason5'] = $reason5;
}
}
if(!$password){
$error = 'yes';
$reason6 = '-You did not supply a password.<br />';
$_SESSION['error'] = 'yes';
$_SESSION['reason6'] = $reason6;
} elseif (!$password2) {
$error = 'yes';
$reason7 = '-You did not supply a confirmation password.<br />';
$_SESSION['error'] = 'yes';
$_SESSION['reason7'] = $reason7;
} else {
if($password == $password2){
$password = md5($password);
} else {
$error = 'yes';
$reason7 = '-Your passwords did not match.<br />';
$_SESSION['error'] = 'yes';
$_SESSION['reason7'] = $reason7;
}
}
if (!$emperorname){
$error = 'yes';
$reason8 = '-You did not enter a Leaders name.<br />';
$_SESSION['error'] = 'yes';
$_SESSION['reason8'] = $reason8;
}
if (!$cityname){
$error = 'yes';
$reason9 = '-You did not enter a City name<br />';
$_SESSION['error'] = 'yes';
$_SESSION['reason9'] = $reason9;
}
if (!$key){
$error = 'yes';
$reason10 = '-You must enter a security key<br />';
$_SESSION['error'] = 'yes';
$_SESSION['reason10'] = $reason10;
} else {
if ($key == $key2){
$error = 'no';
} else {
$error = 'yes';
$reason11 = '-The security key you entered was not the same shown<br />';
$_SESSION['error'] = 'yes';
$_SESSION['reason11'] = $reason11;
}
}
if ($error == 'yes'){
header("Location: index.php?page=sorry");
} else {
$create_account = "INSERT INTO users (`emperorname`,`cityname`,`first`,`last`,`email`,`password`,`ip`) VALUES ('$emperorname','$cityname','$first','$last','$email','$password','$ip')";
$create = mysql_query($create_account) or die (mysql_error());
}
if ($create){
header("Location: game.php");
} else {
$reasonwhy = '-Registration error please try later';
$_SESSION['reason'] = $reasonwhy;
header("Location: index.php?page=sorry");
}
}
?>[/code]

[trq]

Where do you define the $key variable in your form script?

[chriscloyd]

in which in the form or the process one?

[bljepp69]

You have:
[code]
              <td><div align="right">Security Code :<br>
                    <span class="style3">Enter The Code Thats Below </span></div></td>
                <td><label>
                  <input name="key" type="text" id="key">
                </label></td>
              </tr>
              <tr>
                <td><div align="right">
                  <input name="keyc" type="hidden" id="keyc" value="'.$key.'">
                </div></td>
                <td><span class="style4">';
                  $RandomStr = md5(microtime());
$key = substr($RandomStr,0,5);
                  echo '<label>
                  <input name="key3" type="text" id="key3" disabled value="'.$key.'">
                  </label>
                </span></td>
              </tr>
[/code]
which defines a hidden input field named 'keyc' but the variable, $key, hasn't been defined yet.  That comes a few lines later.  When you process the script in the second code you show, the value for $_POST['keyc'] will be nothing.  Define $key earlier in your code.

Do a View -> Source on your HTML form to make sure the hidden value 'keyc' is filled in.