Jump to content

userName and password will not save to table


The_Thorn
Go to solution Solved by kierany5,

Recommended Posts

I have a strange problem which I just cannot figure out.

 

Some background before the question: I hired a programmer to build a feature for my site last year. I fear she tamperd with the code in ways she should not have and now it is not working correctly like it used to.

 

PROBLEM: When a user completes a form and submits it, all fields are saved to my DB/table except for the userName and password fields. I have scoured the code for two days now and cannot figure out why this is happening, or rather, not happening.

 

Thank you in advance for any hint or push in the correct direction regarding this specific issue! ;D

 

Here is the code: (Please see start of issue at line 153)

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>
  	<title>Sliding Login Panel with jQuery 1.3.2</title>
  	<meta name="description" content="Demo of a Sliding Login Panel using jQuery 1.3.2" />
  	<meta name="keywords" content="jquery, sliding, toggle, slideUp, slideDown, login, login form, register" />
	<meta http-equiv="content-type" content="text/html; charset=utf-8" />	

	<!-- stylesheets -->
  	<link rel="stylesheet" href="css/style.css" type="text/css" media="screen" />
  	<link rel="stylesheet" href="css/slide.css" type="text/css" media="screen" />
	
  	<!-- PNG FIX for IE6 -->
  	<!-- http://24ways.org/2007/supersleight-transparent-png-in-ie6 -->
	<!--[if lte IE 6]>
		<script type="text/javascript" src="js/pngfix/supersleight-min.js"></script>
	<![endif]-->
	 
    <!-- jQuery Slide -->
	<script src="http://code.jquery.com/jquery-latest.js"></script>
	<!-- Sliding effect -->
	<script src="js/slide.js" type="text/javascript"></script>
	<script>
      function validateEmail(email) { 
        var re = /^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
        return re.test(email);
      } 

      $(document).ready(function() {
        $('.error_message').hide();
		$('#first_val').val(Math.floor(Math.random()*11));
		$('#second_val').val(Math.floor(Math.random()*11));
		$('#loadingGif').hide();
		
      $('.bt_register').click(function(e){
	    $('#loadingGif').show();
		
        e.preventDefault();
        $('.error_message').hide();
		$('#email_error').html("Please enter a valid email.");
		$('#user_error').html('Required');
		
        error=false;

        if ($('#user').val().length<1) {
          error=true;
          $('#user_error').show();
         }
         if ($('#email').val().length<1 || !validateEmail($('#email').val())) {
          error=true;
          $('#email_error').show();
         }
         if ($('#pass').val().length< {
          error=true;
          $('#pass_error').show();
         }
         if ($('#city').val().length<1) {
          error=true;
          $('#city_error').show();
         }
         if ($('#pass').val() != $('#confirmpass').val()) {
            error=true;
            $('#confirmpass_error').show();

          }
          
          var disallowed_characters=/www|http|@|com|\./;

          if (disallowed_characters.test($('#city').val())) {
            error=true;
            $('#city_error').show();
          }
          if (disallowed_characters.test($('#company').val())) {
            error=true;
            $('#company_error').show();
          }
		  
		  $.getJSON('ajax.php?username='+$('#user').val(), function(data) {
			if (data.error) {
				error=true;
				alert('An error has occured');
			} else {
				if (!data.isUnique) {
					error=true;
					$('#user_error').html('This username is already taken.');
					 $('#user_error').show();
				}
			}
		 
		  
		  $.getJSON('ajax.php?email='+$('#email').val(), function(data) {
			if (data.error) {
				error=true;
				alert('An error has occured');
			} else {
				if (!data.isUnique) {
					error=true;
					$('#email_error').html('This email is already being used.');
					 $('#email_error').show();
				}
			}
		  

			   if ($('#equals_val').val() != (parseInt($('#first_val').val()) + parseInt($('#second_val').val()))) {
					error=true;
					$('#captcha_error').show();
				}	   
          
			  if (!error) { 
				console.log('submit');
				$('#member-signup').submit();
				
			  }
			  $('#loadingGif').hide();
			  });
		  });
      })
    })
  </script>

	<!--Favicon-->
	<link rel="icon" href="favicon.ico" type="image/x-icon"/>
        <link rel="shortcut icon" href="favicon.ico" type="image/x-icon"/>	

<!--Country Dropdown-->

<!-- <msdropdown> -->
<link rel="stylesheet" type="text/css" href="css/msdropdown/dd.css" />
<script src="js/msdropdown/jquery.dd.min.js"></script>
<!-- </msdropdown> -->
<link rel="stylesheet" type="text/css" href="css/msdropdown/flags.css" />
<style>
.error_message {
  color: #cf1717; 
  font: Arial; 
  font-size: 14px; 
  display:block;
}
#panel {
	height: auto;
}
</style>


</head>

<body>
<?php
 
define('DB_HOST','localhost');
define('DB_NAME','******');
define('DB_USER','******');
define('DB_PASSWORD','******');
 
$con=mysql_connect(DB_HOST,DB_USER,DB_PASSWORD) or die("Failed to connect to MySQL:" . mysql_error());
$db=mysql_select_db(DB_NAME,$con) or die("Failed to connect to MySQL:" . mysql_error());
 
 
function NewUser()
{  
    $userName = $_POST['userName'];
    $email = $_POST['email'];
    $password =  $_POST['password'];
    $countries = $_POST['countries'];
    $city =  $_POST['city'];
    $company = $_POST ['company'];
    $state = $_POST ['state'];//Added 11/3/2014
  
	$query = "INSERT INTO Table4 (userName,email,password,countries,city,company,state) VALUES ('$userName','$email','$password','$countries', '$city','$company','$state')";
    $data = mysql_query ($query)or die(mysql_error());
    if($data)
    {
    echo $state
	//echo "YOUR REGISTRATION IS COMPLETED...";
    }
}
  
function SignUp()
{
	if(!empty($_POST['userName']))   //checking the 'user' name which is from Sign-Up.html, is it empty or have some text
	{
		if ($_POST['equals_val'] != ($_POST['first_val'] + $_POST['second_val'])) {
			echo "CAPTCHA IS NOT CORRECT";
		} else {
			$query = mysql_query("SELECT * FROM WebsiteUsers WHERE userName = '$_POST[user]' AND pass = '$_POST[pass]'") or die(mysql_error());
		 
			if(!$row = mysql_fetch_array($query) or die(mysql_error()))
			{
				NewUser();
			}
			else
			{
				echo "SORRY...YOU ARE ALREADY REGISTERED USER...";
			}
		}
	}
}
if(isset($_POST['submit']))
{
    SignUp();
}
if (isset($_POST['type'])) {
	if ($_POST['type'] == "login") 
		
}
?>

<!-- Panel -->
<div id="toppanel">
	<div id="panel">
		<div class="content clearfix">
			<div class="left">
				<h1>Welcome to RedLineDown</h1><div style="color:#FFFFFF;">RedLineDown</div>
						
				<p class="grey">###</p>
				
			</div>
			<div class="left">
				<!-- Login Form -->
				<form class="clearfix" action="#" method="post">
					<h1>Member Login</h1>
					<input type="hidden" name="type" value="login" />
					
					<label class="white" for="log">Username:</label>
					<input class="field" type="text" name="log" id="log" value="" size="23" />
					
					<label class="white" for="pwd">Password:</label>
					<input class="field" type="password" name="pwd" id="pwd" value="" size="23" />
	            	
        			<div class="clear"></div>
				<input type="submit" name="submit-form" value="Login" class="bt_login" />	
				</form>
			</div>
			<div class="left right">			
				<!-- Register Form -->
				<form method="POST"  id="member-signup" action="dbConnect.php">
					<h1>Not a member yet? Sign Up!</h1>
					<input type="hidden" name="type" value="signup" />
					<!-- Username Field -->				
					<label type="grey" for="signup">Username:</label>
					<input type="field" type="text" name="user" id="user" value="" size="23")/><span class='error_message' id='user_error'>Required</span>
					
					<!-- Email Field(s) -->	
					<label type="grey" for="email">Email:</label>
					<input type="field" type="text" name="email" id="email" size="23" /><span class='error_message' id='email_error'>Please enter a valid email.</span>
					
					<!-- Password Field -->
					<label type="grey" for="email">Password:</label>
					<input type="password" name="pass" id="pass" size="23" /><span class='error_message' id='pass_error'>Password must be at least 8 characters long.</span>
			

          <!-- Password Field -->
          <label type="grey" for="email">Confirm Password:</label>
          <input type="password" name="confirmpass" id="confirmpass" size="23" /><span class='error_message' id='confirmpass_error'>Passwords do not match.</span>

//Insert countries here (Dropdown)


                                        <!-- City Field -->	
					<label type="grey" for="email">City:</label>
					<input type="field" type="text" name="city" id="city" size="23" />
					
          <select name="state" id="state"> 
<option value="AK">AK</option>
<option value="AL">AL</option>
<option value="AR">AR</option>
<option value="AZ">AZ</option>
<option value="CA">CA</option>
<option value="CO">CO</option>
<option value="CT">CT</option>
<option value="DC">DC</option>
<option value="DE">DE</option>
<option value="FL">FL</option>
<option value="GA">GA</option>
<option value="HI">HI</option>
<option value="IA">IA</option>
<option value="ID">ID</option>
<option value="IL">IL</option>
<option value="IN">IN</option>
<option value="KS">KS</option>
<option value="KY">KY</option>
<option value="LA">LA</option>
<option value="MA">MA</option>
<option value="MD">MD</option>
<option value="ME">ME</option>
<option value="MI">MI</option>
<option value="MN">MN</option>
<option value="MO">MO</option>
<option value="MS">MS</option>
<option value="MT">MT</option>
<option value="NC">NC</option>
<option value="ND">ND</option>
<option value="NE">NE</option>
<option value="NH">NH</option>
<option value="NJ">NJ</option>
<option value="NM">NM</option>
<option value="NV">NV</option>
<option value="NY">NY</option>
<option value="OH">OH</option>
<option value="OK">OK</option>
<option value="OR">OR</option>
<option value="PA">PA</option>
<option value="RI">RI</option>
<option value="SC">SC</option>
<option value="SD">SD</option>
<option value="TN">TN</option>
<option value="TX">TX</option>
<option value="UT">UT</option>
<option value="VA">VA</option>
<option value="VT">VT</option>
<option value="WA">WA</option>
<option value="WI">WI</option>
<option value="WV">WV</option>
<option value="WY">WY</option>
</select>
				
					<span class='error_message' id='city_error'>Please enter a valid city.</span>
					<!-- Company Field -->
					<label class="white" for="email">Company:</label>
					<input class="field" type="text" name="company" id="company" size="23" />
					<span class='error_message' id='company_error'>Please enter a valid company name.</span>
					<label class="white" for="captcha">Are you human:</label><br>
					<input class="field" type="text" name="first_val" id="first_val" style="width: 30px;" size="3" disabled/> +  
					<input class="field" type="text" name="second_val" id="second_val" style="width: 30px;" size="3" disabled/> =  
					<input class="field" type="text" name="equals_val" id="equals_val" style="width: 30px;" size="3" /><br>
					<span class='error_message' id='captcha_error'>Captcha is not correct.</span>
					<input type="submit" name="submit-form2" value="Register" class="bt_register" />
					<img src="loading.gif" id="loadingGif">	
<!-- Captcha -->
					
				
					
				</form>
			
			</div>
		</div>
</div> <!-- /login -->	

	<!-- The tab on top -->	
	<div class="tab">
		<ul class="login">
			<li class="left"> </li>
			<li>Hello Guest!</li>
			<li class="sep">|</li>
			<li id="toggle">
				<a id="open" class="open" href="#">Log In | Register</a>
				<a id="close" style="display: none;" class="close" href="#">Close Panel</a>			
			</li>
			<li class="right"> </li>
		</ul> 
	</div> <!-- / top -->
	
</div> <!--panel -->

    <div id="container">
		<div id="content" style="padding-top:100px;">
			
		</div><!-- / content -->		
	</div><!-- / container -->
</body>
</html>
Edited by The_Thorn
Link to comment
Share on other sites

  • Solution

Hi,

 

Your form names are different. 

 

Line 228/244 should be:

<input class="field" type="text" name="userName" id="userName" value="" size="23" />

 

Line 231/252 should be:

<input class="field" type="text" name="password" id="password" value="" size="23" />

 

Warning: You are susceptible to an SQL Injection - which is very, very bad

You MUST Validate and escape user inputs.  E.g. $userName = mysql_real_escape_string($_POST['userName']);

 

Also note that you should move to mysqli or PDO since the mysql functions are now depreciated.   Mysqli in procedural form is very similar to the mysql functions.

Edited by kierany5
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.