limiting user registration in php

[andrewdev]

hi guys i have been trying to limit users in my registration page to no avail the code exceeds the limit user of users in the db pliz help

here is my code

 

 

<?php

 include("connect.php");

 

// first we write the html layout code

//code to check if the user pressed the button

 

 if($_SERVER['REQUEST_METHOD'] == 'POST') {

 $username = mysql_real_escape_string($_POST['username']);

 $password = mysql_real_escape_string(md5($_POST['password']));

 

// retrieving the input from the user, also securing for SQL injection and encrypting the password

//to md5

//now its time to check if the user input works(fields not empty)

 

 if(empty($username)) {

 echo ("You have to fill in a username!");

 } else {

   if(empty($password)) {

      echo("you have to fill in a password!");

 } else {

 $query= mysql_query("SELECT * FROM users WHERE username = '$username' && password='$password'");

 $rowcount = mysql_num_rows($query);

 

if ($rowcount > 4){

    die("Sorry, no more users can sign up");

}else{

  //if $rows = 0 username is not taken and user can be saved in the database.

 

$user_input = mysql_query("INSERT INTO users (username,password) VALUES ('$username', '$password')");

echo ("Successful registration!");

// last thing to do is include the config.php file where the connection is to the database

}

}

}

}

?>

[joel24]

are you trying to limit it so only 4 people can sign up?

 

your query is getting the count of users who have signed up with that username/password combination. If you want to get the total users do a SELECT count(*) or simply remove teh where clause from that query and your code should work... using count() is a better solution though it will require some small PHP changes.

 

 $query= mysql_query("SELECT * FROM users WHERE username = '$username' && password='$password'");

should be

 $query= mysql_query("SELECT username FROM users"); //we don't want to select all the data if you're just counting