Jump to content

Recommended Posts

Hi, guys. I'm working on Login/Registration and I have a problem with registration form (worked 2 days ago). Right now, when I submit the form I get the message ~"Successful registration" as I should with $_GET and everything looks good, except the data is not entered in my Database. I can login, so db is fine. I think passing data to db is the problem, but dont see what exactly. If you need more information, just ask.

 

register.php

<?php
include 'core/init.php';
logged_in_redirect();
include 'includes/overall/header.php';

if(empty($_POST) === false){
    $required_fields = array('username', 'password', 'password_again', 'first_name', 'email');
    foreach($_POST as $key=>$value){
        if(empty($value) && in_array($key, $required_fields) === true){
            $errors[] = "Fields with * are required!";
            break 1;
        }
    }

    if(empty($errors) === true){
        if(user_exists($_POST['username']) === true){
            $errors[] = "Sorry, the username '" . $_POST['username'] . "' is already taken";
        }
        if(preg_match("/\\s/", $_POST['username']) == true){
            $errors[] = "No spaces allow in username!";
        }
        if(strlen($_POST['password']) < 6){
            $errors[] = "Your password must be at least 6 characters";
        }
        if($_POST['password'] !== $_POST['password_again'] ){
            $errors[] = "Your passwords do not match!";
        }
        if(filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false){
            $errors[] = "A valid email address is required.";
        }
        if(email_exists($_POST['email']) === true){
            $errors[] = "The email is already in use.";
        }

    }
}
?>
    <h1>Register</h1>

<?php

    if(isset($_GET['success']) === true && empty($_GET['success']) === true ){
        echo "You have been registered successfully!";
    }
    else {
        if (empty($_POST) === false && empty($errors) === true) {
            $register_data = array(
                'username'      => $_POST['username'],
                'password'      => $_POST['password'],
                'first_name'    => $_POST['first_name'],
                'last_name'     => $_POST['last_name'],
                'email'         => $_POST['email'],
                'email_code'    => md5($_POST['username'] + microtime())
            );
            register_user($register_data);
            header("Location: register.php?success");
            exit();
        } elseif (empty($errors) === false) {
            echo output_errors($errors);
        }
        ?>

        <form action="" method="post">
            <ul>
                <li>
                    Username*:<br>
                    <input type="text" name="username">
                </li>
                <li>
                    Password*:<br>
                    <input type="password" name="password">
                </li>
                <li>
                    Password again*:<br>
                    <input type="password" name="password_again">
                </li>
                <li>
                    First Name*:<br>
                    <input type="text" name="first_name">
                </li>
                <li>
                    Last Name:<br>
                    <input type="text" name="last_name">
                </li>
                <li>
                    Email*:<br>
                    <input type="text" name="email">
                </li>
                <li>
                    <input type="submit" value="Register">
                </li>
            </ul>
        </form>
    <?php
    }

include 'includes/overall/footer.php';


?>

init.php

<!doctype html>
<?php
    session_start();
    #error_reporting(0);

    require 'database/connect.php';
    require 'functions/general.php';
    require 'functions/users.php';

    $current_file = explode('/', $_SERVER['SCRIPT_NAME']);
    $current_file = end($current_file);

    if(logged_in() === true){
        $session_user_id = $_SESSION['user_id'];
        $user_data = user_data($_SESSION['user_id'], 'user_id' , 'username', 'password' ,'first_name', 'last_name', 'email','password_recover', 'type', 'allow_email', 'profile');
        if(user_active($user_data['username']) === false){
            session_destroy();
            header('Location: index.php');
            exit();
        }
        if($current_file !== 'changepassword.php' && $current_file !== 'logout.php' && $user_data['password_recover'] == 1){
           header("Location: changepassword.php?force");
        }
    }


    $errors = array();
?>

users.php

<?php

function change_profile_image($user_id, $file_temp, $file_extn){
    $file_path = 'images/profile/' . substr(md5(time()), 0 ,10) . '.' . $file_extn;
    move_uploaded_file($file_temp, $file_path);

    mysql_query("UPDATE `users` SET `profile` = '$file_path' WHERE `user_id` = " . (int)$user_id);
}

function mail_users($subject, $body){
    $query = mysql_query("SELECT `email`, `first_name` FROM `users` WHERE `allow_email` = 1");
    while(($row = mysql_fetch_assoc($query)) !== false){
        email($row['email'], $subject, "Hello " . $row['first_name'] . ",\n\n" . $body);
    }
}

function has_access($user_id, $type){
    $user_id = (int)$user_id;
    $type = (int)$type;
    return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `user_id` = $user_id AND `type` = $type"), 0) == 1) ? true : false;
}

function recover($mode, $email){
    $mode = sanitize($mode);
    $email = sanitize($email);

    $user_data = user_data(user_id_from_email($email), 'user_id', 'first_name', 'username');

    if($mode == 'username'){
        email($email, 'Your username', "Hello " . $user_data['first_name'] . ",\n\nyour username is " . $user_data['username']);
    }
    elseif($mode == 'password'){
        $generated_password = substr(md5(rand(999,999999)), 0, ;
        change_password($user_data['user_id'], $generated_password);

        update_user($user_data['user_id'], array('password_recover' => '1'));

        email($email, 'Password Recovery', "Hello " . $user_data['first_name'] . ",\n\nyour new password is: " . $generated_password);
    }
}

function update_user($user_id, $update_data){
    $update = array();
    array_walk($update_data, 'array_sanitize');

    foreach($update_data as $field=>$data){
        $update[] = '`' . $field . '` = \'' . $data . '\'';
    }

    mysql_query("UPDATE `users` SET " . implode(', ', $update) . " WHERE `user_id` = $user_id");
}

function activate($email, $email_code){
    $email = mysql_real_escape_string($email);
    $email_code = mysql_real_escape_string($email_code);

    if(mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `email` = '$email' AND `email_code` = '$email_code' AND `active` = 0"),0) == 1){
        mysql_query("UPDATE `users` SET `active` = 1 WHERE `email` = '$email'");
        return true;
    }
    else{
        return false;
    }
}

function change_password($user_id, $password){
    $user_id = (int)$user_id;
    $password = md5($password);

    mysql_query("UPDATE `users` SET `password` = '$password', `password_recover` = 0 WHERE `user_id` = $user_id");
}

function register_user($register_data){
    array_walk($register_data, 'array_sanitize');
    $register_data['password'] = md5($register_data['password']);

    $fields = '`' . implode('`, `', array_keys($register_data)) . '`';
    $data = '\'' . implode('\', \'', $register_data) . '\'';

    echo "INSERT INTO `users` ($fields) VALUES ($data)";
    mysql_query("INSERT INTO `users` ($fields) VALUES ($data)");
    email($register_data['email'], 'Activate your account', "Hello " . $register_data['first_name'] . ",\n\nyou need to activate your account, so use the link below:\n\nhttp://localhost/lr/activate.php?email=" . $register_data['email'] . "&email_code=" . $register_data['email_code'] . "\n\n- Grinch");
}

function user_count(){
    return mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `active` = 1"),0);
}

function user_data($user_id){
    $data = array();
    $user_id = (int)$user_id;

    $func_num_args = func_num_args();
    $func_get_args = func_get_args();

    if($func_num_args > 1){
        unset($func_get_args[0]);

        $fields = '`' . implode('`,`', $func_get_args) . '`';
        $data = mysql_fetch_assoc(mysql_query("SELECT $fields FROM `users` WHERE `user_id` = $user_id"));

        return $data;
    }

}

function logged_in(){
    return (isset($_SESSION['user_id'])) ? true : false;
}

function user_exists($username){
    $username = sanitize($username);
    $query = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username'");
    return (mysql_result($query, 0) == 1) ? true : false;
}

function email_exists($email){
    $email = sanitize($email);
    $query = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `email` = '$email'");
    return (mysql_result($query, 0) == 1) ? true : false;
}

function user_active($username){
    $username = sanitize($username);
    $query = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username' AND `active` = 1");
    return (mysql_result($query, 0) == 1) ? true : false;
}

function user_id_from_username($username){
    $username = sanitize($username);
    return mysql_result(mysql_query("SELECT `user_id` FROM `users` WHERE `username` = '$username'"), 0, 'user_id');
}

function user_id_from_email($email){
    $email = sanitize($email);
    return mysql_result(mysql_query("SELECT `user_id` FROM `users` WHERE `email` = '$email'"), 0, 'user_id');
}

function login($username, $password){
    $user_id = user_id_from_username($username);

    $username = sanitize($username);
    $password = md5($password);

    return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username' AND `password` = '$password'"), 0) == 1) ? $user_id : false;
}

?>
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.