Jump to content

[PHP L/R Script] Registration is not working.


thebasix

Recommended Posts

Hi, guys. I'm working on Login/Registration and I have a problem with registration form (worked 2 days ago). Right now, when I submit the form I get the message ~"Successful registration" as I should with $_GET and everything looks good, except the data is not entered in my Database. I can login, so db is fine. I think passing data to db is the problem, but dont see what exactly. If you need more information, just ask.

 

register.php

<?php
include 'core/init.php';
logged_in_redirect();
include 'includes/overall/header.php';

if(empty($_POST) === false){
    $required_fields = array('username', 'password', 'password_again', 'first_name', 'email');
    foreach($_POST as $key=>$value){
        if(empty($value) && in_array($key, $required_fields) === true){
            $errors[] = "Fields with * are required!";
            break 1;
        }
    }

    if(empty($errors) === true){
        if(user_exists($_POST['username']) === true){
            $errors[] = "Sorry, the username '" . $_POST['username'] . "' is already taken";
        }
        if(preg_match("/\\s/", $_POST['username']) == true){
            $errors[] = "No spaces allow in username!";
        }
        if(strlen($_POST['password']) < 6){
            $errors[] = "Your password must be at least 6 characters";
        }
        if($_POST['password'] !== $_POST['password_again'] ){
            $errors[] = "Your passwords do not match!";
        }
        if(filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false){
            $errors[] = "A valid email address is required.";
        }
        if(email_exists($_POST['email']) === true){
            $errors[] = "The email is already in use.";
        }

    }
}
?>
    <h1>Register</h1>

<?php

    if(isset($_GET['success']) === true && empty($_GET['success']) === true ){
        echo "You have been registered successfully!";
    }
    else {
        if (empty($_POST) === false && empty($errors) === true) {
            $register_data = array(
                'username'      => $_POST['username'],
                'password'      => $_POST['password'],
                'first_name'    => $_POST['first_name'],
                'last_name'     => $_POST['last_name'],
                'email'         => $_POST['email'],
                'email_code'    => md5($_POST['username'] + microtime())
            );
            register_user($register_data);
            header("Location: register.php?success");
            exit();
        } elseif (empty($errors) === false) {
            echo output_errors($errors);
        }
        ?>

        <form action="" method="post">
            <ul>
                <li>
                    Username*:<br>
                    <input type="text" name="username">
                </li>
                <li>
                    Password*:<br>
                    <input type="password" name="password">
                </li>
                <li>
                    Password again*:<br>
                    <input type="password" name="password_again">
                </li>
                <li>
                    First Name*:<br>
                    <input type="text" name="first_name">
                </li>
                <li>
                    Last Name:<br>
                    <input type="text" name="last_name">
                </li>
                <li>
                    Email*:<br>
                    <input type="text" name="email">
                </li>
                <li>
                    <input type="submit" value="Register">
                </li>
            </ul>
        </form>
    <?php
    }

include 'includes/overall/footer.php';


?>

init.php

<!doctype html>
<?php
    session_start();
    #error_reporting(0);

    require 'database/connect.php';
    require 'functions/general.php';
    require 'functions/users.php';

    $current_file = explode('/', $_SERVER['SCRIPT_NAME']);
    $current_file = end($current_file);

    if(logged_in() === true){
        $session_user_id = $_SESSION['user_id'];
        $user_data = user_data($_SESSION['user_id'], 'user_id' , 'username', 'password' ,'first_name', 'last_name', 'email','password_recover', 'type', 'allow_email', 'profile');
        if(user_active($user_data['username']) === false){
            session_destroy();
            header('Location: index.php');
            exit();
        }
        if($current_file !== 'changepassword.php' && $current_file !== 'logout.php' && $user_data['password_recover'] == 1){
           header("Location: changepassword.php?force");
        }
    }


    $errors = array();
?>

users.php

<?php

function change_profile_image($user_id, $file_temp, $file_extn){
    $file_path = 'images/profile/' . substr(md5(time()), 0 ,10) . '.' . $file_extn;
    move_uploaded_file($file_temp, $file_path);

    mysql_query("UPDATE `users` SET `profile` = '$file_path' WHERE `user_id` = " . (int)$user_id);
}

function mail_users($subject, $body){
    $query = mysql_query("SELECT `email`, `first_name` FROM `users` WHERE `allow_email` = 1");
    while(($row = mysql_fetch_assoc($query)) !== false){
        email($row['email'], $subject, "Hello " . $row['first_name'] . ",\n\n" . $body);
    }
}

function has_access($user_id, $type){
    $user_id = (int)$user_id;
    $type = (int)$type;
    return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `user_id` = $user_id AND `type` = $type"), 0) == 1) ? true : false;
}

function recover($mode, $email){
    $mode = sanitize($mode);
    $email = sanitize($email);

    $user_data = user_data(user_id_from_email($email), 'user_id', 'first_name', 'username');

    if($mode == 'username'){
        email($email, 'Your username', "Hello " . $user_data['first_name'] . ",\n\nyour username is " . $user_data['username']);
    }
    elseif($mode == 'password'){
        $generated_password = substr(md5(rand(999,999999)), 0, ;
        change_password($user_data['user_id'], $generated_password);

        update_user($user_data['user_id'], array('password_recover' => '1'));

        email($email, 'Password Recovery', "Hello " . $user_data['first_name'] . ",\n\nyour new password is: " . $generated_password);
    }
}

function update_user($user_id, $update_data){
    $update = array();
    array_walk($update_data, 'array_sanitize');

    foreach($update_data as $field=>$data){
        $update[] = '`' . $field . '` = \'' . $data . '\'';
    }

    mysql_query("UPDATE `users` SET " . implode(', ', $update) . " WHERE `user_id` = $user_id");
}

function activate($email, $email_code){
    $email = mysql_real_escape_string($email);
    $email_code = mysql_real_escape_string($email_code);

    if(mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `email` = '$email' AND `email_code` = '$email_code' AND `active` = 0"),0) == 1){
        mysql_query("UPDATE `users` SET `active` = 1 WHERE `email` = '$email'");
        return true;
    }
    else{
        return false;
    }
}

function change_password($user_id, $password){
    $user_id = (int)$user_id;
    $password = md5($password);

    mysql_query("UPDATE `users` SET `password` = '$password', `password_recover` = 0 WHERE `user_id` = $user_id");
}

function register_user($register_data){
    array_walk($register_data, 'array_sanitize');
    $register_data['password'] = md5($register_data['password']);

    $fields = '`' . implode('`, `', array_keys($register_data)) . '`';
    $data = '\'' . implode('\', \'', $register_data) . '\'';

    echo "INSERT INTO `users` ($fields) VALUES ($data)";
    mysql_query("INSERT INTO `users` ($fields) VALUES ($data)");
    email($register_data['email'], 'Activate your account', "Hello " . $register_data['first_name'] . ",\n\nyou need to activate your account, so use the link below:\n\nhttp://localhost/lr/activate.php?email=" . $register_data['email'] . "&email_code=" . $register_data['email_code'] . "\n\n- Grinch");
}

function user_count(){
    return mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `active` = 1"),0);
}

function user_data($user_id){
    $data = array();
    $user_id = (int)$user_id;

    $func_num_args = func_num_args();
    $func_get_args = func_get_args();

    if($func_num_args > 1){
        unset($func_get_args[0]);

        $fields = '`' . implode('`,`', $func_get_args) . '`';
        $data = mysql_fetch_assoc(mysql_query("SELECT $fields FROM `users` WHERE `user_id` = $user_id"));

        return $data;
    }

}

function logged_in(){
    return (isset($_SESSION['user_id'])) ? true : false;
}

function user_exists($username){
    $username = sanitize($username);
    $query = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username'");
    return (mysql_result($query, 0) == 1) ? true : false;
}

function email_exists($email){
    $email = sanitize($email);
    $query = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `email` = '$email'");
    return (mysql_result($query, 0) == 1) ? true : false;
}

function user_active($username){
    $username = sanitize($username);
    $query = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username' AND `active` = 1");
    return (mysql_result($query, 0) == 1) ? true : false;
}

function user_id_from_username($username){
    $username = sanitize($username);
    return mysql_result(mysql_query("SELECT `user_id` FROM `users` WHERE `username` = '$username'"), 0, 'user_id');
}

function user_id_from_email($email){
    $email = sanitize($email);
    return mysql_result(mysql_query("SELECT `user_id` FROM `users` WHERE `email` = '$email'"), 0, 'user_id');
}

function login($username, $password){
    $user_id = user_id_from_username($username);

    $username = sanitize($username);
    $password = md5($password);

    return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username' AND `password` = '$password'"), 0) == 1) ? $user_id : false;
}

?>

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.