Unholy Prayer Posted March 11, 2007 Share Posted March 11, 2007 I am using a registration script for my website, but when the register button is pressed, the information doesn't get inserted into the database. No error messages are displayed. This is my code: <?php require_once('config.php'); $date = date("F j, Y"); include('templates/default/header_body.tpl'); function generateCode($length = 10) { $password=""; $chars = "abcdefghijklmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ123456789"; srand((double)microtime()*1000000); for ($i=0; $i<$length; $i++) { $password = $password . substr ($chars, rand() % strlen($chars), 1); } return $password; } $action = $_GET['action']; if($action == '') { if(empty($_POST['register'])) { //What is this user's member number? $members = "SELECT * FROM members"; $member_result = mysql_query($members); $member = mysql_num_rows($member_result); include('templates/default/register_body.tpl'); } if(isset($_POST['register'])) { $activation_code = generateCode(25); $mem_no = $member + 1; $username = $_POST['username']; $password = mysql_real_escape_string($_POST['password']); $password_conf = mysql_real_escape_string($_POST['password_conf']); $email = $_POST['email']; $reg_date = $_POST['reg_date']; $mem_no = $_POST['mem_no']; $perm = $_POST['perm']; $activ_code = $_POST['activ_code']; if(empty($_POST['username'])){ echo "You left the username field blank. Please go back and fill it out."; } if(empty($_POST['password'])){ echo "You left the password field blank. Please go back and choose a password."; } if(empty($_POST['password_conf'])){ echo "You did not confirm your password. Please make sure your password is correct by filling in the confirm password field."; } if(empty($_POST['email'])){ echo "You did not enter an email address. Please go back and tell us your email address."; } if($password != $password_conf){ { echo "Your passwords did not match. Please go back and re-enter your passwords so they match."; } $membername = "SELECT * FROM members where username = $username"; $name_result = mysql_query($membername); $name = mysql_num_rows($name_result); if($name == 1){ echo "The username you entered is already in use. Please go back and choose another."; } $activation_code = generateCode(25); //What is this user's member number? $members = "SELECT * FROM members"; $member_result = mysql_query($member); $member = mysql_num_rows($member_result); $mem_no = $member + 1; mysql_query("INSERT INTO members(username,password,email,reg_date,mem_no,perm) values ('$username', '$password', '$email', '$reg_date', '$mem_no', '$perm')" or die(mysql_error)); echo "Welcome to the forums, $username! Before you can login and start posting, you must activate your account by visiting the link in an email that was sent to the address you provided. Once you activate your account, you are free to post as you please(as long as you follow the rules)!"; mail($email, "New Registration, $sitename", " Thanks for registering on SITE NAME. Here are your login details: Username: ".$username." Password: ".$password." In order to login and gain full access, you must validate your account. Click here to validate: http://$domain/$path/register.php?action=activate&user=".$username."&code=".$activation_code." $email_sig "); } } if($action == 'activate') { if(isset($_GET['user']) && isset($_GET['code'])) { $username = mysql_real_escape_string($_GET['user']); if(mysql_num_rows(mysql_query("SELECT id FROM user_system WHERE username = '$username'")) == 0) { echo "That username is not in the database!"; } else { $activate_query = "SELECT is_activated FROM user_system WHERE username = '$username'"; $is_already_activated = mysql_fetch_object(mysql_query($activate_query)) or die(mysql_error()); if($is_already_activated->is_activated == 1) { echo "This user is already activated!"; } else { $code = mysql_real_escape_string($_GET['code']); $code_query = "SELECT activation_code FROM user_system WHERE username = '$username' LIMIT 1"; $check_code = mysql_fetch_object(mysql_query($code_query)) or die(mysql_error()); if($code == $check_code->activation_code) { $update = "UPDATE user_system SET is_activated = '1' WHERE username = '$username'"; mysql_query($update) or die(mysql_error()); echo "User $username has been activated! Thanks! You may now login!"; } else { echo "The activation code was wrong! Please try again!"; } } } } else { echo "No ID or user given to activate!"; } } } ?> Quote Link to comment Share on other sites More sharing options...
JasonLewis Posted March 11, 2007 Share Posted March 11, 2007 add this near the top and see if any data is being sent: print_r($_POST); Quote Link to comment Share on other sites More sharing options...
Unholy Prayer Posted March 12, 2007 Author Share Posted March 12, 2007 It displays this when I try to register: Array ( [username] => Unholy Prayer [password] => password [password_conf] => warrior [email] => email [reg_date] => March 12, 2007 [mem_no] => [perm] => 1 [activation_code] => [is_activated] => no [register] => Register ) I refreshed my database in PHPMyAdmin but there are still no records in the database. Quote Link to comment Share on other sites More sharing options...
Unholy Prayer Posted March 12, 2007 Author Share Posted March 12, 2007 I found the error with that part, but now it's saying my mysql_num_rows is not a valid MySQL result resource. The error that is on the line it's saying is the code that determines if the user's username is already in use. This is the code: $membername = "SELECT * FROM members WHERE username = $username"; $name_result = mysql_query($membername); $name = mysql_num_rows($name_result); Quote Link to comment Share on other sites More sharing options...
JasonLewis Posted March 12, 2007 Share Posted March 12, 2007 change this: $name_result = mysql_query($membername); to this: $name_result = mysql_query($membername) or die("Error: ".mysql_error()); and post what the error is returning. Quote Link to comment Share on other sites More sharing options...
Unholy Prayer Posted March 12, 2007 Author Share Posted March 12, 2007 Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Prayer' at line 1 It's weird... I took the space out of the username I entered in the form and now the error is saying: Error: Unknown column 'UnholyPrayer' in 'where clause' Quote Link to comment Share on other sites More sharing options...
redarrow Posted March 12, 2007 Share Posted March 12, 2007 <?php $membername = "SELECT * FROM members WHERE username='$username'"; $name_result = mysql_query($membername)or die(mysql_error()); if(mysql_num_rows($name_result)==1){ echo "sorry name used"; exit; } ?> Quote Link to comment Share on other sites More sharing options...
Unholy Prayer Posted March 12, 2007 Author Share Posted March 12, 2007 Eeerrrg... I changed it to that, but now the data isn't inserted into the database and there are no errors. Quote Link to comment Share on other sites More sharing options...
redarrow Posted March 12, 2007 Share Posted March 12, 2007 Post current code please Quote Link to comment Share on other sites More sharing options...
Unholy Prayer Posted March 12, 2007 Author Share Posted March 12, 2007 <?php require_once('config.php'); $date = date("F j, Y"); include('templates/default/header_body.tpl'); $action = $_GET['action']; if($action == '') //What is this user's member number? $members = mysql_query("SELECT * FROM members"); $number = mysql_num_rows($members); $mem_no = $members + 1; { if(empty($_POST['register'])) { include('templates/default/register_body.tpl'); } if(isset($_POST['register'])) { $username = $_POST['username']; $password = mysql_real_escape_string($_POST['password']); $password_conf = mysql_real_escape_string($_POST['password_conf']); $email = $_POST['email']; $reg_date = $_POST['reg_date']; $mem_no = $_POST['mem_no']; $perm = $_POST['perm']; $membername = "SELECT * FROM members WHERE username='$username'"; $name_result = mysql_query($membername) or die("Error: ".mysql_error()); $name = mysql_num_rows($name_result); if(empty($_POST['username'])){ echo "You left the username field blank. Please go back and fill it out."; } if(empty($_POST['password'])){ echo "You left the password field blank. Please go back and choose a password."; } if(empty($_POST['password_conf'])){ echo "You did not confirm your password. Please make sure your password is correct by filling in the confirm password field."; } if(empty($_POST['email'])){ echo "You did not enter an email address. Please go back and tell us your email address."; } if($password != $password_conf){ echo "Your passwords did not match. Please go back and re-enter your passwords so they match."; } if($name == 1){ echo "The username you entered is already in use. Please go back and choose another."; } else{ mysql_query("INSERT INTO members(username,password,email,reg_date,mem_no,perm) values('$username', '$password', '$email', '$reg_date', '$mem_no', '$perm')" or die(mysql_error)); echo "there are $number members."; echo "<td align='center' class='forumname'>Welcome to the forums, $username! Before you can login and start posting, you must activate your account by visiting the link in an email that was sent to the address you provided. Once you activate your account, you are free to post as you please(as long as you follow the rules)!</td>"; } } } ?> Note: I echoed the number of members there are so I wouldn't have to keep refreshing phpmyadmin. Quote Link to comment Share on other sites More sharing options...
redarrow Posted March 12, 2007 Share Posted March 12, 2007 what the error say? <?php mysql_query("INSERT INTO members(username,password,email,reg_date,mem_no,perm) values('$username', '$password', '$email', '$reg_date', '$mem_no', '$perm')" or die(mysql_error()); Quote Link to comment Share on other sites More sharing options...
Unholy Prayer Posted March 12, 2007 Author Share Posted March 12, 2007 It doesn't display any errors. It just displays the message I have echoed but doesn't insert the information into the database. Quote Link to comment Share on other sites More sharing options...
HoTDaWg Posted March 12, 2007 Share Posted March 12, 2007 mysql_query("INSERT INTO members(`username`,`password`,`email`,`reg_date`,`mem_no`,`perm`) values('$username', '$password', '$email', '$reg_date', '$mem_no', '$perm')" or die(mysql_error)); Quote Link to comment Share on other sites More sharing options...
Unholy Prayer Posted March 12, 2007 Author Share Posted March 12, 2007 Nope, that didn't work. Quote Link to comment Share on other sites More sharing options...
mmarif4u Posted March 12, 2007 Share Posted March 12, 2007 Try this ... $sql2 = "INSERT INTO members SET username = ('$username), password = ('$password'), email = ('$email'), reg_date = ('$reg_date'), mem_no = ('$mem_no'), perm = ('$perm'); "; Quote Link to comment Share on other sites More sharing options...
Unholy Prayer Posted March 12, 2007 Author Share Posted March 12, 2007 Nope, still not inserting the data. Quote Link to comment Share on other sites More sharing options...
JasonLewis Posted March 12, 2007 Share Posted March 12, 2007 hotdawg's code should be this i think: mysql_query("INSERT INTO members(`username`,`password`,`email`,`reg_date`,`mem_no`,`perm`) values('$username', '$password', '$email', '$reg_date', '$mem_no', '$perm')") or die("Error: ".mysql_error()); Quote Link to comment Share on other sites More sharing options...
mmarif4u Posted March 12, 2007 Share Posted March 12, 2007 Did u get some error or still blank page. Try to point out the error. U can check that error in ur log directory. Quote Link to comment Share on other sites More sharing options...
kthxbai2u Posted March 12, 2007 Share Posted March 12, 2007 mysql_query("INSERT INTO members(`username`,`password`,`email`,`reg_date`,`mem_no`,`perm`) values('$username', '$password', '$email', '$reg_date', '$mem_no', '$perm')") or die("Error: ".mysql_error()); HAHA all you are noobs i know the answer to this one, i had this trouble myself rofl.... Your MySQL statement should look like this: mysql_query("INSERT INTO `members` (`username`,`password`,`email`,`reg_date`,`mem_no`,`perm`) values('$username', '$password', '$email', '$reg_date', '$mem_no', '$perm')") or die("Error: ".mysql_error()); MySQL is very picky about tablenames not being enclosed by `'s. Watch out for that Quote Link to comment Share on other sites More sharing options...
JasonLewis Posted March 12, 2007 Share Posted March 12, 2007 wow, thanks for calling us n00bs. thats a pretty big statement. and actually, you dont HAVE to have ` around your table name, for your information. Quote Link to comment Share on other sites More sharing options...
kthxbai2u Posted March 12, 2007 Share Posted March 12, 2007 well, if thats the case, why does it now work? i can almost guarentee it will work. it could also be because he didnt leave a space between his table name and values. no time, gotta go. btw, noob isnt insult. kthx insult people. accept it or leave kthxdie Quote Link to comment Share on other sites More sharing options...
Unholy Prayer Posted March 12, 2007 Author Share Posted March 12, 2007 Wow, he was right. I have made MySQL Insertion scripts before that didn't have the ' around the table name and they worked fine. Idk why it didn't work. Thanks for the help, all. Quote Link to comment Share on other sites More sharing options...
Unholy Prayer Posted March 12, 2007 Author Share Posted March 12, 2007 Eh, I have another problem now. I tested the error messages to make sure they worked and left some fields blank. The error messages displayed, but the data was still inserted into the database. How do I make it so that if an error message is displayed, the data does not get inserted into the database? This is my current code: <?php //Connect to the database... this is definitely an essential. require_once('config.php'); //Get the server date... $date = date("F j, Y"); //Include the header body/functions include('templates/default/header_body.tpl'); $action = $_GET['action']; if($action == '') //What is this user's member number? $members = mysql_query("SELECT * FROM members"); $number = mysql_num_rows($members); $mem_no = $members + 1; { //If the register button was not click clicked... if(empty($_POST['register'])) { echo "</tr><tr>"; //Display the form include('templates/default/register_body.tpl'); } //If it was clicked... if(isset($_POST['register'])) { //Transform inputs into strings for mysql insertion... $username = $_POST['username']; $password = mysql_real_escape_string($_POST['password']); $password_conf = mysql_real_escape_string($_POST['password_conf']); $email = $_POST['email']; $reg_date = $_POST['reg_date']; $mem_no = $_POST['mem_no']; $perm = $_POST['perm']; //Is the user name in use? $membername = "SELECT * FROM members WHERE username='$username'"; $name_result = mysql_query($membername) or die("Error: ".mysql_error()); $name = mysql_num_rows($name_result); //If it is in use... if($name == 1){ echo "<td align='center' class='inputrow'>The username you entered is already in use. Please go back and choose another.</td></tr><tr>"; } //Check if any fields are blank and display error messages if they are. if(empty($_POST['username'])){ echo "<td align='center' class='inputrow'>You left the username field blank. Please go back and fill it out.</td></tr><tr>"; } if(empty($_POST['password'])){ echo "<td align='center' class='inputrow'>You left the password field blank. Please go back and choose a password.</td></tr><tr>"; } if(empty($_POST['password_conf'])){ echo "<td align='center' class='inputrow'>You did not confirm your password. Please make sure your password is correct by filling in the confirm password field.</td></tr><tr>"; } if(empty($_POST['email'])){ echo "<td align='center' class='inputrow'>You did not enter an email address. Please go back and tell us your email address.</td></tr><tr>"; } //Did the passwords match? if($password != $password_conf){ //If they didn't match, display an error message. echo "<td align='center' class='inputrow'>Your passwords did not match. Please go back and re-enter your passwords so they match.</td></tr><tr>"; } //If all fields are filled out, the passwords match, and the username isn't taken... else{ mysql_query("INSERT INTO `members` (`username`,`password`,`email`,`reg_date`,`mem_no`,`perm`) values('$username', '$password', '$email', '$reg_date', '$mem_no', '$perm')") or die("Error: ".mysql_error()); //Display a welcome to the forums message. echo "<td align='center' class='inputrow'>Welcome to the forums, $username! You can now <a href='login.php'>login</a> with the information you chose.</td>"; } } } //And we're done! For now, at least. ?> Quote Link to comment Share on other sites More sharing options...
neylitalo Posted March 12, 2007 Share Posted March 12, 2007 HAHA all you are noobs i know the answer to this one, i had this trouble myself rofl.... Your MySQL statement should look like this: I know everything I need to know about you, just by the simple facts that you use the terms "noob", "kthxdie", and your name is "kthxbai2u". You would do well in the future to be more polite. MySQL is very picky about tablenames not being enclosed by `'s. Watch out for that Backticks are not required except when a column or table name is a reserved MySQL keyword. The problem was because of the absence of a space between the table name and the list of values, as you correctly guessed later. Without a space, MySQL assumes you want to use a function. Unholy Prayer, what was the error you received? Quote Link to comment Share on other sites More sharing options...
Unholy Prayer Posted March 12, 2007 Author Share Posted March 12, 2007 Just the errors that I had the script display if the user left a field blank or chose a username that was already taken. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.