tberger Posted April 20, 2007 Share Posted April 20, 2007 I am setting up a member form for users. When the person submits there information. The database checks to make sure the record doesn't already exist - if it does, it should tell them it does and direct them to the login page. If it doesn't exist, it should insert a record into the database. My problem - it displays like it is putting the records into the table but when I display the table results - I get nothing. It worked when I just had an insert statement but when I put that inside an if statement to satisfy the criteria I listed above - it seems to have stopped working. Any suggestions? Here is the code: <html> <head> <title>Create Process</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> </head> <body> <?php /* Tracy Seeberger (00835940) create_processSQL.php Module 4 - Assignment */ //Escapes and enquotes variables function clean($var){ return trim(addslashes($var)); } //Variable declaration $fname = clean($_POST['first_name']); $lname = clean($_POST['last_name']); $email = clean($_POST['email_address']); $pw = clean($_POST['password']); // Connect to server and select databse. $db=mysql_connect('monet.homeip.net','conn1','conn1') or die ("Cannot connect to server"); mysql_select_db('test',$db) or die ("Cannot select DB"); print "Connected to MySQL<br>"; if (!$_POST['email_address'] | !$_POST['password'] | !$_POST['first_name'] | !$_POST['last_name']) { die('You must complete all required fields.'); } $usercheck = $_POST['email_address']; $check = mysql_query("SELECT username FROM seebergerLogin where username = '$_POST[email_address]'") or die(mysql_error()); if ($check != 0 ) { $query="INSERT INTO seebergerLogin (username, password, first_name, last_name)VALUES ('$_POST[email_address]','$_POST[password]','$_POST[first_name]','$_POST[last_name]')"; $_POST[password] = md5($_POST[password]); echo $fname; echo ', your account has been created <br />'; echo "<html> <body> To Sign into your account <a href='loginsql.php'> Click Here!</a>"; } else { echo $_POST['email_address']; echo ("You are already registered"); echo "<html> <body> To Sign into your account <a href='loginsql.php'> Click Here!</a>"; } ?> </body> </html> Link to comment https://forums.phpfreaks.com/topic/47931-login-problem/ Share on other sites More sharing options...
jscix Posted April 20, 2007 Share Posted April 20, 2007 I honestly cant see the problem, your sql looks fine, as does the rest of your code.. but im curious why you are working with dirty $_POST Variables, after you have already placed and secured them(Assuming the CLEAN function does this) right here: $fname = clean($_POST['first_name']); $lname = clean($_POST['last_name']); $email = clean($_POST['email_address']); $pw = clean($_POST['password']); ? Link to comment https://forums.phpfreaks.com/topic/47931-login-problem/#findComment-234246 Share on other sites More sharing options...
taith Posted April 20, 2007 Share Posted April 20, 2007 few problems there firstly... $_POST[password] = md5($_POST[password]); # i have to go first $query="INSERT INTO seebergerLogin (username, password, first_name, last_name)VALUES ('$_POST[email_address]','$_POST[password]','$_POST[first_name]','$_POST[last_name]')"; #and you forgot to query that ;-) mysql_query($query); #also near the biginning... $check=mysql_query("SELECT username FROM seebergerLogin where username = '$_POST[email_address]' LIMIT 1") or die(mysql_error()); $row=mysql_fetch_array($check); if(!empty($row)){ . . . Link to comment https://forums.phpfreaks.com/topic/47931-login-problem/#findComment-234248 Share on other sites More sharing options...
jscix Posted April 20, 2007 Share Posted April 20, 2007 lol, wow I didnt catch that at all, ??? $query="INSERT INTO seebergerLogin (username, password, first_name, last_name)VALUES ('$_POST[email_address]','$_POST[password]','$_POST[first_name]','$_POST[last_name]')"; $query is a bad var name for a mysql_query, it looks far too similar Link to comment https://forums.phpfreaks.com/topic/47931-login-problem/#findComment-234254 Share on other sites More sharing options...
Trium918 Posted April 20, 2007 Share Posted April 20, 2007 Try this! <?php /* Tracy Seeberger (00835940) create_processSQL.php Module 4 - Assignment */ //Escapes and enquotes variables function clean($var){ return trim(addslashes($var)); } //Variable declaration $fname = clean($_POST['first_name']); $lname = clean($_POST['last_name']); $email = clean($_POST['email_address']); $pw = clean($_POST['password']); // Connect to server and select databse. $db=mysql_connect('monet.homeip.net','conn1','conn1') or die ("Cannot connect to server"); mysql_select_db('test',$db) or die ("Cannot select DB"); print "Connected to MySQL"; if (!$_POST['email_address'] || !$_POST['password'] || !$_POST['first_name'] || !$_POST['last_name']) { die('You must complete all required fields.'); } // check if username is unique $check = mysql_query("SELECT username FROM seebergerLogin where username = '$_POST[email_address]'"); if (!$check) return "Could not execute query". mysql_error(); if (mysql_num_rows($check)>0) return "That username is taken - go back and choose another one."; // if ok, put in db $_POST[password] = md5($_POST[password]); $query = "INSERT INTO seebergerLogin (username, password, first_name, last_name) VALUES('$email_address','password','$first_name','$last_name')"; mysql_query($query) or die(mysql_error()); if ($check != 0 ) { echo $fname; echo ', your account has been created '; echo "<html> <body> To Sign into your account <a href='loginsql.php'> Click Here![/url]"; } else { echo $_POST['email_address']; echo ("You are already registered"); echo "<html> <body> To Sign into your account <a href='loginsql.php'> Click Here![/url]"; } ?> Not tested Link to comment https://forums.phpfreaks.com/topic/47931-login-problem/#findComment-234262 Share on other sites More sharing options...
taith Posted April 20, 2007 Share Posted April 20, 2007 lol... personally... i completly skip that part... lol $query=mysql_query("INSERT INTO seebergerLogin (username, password, first_name, last_name)VALUES ('$_POST[email_address]','$_POST[password]','$_POST[first_name]','$_POST[last_name]')"); thats just me tho... no point in using non changing variables only once... lol Link to comment https://forums.phpfreaks.com/topic/47931-login-problem/#findComment-234266 Share on other sites More sharing options...
Fehnris Posted April 20, 2007 Share Posted April 20, 2007 You dont really want to be checking that $check isnt equal to zero. if ($check != 0 ) { $query="INSERT INTO seebergerLogin (username, password, first_name, last_name)VALUES ('$_POST[email_address]','$_POST[password]','$_POST[first_name]','$_POST[last_name]')"; $_POST[password] = md5($_POST[password]); echo $fname; echo ', your account has been created '; echo "<html> <body> To Sign into your account <a href='loginsql.php'> Click Here![/url]"; } Instead check it like this. if (mysql_num_rows($check) > 0 ) { $query="INSERT INTO seebergerLogin (username, password, first_name, last_name)VALUES ('$_POST[email_address]','$_POST[password]','$_POST[first_name]','$_POST[last_name]')"; $_POST[password] = md5($_POST[password]); echo $fname; echo ', your account has been created '; echo "<html> <body> To Sign into your account <a href='loginsql.php'> Click Here![/url]"; } Link to comment https://forums.phpfreaks.com/topic/47931-login-problem/#findComment-234275 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.