tberger Posted April 20, 2007 Share Posted April 20, 2007 I am setting up a member form for users. When the person submits there information. The database checks to make sure the record doesn't already exist - if it does, it should tell them it does and direct them to the login page. If it doesn't exist, it should insert a record into the database. My problem - it displays like it is putting the records into the table but when I display the table results - I get nothing. It worked when I just had an insert statement but when I put that inside an if statement to satisfy the criteria I listed above - it seems to have stopped working. Any suggestions? Here is the code: <html> <head> <title>Create Process</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> </head> <body> <?php /* Tracy Seeberger (00835940) create_processSQL.php Module 4 - Assignment */ //Escapes and enquotes variables function clean($var){ return trim(addslashes($var)); } //Variable declaration $fname = clean($_POST['first_name']); $lname = clean($_POST['last_name']); $email = clean($_POST['email_address']); $pw = clean($_POST['password']); // Connect to server and select databse. $db=mysql_connect('monet.homeip.net','conn1','conn1') or die ("Cannot connect to server"); mysql_select_db('test',$db) or die ("Cannot select DB"); print "Connected to MySQL<br>"; if (!$_POST['email_address'] | !$_POST['password'] | !$_POST['first_name'] | !$_POST['last_name']) { die('You must complete all required fields.'); } $usercheck = $_POST['email_address']; $check = mysql_query("SELECT username FROM seebergerLogin where username = '$_POST[email_address]'") or die(mysql_error()); if ($check != 0 ) { $query="INSERT INTO seebergerLogin (username, password, first_name, last_name)VALUES ('$_POST[email_address]','$_POST[password]','$_POST[first_name]','$_POST[last_name]')"; $_POST[password] = md5($_POST[password]); echo $fname; echo ', your account has been created <br />'; echo "<html> <body> To Sign into your account <a href='loginsql.php'> Click Here!</a>"; } else { echo $_POST['email_address']; echo ("You are already registered"); echo "<html> <body> To Sign into your account <a href='loginsql.php'> Click Here!</a>"; } ?> </body> </html> Quote Link to comment https://forums.phpfreaks.com/topic/47931-login-problem/ Share on other sites More sharing options...
jscix Posted April 20, 2007 Share Posted April 20, 2007 I honestly cant see the problem, your sql looks fine, as does the rest of your code.. but im curious why you are working with dirty $_POST Variables, after you have already placed and secured them(Assuming the CLEAN function does this) right here: $fname = clean($_POST['first_name']); $lname = clean($_POST['last_name']); $email = clean($_POST['email_address']); $pw = clean($_POST['password']); ? Quote Link to comment https://forums.phpfreaks.com/topic/47931-login-problem/#findComment-234246 Share on other sites More sharing options...
taith Posted April 20, 2007 Share Posted April 20, 2007 few problems there firstly... $_POST[password] = md5($_POST[password]); # i have to go first $query="INSERT INTO seebergerLogin (username, password, first_name, last_name)VALUES ('$_POST[email_address]','$_POST[password]','$_POST[first_name]','$_POST[last_name]')"; #and you forgot to query that ;-) mysql_query($query); #also near the biginning... $check=mysql_query("SELECT username FROM seebergerLogin where username = '$_POST[email_address]' LIMIT 1") or die(mysql_error()); $row=mysql_fetch_array($check); if(!empty($row)){ . . . Quote Link to comment https://forums.phpfreaks.com/topic/47931-login-problem/#findComment-234248 Share on other sites More sharing options...
jscix Posted April 20, 2007 Share Posted April 20, 2007 lol, wow I didnt catch that at all, ??? $query="INSERT INTO seebergerLogin (username, password, first_name, last_name)VALUES ('$_POST[email_address]','$_POST[password]','$_POST[first_name]','$_POST[last_name]')"; $query is a bad var name for a mysql_query, it looks far too similar Quote Link to comment https://forums.phpfreaks.com/topic/47931-login-problem/#findComment-234254 Share on other sites More sharing options...
Trium918 Posted April 20, 2007 Share Posted April 20, 2007 Try this! <?php /* Tracy Seeberger (00835940) create_processSQL.php Module 4 - Assignment */ //Escapes and enquotes variables function clean($var){ return trim(addslashes($var)); } //Variable declaration $fname = clean($_POST['first_name']); $lname = clean($_POST['last_name']); $email = clean($_POST['email_address']); $pw = clean($_POST['password']); // Connect to server and select databse. $db=mysql_connect('monet.homeip.net','conn1','conn1') or die ("Cannot connect to server"); mysql_select_db('test',$db) or die ("Cannot select DB"); print "Connected to MySQL"; if (!$_POST['email_address'] || !$_POST['password'] || !$_POST['first_name'] || !$_POST['last_name']) { die('You must complete all required fields.'); } // check if username is unique $check = mysql_query("SELECT username FROM seebergerLogin where username = '$_POST[email_address]'"); if (!$check) return "Could not execute query". mysql_error(); if (mysql_num_rows($check)>0) return "That username is taken - go back and choose another one."; // if ok, put in db $_POST[password] = md5($_POST[password]); $query = "INSERT INTO seebergerLogin (username, password, first_name, last_name) VALUES('$email_address','password','$first_name','$last_name')"; mysql_query($query) or die(mysql_error()); if ($check != 0 ) { echo $fname; echo ', your account has been created '; echo "<html> <body> To Sign into your account <a href='loginsql.php'> Click Here![/url]"; } else { echo $_POST['email_address']; echo ("You are already registered"); echo "<html> <body> To Sign into your account <a href='loginsql.php'> Click Here![/url]"; } ?> Not tested Quote Link to comment https://forums.phpfreaks.com/topic/47931-login-problem/#findComment-234262 Share on other sites More sharing options...
taith Posted April 20, 2007 Share Posted April 20, 2007 lol... personally... i completly skip that part... lol $query=mysql_query("INSERT INTO seebergerLogin (username, password, first_name, last_name)VALUES ('$_POST[email_address]','$_POST[password]','$_POST[first_name]','$_POST[last_name]')"); thats just me tho... no point in using non changing variables only once... lol Quote Link to comment https://forums.phpfreaks.com/topic/47931-login-problem/#findComment-234266 Share on other sites More sharing options...
Fehnris Posted April 20, 2007 Share Posted April 20, 2007 You dont really want to be checking that $check isnt equal to zero. if ($check != 0 ) { $query="INSERT INTO seebergerLogin (username, password, first_name, last_name)VALUES ('$_POST[email_address]','$_POST[password]','$_POST[first_name]','$_POST[last_name]')"; $_POST[password] = md5($_POST[password]); echo $fname; echo ', your account has been created '; echo "<html> <body> To Sign into your account <a href='loginsql.php'> Click Here![/url]"; } Instead check it like this. if (mysql_num_rows($check) > 0 ) { $query="INSERT INTO seebergerLogin (username, password, first_name, last_name)VALUES ('$_POST[email_address]','$_POST[password]','$_POST[first_name]','$_POST[last_name]')"; $_POST[password] = md5($_POST[password]); echo $fname; echo ', your account has been created '; echo "<html> <body> To Sign into your account <a href='loginsql.php'> Click Here![/url]"; } Quote Link to comment https://forums.phpfreaks.com/topic/47931-login-problem/#findComment-234275 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.