Jump to content

[SOLVED] Signup help

steviez

By steviez
in PHP Coding Help

Recommended Posts

steviez Advanced Member

steviez

Posted
  • Author
Posted

Hi,

 

Thanks for your quick reply, i am pretty new to php and have been haveing problems integrating your code in to my script.

 

Hre is my script:

 

<?
session_start(); 
include("login_database.php");
include("header.php");
include("admin/config.php");
include("functions.php");
$validation = md5(rand(1, 1000));
/**
* Returns true if the username has been taken
* by another user, false otherwise.
*/
function usernameTaken($username){
   global $conn;
   if(!get_magic_quotes_gpc()){
      $username = addslashes($username);
   }
   $q = "select username from xl_members where username = '$username'";
   $result = mysql_query($q,$conn);
   return (mysql_numrows($result) > 0);
}

function emailTaken($email){
   global $conn;
   $q = "select email from xl_members where email = '$email'";
   $result = mysql_query($q,$conn);
   return (mysql_numrows($result) > 0);
}

/**
* Inserts the given (username, password) pair
* into the database. Returns true on success,
* false otherwise.
*/
function addNewUser($id, $username, $password, $email, $time, $date, $terms, $validation, $activated, $logins, $ip, $newsletter){
   global $conn;
   $q = "INSERT INTO xl_members VALUES ('$id', '$username', '$password', '$email', '$time', '$date', '$terms', '$validation', '$activated', '$logins', '$ip', '$newsletter')";
   return mysql_query($q,$conn);
}

/**
* Displays the appropriate message to the user
* after the registration attempt. It displays a 
* success or failure status depending on a
* session variable set during registration.
*/
function displayStatus(){
   $uname = $_SESSION['reguname'];
   if($_SESSION['regresult']){
?>

<?php 

include("createacc_success.php"); 

?>

<? }else{ ?>

<?php include("createacc_error1.php"); ?>

<?
   }
   unset($_SESSION['reguname']);
   unset($_SESSION['registered']);
   unset($_SESSION['regresult']);
}

if(isset($_SESSION['registered'])){
/**
* This is the page that will be displayed after the
* registration has been attempted.
*/
?>

<html>
<title>Registration Page</title>
<body>

<? displayStatus(); ?>

</body>
</html>

<?
   return;
}

/**
* Determines whether or not to show to sign-up form
* based on whether the form has been submitted, if it
* has, check the database for consistency and create
* the new account.
*/
if(isset($_POST['subjoin'])){
   /* Make sure all fields were entered */
   if(!$_POST['user'] || !$_POST['pass'] || !$_POST['email'] || !$_POST['terms']){
      include("createacc_error2.php");
  exit();
   }

   /* Spruce up username, check length */
   $_POST['user'] = trim($_POST['user']);
   if(strlen($_POST['user']) > 30){
      include("createacc_error3.php");
  exit();
   }
   
   if(strlen($_POST['pass']) < 6){
        include("createacc_error6.php");
  exit();
   }
   

   /* Check if username is already in use */
   if(usernameTaken($_POST['user'])){
      $use = $_POST['user'];
      include("createacc_error4.php");
  exit();
   }
   
   if(emailTaken($_POST['email'])){
      $use = $_POST['email'];
      include("createacc_error5.php");
  exit();
   }
   
$to = "".$_POST['email']."";
$subject = "Welcome To UK File Host!";

$message = "
<html>
<head>
<title>Welcome!</title>
</head>
<body>
<p>Thanks for becoming a member at UK File Host ".$_POST['user']."!<br />
  Please <a href='http://www.ukfilehost.com/validate.php?user=".$_POST['user']."&code=".$validation."'>click here</a> or copy and paste this code in your browser to validate your account and start using our members only features! http://www.ukfilehost.com/validate.php?user=".$_POST['user']."&code=".$validation."</p>
<p>You are receiving this e-mail because you or someone else used your address to sign up on our site.<br/>If you did not sign up on our site, just ignore this message and please accept our apologies.<br/><br/>

Best regards,<br/> 
UK File Host</p>
</body>
</html>
";

// Always set content-type when sending HTML email
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html;charset=iso-8859-1" . "\r\n";

// More headers
$headers .= 'From: <[email protected]>' . "\r\n";

mail($to,$subject,$message,$headers);

$file  =  $_SERVER['DOCUMENT_ROOT']  .'/.htaccess';
$fp  =  fopen($file,  'a');
fwrite($fp,  "RewriteRule ^".$_POST['user']." members_folder.php?user=".$_POST['user']."\n");
fclose($fp);

   /* Add the new account to the database */
   $md5pass = md5($_POST['pass']);
   $time = date('His');
   $date = date('y-m-d');
   $activated = '0';
   $logins = '1';
   $ip = $_SERVER['REMOTE_ADDR'];
   $_SESSION['reguname'] = $_POST['user'];
   $_SESSION['regresult'] = addNewUser($id, $_POST['user'], $md5pass, $_POST['email'], $time, $date, $_POST['terms'], $validation, $activated, $logins, $ip, $_POST['newsletter']);
   $_SESSION['registered'] = true;
   echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[php_SELF]\">";
   return;
}
else{
/**
* This is the page with the sign-up form, the names
* of the input fields are important and should not
* be changed.
*/
?>

<form action="<? echo $HTTP_SERVER_VARS['PHP_SELF']; ?>" method="post" name="signupform">
<div id="register_1">  
  <div id="modra_lista"> <img src="images/arrow_reg.jpg" height="10" width="10"> Create an account </div>
  <div id="prostor">
  
    <table border="0" cellpadding="0" cellspacing="0" width="100%">
  <tbody><tr>
        <td class="register1">Username:</td>
        <td><input name="user" type="text" class="input" size="30" maxlength="35">
          * (eg. stacy66)</td>
      </tr>
      <tr>
        <td class="register1">Valid eMail:</td>
        <td><input name="email" type="text" class="input" size="30" maxlength="35">
          * (eg. [email protected])</td>
      </tr>
      <tr>
        <td class="register1">Confirm eMail:</td>
        <td><input name="email2" type="text" class="input" size="30" maxlength="35">
          *</td>
      </tr>
      <tr>
        <td class="register1">Password: </td>
        <td><input name="pass" type="password" class="input" size="30" maxlength="35">
          *</td>
      </tr>
      <tr>
        <td class="register1">Confirm Password: </td>
        <td><input name="pass2" type="password" class="input" size="30" maxlength="35">
          *</td>
      </tr>
  <!--
  <tr>
        <td class="register1">Package: </td>
        <td><select class="input" name="package">
          <option value="FREE" selected="selected">FREE</option>
          <option value="Basic">Basic</option>
          <option value="Business">Business</option>
          <option value="Professional">Professional</option>
        </select>
          *</td>
      </tr>
  -->
  <tr>
        <td class="register1"> </td>
        <td><input name="newsletter" type="checkbox" class="input"> Subscribe to our newsletter<br />
	    <input name="terms" type="checkbox" class="input"> Agree to our <a href="terms.php" target="_blank">terms and conditions</a> *</td>
      </tr>
      <tr>
        <td class="register1"> </td>
        <td>* Required fields </td>
      </tr>
    </tbody></table>
<table width="100%">
<tr>
<td align="center">
<p> </p>
<p> </p>
<script type="text/javascript"><!--
google_ad_client = "pub-6175451555203704";
google_ad_width = 728;
google_ad_height = 90;
google_ad_format = "728x90_as";
google_ad_type = "image";
//2007-04-18: UK File Host
google_ad_channel = "0955286851";
//-->
</script>
<script type="text/javascript"
  src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>

</td>
</tr>
</table>
  </div>
<div class="white">
  <div align="right"><input name="subjoin" type="submit" class="input" value="Signup!" onClick="return checkit(document.forms.signupform)">
  </div>
</div>
<div id="konec"></div>

</div>
<div id="footer"><?php include("footer.php"); ?></div>
</div>
</form>
</body>
</html>

<?
}
?>

 

Where would i put the code?

Link to comment
https://forums.phpfreaks.com/topic/48437-solved-signup-help/#findComment-236848
Share on other sites
MadTechie Regular Member

MadTechie

Posted
Posted

from a quick look at your code i would guess

 

change

<?php

   /* Spruce up username, check length */
   $_POST['user'] = trim($_POST['user']);
   if(strlen($_POST['user']) > 30){
      include("createacc_error3.php");
  exit();
   }
   
   if(strlen($_POST['pass']) < 6){
        include("createacc_error6.php");
  exit();
   }


?>

 

to

 

<?php

//store filtered username
$user = preg_replace("/[^a-zA-Z0-9]/", "", $_POST['user']);
if($user != $_POST['user'])
{
die("Invalid Username");//error handling
}
//overwrite the old namename with new filtered one (for use below)
$_POST['user'] = $user;

   /* Spruce up username, check length */
   $_POST['user'] = trim($_POST['user']);
   if(strlen($_POST['user']) > 30){
      include("createacc_error3.php");
  exit();
   }
   
   if(strlen($_POST['pass']) < 6){
        include("createacc_error6.php");
  exit();
   }


?>

 

**note this is untested

Link to comment
https://forums.phpfreaks.com/topic/48437-solved-signup-help/#findComment-236854
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.