Jump to content

Recommended Posts

Yup  ;D .. This is that chunk of lines

 

 

 


//Tell the script that something went wrong
$pass = FALSE;
}



//If something went wrong, send them back to fix their mistakes
if ($pass == FALSE)
{
die();

//They failed the exam
//For some reason they have failed or check system

//You will need to send the back to fix the problem before we continue
echo "<meta http-equiv=\"refresh\" content=\"1;url=signup.php\">";

//I like to kill the script at this point.
die();
}
else
{
//They have entered all the required information
//Their username, password, and email are acceptable


  • Replies 100
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Well, then do you know what that tells us?

 

It tells us that I am a dumb......

 

Anyways, I found the problem....

 

The die() in the if statement tells us that for some reason $pass = FALSE. The problem is, none of our checks told it to be false.

 

Where did I go wrong? I forgot that a variable that is not set, is false. Because of that, the value of $pass in always false until other wise stated.

 

The fix is simple, reverse it...

 

Replace your check.php with this:

<?php
    //Start the session
    session_start();
    
//Database Information
//Username?
$database_username = "root";

//Your password?
$database_password = "";

//The name of the database you are trying to connect to
$database_database = "main";


//Did the user enter a username?
if (strlen($_POST['username']) < 4)
{
	//There username contains less than 4 characters

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['short_username'] = TRUE;

	//Tell the script that something went wrong
	$pass = TRUE;
}

//Did the user enter a password?
if (strlen($_POST['password']) < 4)
{
	//There password contains less than 4 characters

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['short_password'] = TRUE;

	//Tell the script that something went wrong
	$pass = TRUE;
}


//Did the user enter a email address?
if (strlen($_POST['email']) < 
{
	//There email contains less than 4 characters

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['bad_email'] = TRUE;

	//Tell the script that something went wrong
	$pass = TRUE;
}



//Make sure they aren't trying to hack you
if (preg_match("/[^a-zA-Z0-9_-]/", $_POST['username']))
{
   		//Their username contains invalid characters
	//They me be trying to hack you...

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['bad_username'] = TRUE;

	//Tell the script that something went wrong
	$pass = TRUE;
}

//Make sure they aren't trying to hack you
if (preg_match("/[^a-zA-Z0-9]/", $_POST['password']))
{
   		//Their password contains invalid characters
	//They me be trying to hack you...

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['bad_password'] = TRUE;

	//Tell the script that something went wrong
	$pass = TRUE;
}

//Make sure they aren't trying to hack you
if (preg_match("/[^a-zA-Z0-9_.@-]/", $_POST['email']))
{
   		//Their email contains invalid characters
	//They me be trying to hack you...

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['bad_email'] = TRUE;

	//Tell the script that something went wrong
	$pass = TRUE;
}


//For added security, MD5 their passwords before you compare them
$md5_password = md5($_POST['password']);
$md5_varpassword = md5($_POST['varpassword']);

//For the users benefit, make sure their passwords match
if ($md5_password != $md5_varpassword)
{
	//There passwords did not match

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['match_password'] = TRUE;

	//Tell the script that something went wrong
	$pass = TRUE;
}


//If something went wrong, send them back to fix their mistakes
if ($pass == TRUE)
{
	//They failed the exam
	//For some reason they have failed or check system

	//You will need to send the back to fix the problem before we continue
	echo "<meta http-equiv=\"refresh\" content=\"1;url=signup.php\">";

	//I like to kill the script at this point.
	die();
}
else
{
	//They have entered all the required information
	//Their username, password, and email are acceptable


	//For the users protection, you should always encrypt their passwords
	$password = md5($_POST['password']);


	//You now have all their info, you may put them into the database

	//Connect to the database
	$connect = mysql_connect('localhost',$username,$password) or die(mysql_error());

	//Select your database
	mysql_select_db($database) or die(mysql_error());

        //Insert new user
	$username = $_POST['username'];
	$email = $_POST['email'];

	$query = mysql_query("INSERT INTO members ('username', 'password', 'email') VALUES ('" . $username . "', '" . $password . "', '" . $email . "')") or die(mysql_error());

	//Close mysql
	mysql_close();


	//They are now signed up
	//Tell them that they are now signed up
	echo "Congratulations, you are now signed up!";

	//Send them back to the home page
	echo "<meta http-equiv=\"refresh\" content=\"6;url=index.php\">";

	//Offer an optional link in case the transfer doesn't work
	echo "<a href=\"index.php\">If you are not transfered in 10 seconds, click here</a>";
}
?>

You being dumb has happened alot in this thread, huh lol  ;D

 

Now I get this:

 

Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'ODBC'@'localhost' (using password: YES) in C:\xampplite\htdocs\xampp\site\check.php on line 137

Access denied for user 'ODBC'@'localhost' (using password: YES)

Well, that is self explanatory. It means your where unable to connect to the database because your not authorized.

 

This normally means that your username or password is incorrect.

 

In this case, it is my fault once again!

 

use this:

<?php
    //Start the session
    session_start();
    
//Database Information
//Username?
$database_username = "root";

//Your password?
$database_password = "";

//The name of the database you are trying to connect to
$database_database = "main";


//Did the user enter a username?
if (strlen($_POST['username']) < 4)
{
	//There username contains less than 4 characters

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['short_username'] = TRUE;

	//Tell the script that something went wrong
	$pass = TRUE;
}

//Did the user enter a password?
if (strlen($_POST['password']) < 4)
{
	//There password contains less than 4 characters

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['short_password'] = TRUE;

	//Tell the script that something went wrong
	$pass = TRUE;
}


//Did the user enter a email address?
if (strlen($_POST['email']) < 
{
	//There email contains less than 4 characters

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['bad_email'] = TRUE;

	//Tell the script that something went wrong
	$pass = TRUE;
}



//Make sure they aren't trying to hack you
if (preg_match("/[^a-zA-Z0-9_-]/", $_POST['username']))
{
   		//Their username contains invalid characters
	//They me be trying to hack you...

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['bad_username'] = TRUE;

	//Tell the script that something went wrong
	$pass = TRUE;
}

//Make sure they aren't trying to hack you
if (preg_match("/[^a-zA-Z0-9]/", $_POST['password']))
{
   		//Their password contains invalid characters
	//They me be trying to hack you...

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['bad_password'] = TRUE;

	//Tell the script that something went wrong
	$pass = TRUE;
}

//Make sure they aren't trying to hack you
if (preg_match("/[^a-zA-Z0-9_.@-]/", $_POST['email']))
{
   		//Their email contains invalid characters
	//They me be trying to hack you...

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['bad_email'] = TRUE;

	//Tell the script that something went wrong
	$pass = TRUE;
}


//For added security, MD5 their passwords before you compare them
$md5_password = md5($_POST['password']);
$md5_varpassword = md5($_POST['varpassword']);

//For the users benefit, make sure their passwords match
if ($md5_password != $md5_varpassword)
{
	//There passwords did not match

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['match_password'] = TRUE;

	//Tell the script that something went wrong
	$pass = TRUE;
}


//If something went wrong, send them back to fix their mistakes
if ($pass == TRUE)
{
	//They failed the exam
	//For some reason they have failed or check system

	//You will need to send the back to fix the problem before we continue
	echo "<meta http-equiv=\"refresh\" content=\"1;url=signup.php\">";

	//I like to kill the script at this point.
	die();
}
else
{
	//They have entered all the required information
	//Their username, password, and email are acceptable


	//For the users protection, you should always encrypt their passwords
	$password = md5($_POST['password']);


	//You now have all their info, you may put them into the database

	//Connect to the database
	$connect = mysql_connect('localhost',$database_username,$database_password) or die(mysql_error());

	//Select your database
	mysql_select_db($database_database) or die(mysql_error());

        //Insert new user
	$username = $_POST['username'];
	$email = $_POST['email'];

	$query = mysql_query("INSERT INTO members ('username', 'password', 'email') VALUES ('" . $username . "', '" . $password . "', '" . $email . "')") or die(mysql_error());

	//Close mysql
	mysql_close();


	//They are now signed up
	//Tell them that they are now signed up
	echo "Congratulations, you are now signed up!";

	//Send them back to the home page
	echo "<meta http-equiv=\"refresh\" content=\"6;url=index.php\">";

	//Offer an optional link in case the transfer doesn't work
	echo "<a href=\"index.php\">If you are not transfered in 10 seconds, click here</a>";
}
?>

 

I forgot to update the variables....

Error after error after error lol .....

 

 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''username', 'password', 'email') VALUES ('ritchie', '64423c6f5ffd6a3205e0ad788ed' at line 1

Bye now you have to be wondering how I ever get anything done! Lets just say I have NEVER EVER had this many problems with a script!

 

This is a bit of advice for you. Never write a whole script like this before testing it. When I script, I use my local server and test each part. It allows you to solve tiny problems along the way. This prevents all the tiny script errors from making you redo the entire script over and over again.

Write this:

echo $query

die();

 

 

Directly below this line:

$query = mysql_query("INSERT INTO members ('username', 'password', 'email') VALUES ('" . $username . "', '" . $password . "', '" . $email . "')") or die(mysql_error());

 

 

Tell me what it prints.

 

Lol, this is a headache .. Gimme this error again ..

 

 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''username', 'password', 'email') VALUES ('ritchie', '64423c6f5ffd6a3205e0ad788ed' at line 1

OK, use this:

//Insert new user

$username = $_POST['username'];

$email = $_POST['email'];

 

$query = "INSERT INTO members ('username', 'password', 'email') VALUES ('" . $username . "', '" . $password . "', '" . $email . "')"

 

echo $query;

die();

 

mysql_query($query) or die(mysql_error());

 

//Close mysql

mysql_close();

Thats what I thought....

 

Try this:

//Insert new user

$username = $_POST['username'];

$email = $_POST['email'];

 

$query = mysql_query("INSERT INTO members ('username', 'password', 'email') VALUES ('" . $username . "', '" . $password . "', '" . $email . "')");

echo "<br /><br />" . $query . "<br /><br />";

die();

 

//Close mysql

mysql_close();

Ok, something happened to my script change when I posted it

 

Try this:

//Insert new user
$username = $_POST['username'];
$email = $_POST['email'];

$query = mysql_query("INSERT INTO members ('username', 'password', 'email') VALUES ('" . $username . "', '" . $password . "', '" . $email . "')");
echo "<br /><br />" . $query . "<br /><br />";
die();

//Close mysql
mysql_close();

 

Try that. That is what you should have tried but I think it got messed up some how....

God!

 

Try this:

//Insert new user
$username = $_POST['username'];
$email = $_POST['email'];

$query = mysql_query("INSERT INTO members ('username', 'password', 'email') VALUES ('$username', '$password', '$email')") or die(mysql_error());

//Close mysql
mysql_close();

errrrrrrrrr!!!

 

 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''username', 'password', 'email') VALUES ('ritchie', '64423c6f5ffd6a3205e0ad788ed' at line 1

Try this:

//Insert new user
$username = $_POST['username'];
$email = $_POST['email'];

$query = "INSERT INTO members ('username', 'password', 'email') VALUES ($username,$password,$email)";
echo $query;
die();

mysql_query($query) or die(mysql_error());

//Close mysql
mysql_close();

//Insert new user
$username = $_POST['username'];
$email = $_POST['email'];

$query = mysql_query("INSERT INTO `members` (username, password, email) VALUES ('$username', '$password', '$email')") or die(mysql_error());

//Close mysql
mysql_close();

I don't think we did cause that just worked.

 

LADIES AND GENTLEMEN, we can finally mark this damn thread solved!

 

You're both getting friendly donations when the site is up and running!

 

Thank you guys so much especially you Bob for sticking wit me, lol

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.