Jump to content

[SOLVED] Registration/Adding members to database


RitchieGunz

Recommended Posts

OK, I went through the code and fixed any errors that I could find. Apparently my "/" should have been "\".

 

The reason you aren't seeing anything is because of "/" in the meta tags. The "/" confused it. The page simply isn't being transfered over.

 

I've updated the info, so you should just be able to copy and past the two files and it should work.

 

signup.php

<html>
<head>
	<title>Sign Up</title>
</head>

<body>
	<?php
		echo "<form action=\"check.php\" method=\"post\">";
			if ($_SESSION['short_username'] == TRUE)
			{
				echo "Your username was too short!<br />";
				$_SESSION['short_username'] = FALSE;
			}

			if ($_SESSION['bad_username'] == TRUE)
			{
				echo "Usernames may only contain alphanumeric characters, dashes (-) and underscores (_)<br />";
				$_SESSION['bad_username'] = FALSE;
			}
			echo "Username: <input type=\"text\" name=\"username\" /><br />";

			if ($_SESSION['short_password'] == TRUE)
			{
				echo "Your password was too short!<br />";
				$_SESSION['short_password'] = FALSE;
			}

			if ($_SESSION['bad_password'] == TRUE)
			{
				echo "Passwords may only contain alphanumeric characters.<br />";
				$_SESSION['bad_password'] = FALSE;
			}
			echo "Password: <input type=\"password\" name=\"password\" /><br />";

			if ($_SESSION['match_password'] == TRUE)
			{
				echo "Your passwords did not match!<br />";
				$_SESSION['match_password'] = FALSE;
			}
			echo "Verify Password: <input type=\"password\" name=\"varpassword\" /><br />";

			if ($_SESSION['bad_email'] == TRUE)
			{
				echo "You have entered an invalid E-mail address.<br />";
				$_SESSION['bad_email'] = FALSE;
			}
			echo "E-mail: <input type=\"text\" name=\"email\" /><br />";
			echo "<input type=\"submit\" value=\"Sign Up\" />";
		echo "</form>";
	?>
</body>
</html>

 

 

check.php

<?php
//Database Information
//Username?
$database_username = "root";

//Your password?
$database_password = "";

//The name of the database you are trying to connect to
$database_database = "main";


//Did the user enter a username?
if (strlen($_POST['username']) < 4)
{
	//There username contains less than 4 characters

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['short_username'] = TRUE;

	//Tell the script that something went wrong
	$pass = FALSE;
}

//Did the user enter a password?
if (strlen($_POST['password']) < 4)
{
	//There password contains less than 4 characters

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['short_password'] = TRUE;

	//Tell the script that something went wrong
	$pass = FALSE;
}


//Did the user enter a email address?
if (strlen($_POST['email']) < 
{
	//There email contains less than 4 characters

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['bad_email'] = TRUE;

	//Tell the script that something went wrong
	$pass = FALSE;
}



//Make sure they aren't trying to hack you
if (preg_match("/[^a-zA-Z0-9_-]/", $_POST['username']))
{
   		//Their username contains invalid characters
	//They me be trying to hack you...

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['bad_username'] = TRUE;

	//Tell the script that something went wrong
	$pass = FALSE;
}

//Make sure they aren't trying to hack you
if (preg_match("/[^a-zA-Z0-9]/", $_POST['password']))
{
   		//Their password contains invalid characters
	//They me be trying to hack you...

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['bad_password'] = TRUE;

	//Tell the script that something went wrong
	$pass = FALSE;
}

//Make sure they aren't trying to hack you
if (preg_match("/[^a-zA-Z0-9_-.@]/", $_POST['email']))
{
   		//Their email contains invalid characters
	//They me be trying to hack you...

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['bad_email'] = TRUE;

	//Tell the script that something went wrong
	$pass = FALSE;
}


//For added security, MD5 their passwords before you compare them
$md5_password = md5($_POST['password']);
$md5_varpassword = md5($_POST['varpassword']);

//For the users benefit, make sure their passwords match
if ($md5_password != $md5_varpassword)
{
	//There passwords did not match

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['match_password'] = TRUE;

	//Tell the script that something went wrong
	$pass = FALSE;
}


//If something went wrong, send them back to fix their mistakes
if ($pass == FALSE)
{
	//They failed the exam
	//For some reason they have failed or check system

	//You will need to send the back to fix the problem before we continue
	echo "<meta http-equiv=\"refresh\" content=\"1;url=signup.php\">";

	//I like to kill the script at this point.
	die();
}
else
{
	//They have entered all the required information
	//Their username, password, and email are acceptable


	//For the users protection, you should always encrypt their passwords
	$password = md5($_POST['password']);


	//You now have all their info, you may put them into the database

	//Connect to the database
	$connect = mysql_connect('localhost',$username,$password) or die(mysql_error());

	//Select your database
	mysql_select_db($database) or die(mysql_error());

	//Insert new user
	$username = $_POST['username'];
	$email = $_POST['email'];

	$query = mysql_query("INSERT INTO members ('username', 'password', 'email') VALUES ('" . $username . "', '" . $password . "', '" . $email . "')") or die(mysql_error());

	//Close mysql
	mysql_close();


	//They are now signed up
	//Tell them that they are now signed up
	echo "Congratulations, you are now signed up!";

	//Send them back to the home page
	echo "<meta http-equiv=\"refresh\" content=\"6;url=index.php\">";

	//Offer an optional link in case the transfer doesn't work
	echo "<a href=\"index.php\">If you are not transfered in 10 seconds, click here</a>";
}
?>

 

 

If this doesn't work, I will be back in about 5 hours. Hopefully you won't have any problems..

Link to comment
Share on other sites

  • Replies 100
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

LOL well, Im really serious about learning this language and putting that site together. Im not gonna stop till its done.

 

OK .. I enter fake info on the form .. it brings me to check.php but redirects me back to signup.php .. Im sure thats a good thing .. But I'm not seeing "You're username was too short" or "passwords didnt match" which I know I should be seeing.

Link to comment
Share on other sites

This is gonna be really useful thread for people LOL

 

I was getting this error also, but I fixed it by putting the dash at the end and it works. It probably thought it was range between those characters, dont see why.

 

if (preg_match("/[^a-zA-Z0-9_-.@]/", $_POST['email']))

 

Warning: preg_match() [<function.preg-match>]: Compilation failed: range out of order in character class at offset 13 but its still just redirecting back to signup.php

Link to comment
Share on other sites

Wow! I am stupid for not using this in the first place!

 

signup.php

<?php session_start(); ?>

<html>
<head>
	<title>Sign Up</title>
</head>

<body>
	<?php
		echo "<form action=\"check.php\" method=\"post\">";
			if ($_SESSION['short_username'] == TRUE)
			{
				echo "Your username was too short!<br />";
				$_SESSION['short_username'] = FALSE;
			}

			if ($_SESSION['bad_username'] == TRUE)
			{
				echo "Usernames may only contain alphanumeric characters, dashes (-) and underscores (_)<br />";
				$_SESSION['bad_username'] = FALSE;
			}
			echo "Username: <input type=\"text\" name=\"username\" /><br />";

			if ($_SESSION['short_password'] == TRUE)
			{
				echo "Your password was too short!<br />";
				$_SESSION['short_password'] = FALSE;
			}

			if ($_SESSION['bad_password'] == TRUE)
			{
				echo "Passwords may only contain alphanumeric characters.<br />";
				$_SESSION['bad_password'] = FALSE;
			}
			echo "Password: <input type=\"password\" name=\"password\" /><br />";

			if ($_SESSION['match_password'] == TRUE)
			{
				echo "Your passwords did not match!<br />";
				$_SESSION['match_password'] = FALSE;
			}
			echo "Verify Password: <input type=\"password\" name=\"varpassword\" /><br />";

			if ($_SESSION['bad_email'] == TRUE)
			{
				echo "You have entered an invalid E-mail address.<br />";
				$_SESSION['bad_email'] = FALSE;
			}
			echo "E-mail: <input type=\"text\" name=\"email\" /><br />";
			echo "<input type=\"submit\" value=\"Sign Up\" />";
		echo "</form>";
	?>
</body>
</html>

 

 

check.php

<?php
    //Start the session
    session_start();
    
//Database Information
//Username?
$database_username = "root";

//Your password?
$database_password = "";

//The name of the database you are trying to connect to
$database_database = "main";


//Did the user enter a username?
if (strlen($_POST['username']) < 4)
{
	//There username contains less than 4 characters

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['short_username'] = TRUE;

	//Tell the script that something went wrong
	$pass = FALSE;
}

//Did the user enter a password?
if (strlen($_POST['password']) < 4)
{
	//There password contains less than 4 characters

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['short_password'] = TRUE;

	//Tell the script that something went wrong
	$pass = FALSE;
}


//Did the user enter a email address?
if (strlen($_POST['email']) < 
{
	//There email contains less than 4 characters

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['bad_email'] = TRUE;

	//Tell the script that something went wrong
	$pass = FALSE;
}



//Make sure they aren't trying to hack you
if (preg_match("/[^a-zA-Z0-9_-]/", $_POST['username']))
{
   		//Their username contains invalid characters
	//They me be trying to hack you...

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['bad_username'] = TRUE;

	//Tell the script that something went wrong
	$pass = FALSE;
}

//Make sure they aren't trying to hack you
if (preg_match("/[^a-zA-Z0-9]/", $_POST['password']))
{
   		//Their password contains invalid characters
	//They me be trying to hack you...

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['bad_password'] = TRUE;

	//Tell the script that something went wrong
	$pass = FALSE;
}

//Make sure they aren't trying to hack you
if (preg_match("/[^a-zA-Z0-9_-.@]/", $_POST['email']))
{
   		//Their email contains invalid characters
	//They me be trying to hack you...

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['bad_email'] = TRUE;

	//Tell the script that something went wrong
	$pass = FALSE;
}


//For added security, MD5 their passwords before you compare them
$md5_password = md5($_POST['password']);
$md5_varpassword = md5($_POST['varpassword']);

//For the users benefit, make sure their passwords match
if ($md5_password != $md5_varpassword)
{
	//There passwords did not match

	//Set a session variable so that you can tell the user how they screwed up
	$_SESSION['match_password'] = TRUE;

	//Tell the script that something went wrong
	$pass = FALSE;
}


//If something went wrong, send them back to fix their mistakes
if ($pass == FALSE)
{
	//They failed the exam
	//For some reason they have failed or check system

	//You will need to send the back to fix the problem before we continue
	echo "<meta http-equiv=\"refresh\" content=\"1;url=signup.php\">";

	//I like to kill the script at this point.
	die();
}
else
{
	//They have entered all the required information
	//Their username, password, and email are acceptable


	//For the users protection, you should always encrypt their passwords
	$password = md5($_POST['password']);


	//You now have all their info, you may put them into the database

	//Connect to the database
	$connect = mysql_connect('localhost',$username,$password) or die(mysql_error());

	//Select your database
	mysql_select_db($database) or die(mysql_error());

        //Insert new user
	$username = $_POST['username'];
	$email = $_POST['email'];

	$query = mysql_query("INSERT INTO members ('username', 'password', 'email') VALUES ('" . $username . "', '" . $password . "', '" . $email . "')") or die(mysql_error());

	//Close mysql
	mysql_close();


	//They are now signed up
	//Tell them that they are now signed up
	echo "Congratulations, you are now signed up!";

	//Send them back to the home page
	echo "<meta http-equiv=\"refresh\" content=\"6;url=index.php\">";

	//Offer an optional link in case the transfer doesn't work
	echo "<a href=\"index.php\">If you are not transfered in 10 seconds, click here</a>";
}
?>

 

 

The problem is so obvious for any one who has been doing php for a while!

The sessions where actually being recorded because we never started the session.

 

Any time you use sessions on a page, you must have this:

session_start();

 

at the start of the page!

Link to comment
Share on other sites

I updated my last post. I forgot to change the preg_match again...

 

And you are correct if the dash (-) is in between to other thingys it will not work.

Notice the "a-z" that means look for letters from a to z. Dash needs to be by its self...

Link to comment
Share on other sites

Already fixed that cause I got an error.

 

Now when I do !$ in the fields it comes back and says username and all that was too short. YAY!

 

But .. when I enter actual information, it redirects back to signup.php (w/o it saying username was short and such)

Link to comment
Share on other sites

You have a database right?

You have a table right?

In that table you will have columns such as username, password, email, and id right?

 

When new data is entered, you get what is called a "row".

It is in that row, where the information is.

Now, to see that row, you will need to navigate to that database, to that table, and then at the top you'll see a little button that says "Brows". When you click that, if you have rows, it will display the rows.

Link to comment
Share on other sites

Hold on a few minutes, I just might be able to get a server running on this machine....

My windows partition is fried and I have to run the server off of my flash drive!

 

I broke my linux drive about a week ago, I'm working on that but I can't get it to work. If my linux box was working, we would have had this done on the first few posts! All my scripts are on that drive. And wouldn't you know it, I don't yet have backups... :'(

Link to comment
Share on other sites

Yes, that is true....

 

Well, I am able to run the server like all the others, but I still have the same problem.

 

Anyways, we need to invoke each error one by one.

 

Type in this information in the field and note the response. We will start with the username. You should only get one error each time.

Username: ri

password: george

varpassword: george

email: ritchie@george.net

 

What error did you get?

 

 

 

Then try:

Username: ritchie$%

password: george

varpassword: george

email: ritchie@george.net

 

What error did you get?

 

 

 

Now to try the passwords

 

Then try:

Username: ritchie

password: ge

varpassword: ge

email: ritchie@george.net

 

What error did you get?

 

 

 

Then try:

Username: ritchie

password: george$

varpassword: george$

email: ritchie@george.net

 

What error did you get?

 

 

 

Then try:

Username: ritchie

password: george

varpassword: ritchie

email: ritchie@george.net

 

What error did you get?

 

 

 

 

Now for the email...

 

Then try:

Username: ritchie

password: george

varpassword: george

email: r2

 

What error did you get?

 

 

 

Then try:

Username: ritchie

password: george$

varpassword: george$

email: ritchie@ge#&(!ge.net

 

What error did you get?

Link to comment
Share on other sites

Username: ri

password: george

varpassword: george

email: ritchie@george.net

 

What error did you get? (Username too short)

 

 

 

Then try:

Username: ritchie$%

password: george

varpassword: george

email: ritchie@george.net

 

What error did you get? (Usernames may only contain alphanumeric characters, dashes (-) and underscores (_))

 

 

 

Now to try the passwords

 

Then try:

Username: ritchie

password: ge

varpassword: ge

email: ritchie@george.net

 

What error did you get? (Your password was too short!)

 

 

 

Then try:

Username: ritchie

password: george$

varpassword: george$

email: ritchie@george.net

 

What error did you get? (Passwords may only contain alphanumeric characters.)

 

 

 

Then try:

Username: ritchie

password: george

varpassword: ritchie

email: ritchie@george.net

 

What error did you get? (Your passwords did not match!)

 

 

 

 

Now for the email...

 

Then try:

Username: ritchie

password: george

varpassword: george

email: r2

 

What error did you get? (You have entered an invalid E-mail address.)

 

 

 

Then try:

Username: ritchie

password: george$

varpassword: george$

email: ritchie@ge#&(!ge.net

 

What error did you get? (Passwords may only contain alphanumeric characters. and You have entered an invalid E-mail address.)

 

Link to comment
Share on other sites

Ok... Add this line:

die();

 

Right before this line:

//If something went wrong, send them back to fix their mistakes

 

 

Then run the script again with:

Username: ritchie

password: ritchie

varpassword: ritchie

email: ritchie@gunz.net

 

Now what happens?

Link to comment
Share on other sites

Right, the die() function tells php to stop parsing the information. By telling it to stop at that point, it tells me that everything above that point is not causing the problem.

 

Now, move the die() function that you just entered to right above this line:

//They failed the exam

 

so it would be:

//If something went wrong, send them back to fix their mistakes

if ($pass == FALSE)

{

die();

//They failed the exam

//For some reason they have failed or check system

 

//You will need to send the back to fix the problem before we continue

echo "<meta http-equiv=\"refresh\" content=\"1;url=signup.php\">";

 

//I like to kill the script at this point.

die();

}

 

Tell me what it does...

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.