Jump to content

Archived

This topic is now archived and is closed to further replies.

nadz

registration form help needed

Recommended Posts

hi, i purchased shockscript arcade not too long ago and never really got round to installing it till a few days ago. the script is actually extremely easy to use and it has worked fine untill i tried registering a test account. after putting all the details in (username, email, password etc) an error comes up :

Warning: mysql_insert_id(): A link to the server could not be established in /home/teenaged/public_html/modules/mod_register.php on line 46
Sorry, but there is a problem with our scripts!
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'LIMIT 1' at line 1
UPDATE members SET [b]highest_rank=3[/b] WHERE id= LIMIT 1

"highest_rank=3" on the last line is always a different number. in this case the error shows a highest_rank=3 because it has just entered the third user into mySQL database. the next user to reg would get the same error but highest_rank would be 4, then 5, then 6 and so on.

the funny thing is that the user can go back to the arcade and login using the user account they just registered. is there anyway i can get rid of this error? ive contacted my host about a corect syntax but im not sure what it actually is.

any help would be appreciated.

btw heres my mod_register.php code:
[code]<?php
define( "DOC_TITLE", "register" );
define( "DOC_ADS", false );

if ( $_SERVER['REQUEST_METHOD'] == "POST" )
{
    if ( empty( $_POST['username'] ) )
        $error = "Please fill in your desired username!";
    else if ( !preg_match( "#^[A-Za-z0-9 _'.-]+$#", $_POST["username"] ) )
        $error = "You may only use the following characters in your username: <em>A-Z a-z 0-9 _ <space> ' . -</em>";
    else if ( empty( $_POST['email'] ) )
        $error = "Please fill in your e-mail address!";
    else if ( empty( $_POST['password'] ) )
        $error = "Please fill in your desired password!";
    else if ( $_POST["password"] != $_POST["vpassword"] )
        $error = "The passwords you supplied did not match!";
    else if ( $_POST["email"] != $_POST["vemail"] )
        $error = "The e-mail addresses you supplied did not match!";
    
    if ( !isset( $error ) )
    {
        $db->query( "SELECT * FROM members WHERE username='".$db->escape( trim(stripslashes($_POST["username"])) )."' LIMIT 1" );
        if ( $db->countRows() > 0 )
            $error = "Sorry, but that username is taken!";
        else
        {
            $db->query( "SELECT * FROM members WHERE email='".$db->escape( strtolower(trim(stripslashes($_POST["email"]))) )."' LIMIT 1" );
            if ( $db->countRows() > 0 )
                $error = "The e-mail address you provided is already in use!";
        }
    }
    
    if ( isset( $error ) )
        $message = "<strong>Error</strong>: ".$error;
    else
    {
        $username = trim(stripslashes($_POST["username"]));
        $password = stripslashes($_POST["password"]);
        $email = strtolower(trim(stripslashes($_POST["email"])));
        $username = preg_replace("/\s{2,}/", ' ', $username);
        
        $db->query( "INSERT INTO members ( username, password, email, ".
                    "joined, last_updated ) VALUES ( '".
                    $db->escape( $username )."', '".md5($password)."', '".
                    $db->escape( $email )."', UNIX_TIMESTAMP(), UNIX_TIMESTAMP() )" );
        $insert_id = mysql_insert_id();
        $db->query( "SELECT * FROM members" );
        $rank = $db->countRows();
        $db->query( "UPDATE members SET highest_rank=".$rank." WHERE id=".$insert_id." LIMIT 1" );
        $db->query( "UPDATE sessions SET member_id=".$insert_id.", admin='0' WHERE id='".
                    session_id()."' LIMIT 1" );
        $ref = htmlentities( stripslashes( $_POST["ref"] ) );
        $ref = empty( $ref )? "/" : $ref;
        ?>
<h1>register</h1>
<br />
<div align="center">
<div style="width: 300px; border: 1px solid #ccc; padding: 20px;">
  <strong>Thanks</strong>, you are now registered and logged in!<br />
  <br />
  <script type="text/javascript">
  <!--
  setTimeout( "window.location='"+unescape('<?= urlencode(stripslashes($_POST["ref"])) ?>')+"';", 1500 );
  //-->
  </script>
  <a href="<?= $ref ?>" class="blue" style="font-weight: bold;">Please wait...</a>
</div>
</div>
<br />
<br />
        <?php        
        $dont_output = true;
    }
}
else
    $message = "fill in the form below to become a member of ".$site_title.".";

if ( !$dont_output )
{
    ?>
<form action="/register" method="post">
<h1>register</h1>
<?= $message ?><br />
<br />
<div style="border: 1px solid #ccc; padding: 10px 0px 10px 0px;" align="right">
<?php
if ( !empty( $_REQUEST["ref"] ) )
    print "<input type=\"hidden\" name=\"ref\" value=\"".
        htmlspecialchars( $_REQUEST["ref"] )."\" />";
else
    print "<input type=\"hidden\" name=\"ref\" value=\"".
        htmlspecialchars( "/" )."\" />";
?>
  <table width="80%" border="0" style="text-align: left;">
   <tr>
    <td width="150"><strong>Username</strong>:</td>
    <td align="right"><input align="middle" type="text" name="username" maxlength="32"
     class="textField" value="<?= stripslashes( htmlspecialchars( $_POST["username"] ) ) ?>" />
    </td>
    <td valign="middle" style="font-size: 9px;">
     (Must be between 3 and 32 characters)
    </td>
   </tr>
   <tr>
    <td width="150"><strong>Password</strong>:</td>
    <td align="right"><input align="middle" type="password" name="password"
     maxlength="32" class="textField" />
    </td>
    <td valign="middle" style="font-size: 9px;">
     (Must be between 3 and 32 characters)
    </td>
   </tr>
   <tr>
    <td width="150">Re-Enter <strong>Password</strong>:</td>
    <td align="right"><input align="middle" type="password" name="vpassword"
     maxlength="32" class="textField" />
    </td>
    <td valign="middle" style="font-size: 9px;">
     (Must match password <em>exactly</em>)
    </td>
   </tr>
   <tr>
    <td width="150"><strong>E-Mail</strong> Address:</td>
    <td align="right"><input align="middle" type="text" name="email"
     class="textField" value="<?= stripslashes( htmlspecialchars( $_POST["email"] ) ) ?>" />
    </td>
    <td valign="middle"></td>
   </tr>
   <tr>
    <td width="150">Re-Enter <strong>E-Mail</strong>:</td>
    <td width="150" align="right"><input align="middle" type="text" name="vemail"
     class="textField" value="<?= stripslashes( htmlspecialchars( $_POST["vemail"] ) ) ?>" />
    </td>
    <td align="left" valign="middle" style="font-size: 9px;">
      (Must match e-mail <em>exactly</em>)
    </td>
   </tr>
   <tr>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
   </tr>
   <tr>
    <td>&nbsp;</td>
    <td colspan="2"><input type="submit" class="button"
     style="padding: 4px; width: 200px;" value="Submit my Registration" />
    </td>
    <td>&nbsp;</td>
   </tr>
  </table>
</div>
<div align="center">
  <small>
   <br />
   Please view our <a href="/privacy" class="grey">Privacy Policy</a>
   and our <a href="/terms" class="grey">Terms &amp; Conditions</a>.
  </small>
</div>
</form>
    <?php
}
?>[/code]

Share this post


Link to post
Share on other sites
i didn't go through all your code, but the problem is that the SQL query didn't have a value for "id"

UPDATE members SET highest_rank=3 WHERE id=[b][!--coloro:#FF0000--][span style=\"color:#FF0000\"][!--/coloro--]?[!--colorc--][/span][!--/colorc--][/b] LIMIT 1

LIMIT is a SQL clause, not an id. Looks like the script is NOT finding the id.

Share this post


Link to post
Share on other sites
thanks for youre help. heres the code in the script i think its not getting:

$db->query( "UPDATE members SET highest_rank=".$rank." WHERE id="[b].$insert_id.[/b]" LIMIT 1" );

can you see anything wrong with it?

Share this post


Link to post
Share on other sites
well i contacted shockscript, they say their not selling it anymore for this exact reason - "overwhelming emails about script errors" beat that for customer support. they did however try to solve my problem by telling me "you might want to try and switch hosts".

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.