Foser Posted June 5, 2007 Share Posted June 5, 2007 $username = $_POST['username']; $email = $_POST['mail']; $password = md5($_POST['pw']); $rights = "user"; mysql_query(mysql_fetch_assoc("SELECT FROM user_info")); while($username = $user_info['username']){ echo "This username has already been taken<br>"; } while($email = $user_info['e-mail']){ echo "This E-mail has already been Registered";} else { mysql_query("INSERT INTO user_info (username, email, password, rights) VALUES ($username, $email, $password, $rights)") or die mysql_error(); echo "You are now registered, you may now login."; } alright what I am trying to do is if the two while commands are false or one is false and one true, to echo the echos following. Although if both are false I want it to do something like the else command. But im not sure if else can be followed by while looping & that's what my error is about. What is a command that can do something similar that can be put after a while looping command. Thanks Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted June 5, 2007 Share Posted June 5, 2007 You don't want to use a "while" statement here, you want to use a query into the database to see if the username or email has already been used: <?php $username = mysql_real_escape_string($_POST['username']); // never trust user input $email = mysql_real_escape_string($_POST['mail']); $password = md5($_POST['pw']); $rights = "user"; $q = "select * from user_info where username ='" . $username . "' or e-mail = '" . $email . "'"; $rs = mysql_query($q) or die("Problem with the query: <pre>$q</pre>" . mysql_error()); $if (mysql_num_rows > 0) { $user_info = mysql_fetch_asssoc($rs); if ($username == $user_info['username']) echo 'This username has already been taken<br>'; if ($email == $user_info['e-mail']) echo 'This E-mail has already been Registered'; } else { $q = "INSERT INTO user_info (username, email, password, rights) VALUES ($username, $email, $password, $rights)"; $rs = mysql_query($q) or die ("Problem with the insert query <pre>$q</pre>" . mysql_error()); echo "You are now registered, you may now login."; } ?> Ken Quote Link to comment Share on other sites More sharing options...
Foser Posted June 5, 2007 Author Share Posted June 5, 2007 is there an way more near of what i done? or was I way off? Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted June 5, 2007 Share Posted June 5, 2007 Here is a way that is closer to what you were trying to do: <?php $username = mysql_real_escape_string($_POST['username']); // never trust user input $email = mysql_real_escape_string($_POST['mail']); $password = md5($_POST['pw']); $rights = "user"; $q = "SELECT * FROM user_info"; $rs = mysql_query($q); $prob = false; while ($user_info = mysql_fetch_assoc($rs)) { if ($_POST['username'] == $user_info['username']) { $prob = true; echo 'This username has already been taken<br>'; } if ($_POST['email'] == $user_info['e-mail']) { $prob = true; echo 'This email address has already been registered<br>'; } } if (!$prob) { $q = "INSERT INTO user_info (username, email, password, rights) VALUES ($username, $email, $password, $rights)"; $rs = mysql_query($q) or die ("Problem with the insert query <pre>$q</pre>" . mysql_error()); echo "You are now registered, you may now login."; } ?> Ken Quote Link to comment Share on other sites More sharing options...
Foser Posted June 5, 2007 Author Share Posted June 5, 2007 mysql_real_escape_string i've tried to research this command but I can't seem to find what exacly it does and what it works for Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted June 5, 2007 Share Posted June 5, 2007 Read the manual page. Think of it as the addslashes() function on steriods. It escapes characters in strings that are known to be harmful to MySQL queries. Ken Quote Link to comment Share on other sites More sharing options...
Foser Posted June 5, 2007 Author Share Posted June 5, 2007 ah so SQL injections and things? Also I never understood for some if statement and stuff you have an exclamation point before a $ variable. Quote Link to comment Share on other sites More sharing options...
Foser Posted June 5, 2007 Author Share Posted June 5, 2007 bump Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted June 5, 2007 Share Posted June 5, 2007 What is your question about the "if" statements. The exclamation point is the "not" operator. <?php $something = false; if (!$something) echo 'This is true'; ?> Ken Quote Link to comment Share on other sites More sharing options...
cooldude832 Posted June 5, 2007 Share Posted June 5, 2007 You don't want to use a "while" statement here, you want to use a query into the database to see if the username or email has already been used: <?php $username = mysql_real_escape_string($_POST['username']); // never trust user input $email = mysql_real_escape_string($_POST['mail']); $password = md5($_POST['pw']); $rights = "user"; $q = "select * from user_info where username ='" . $username . "' or e-mail = '" . $email . "'"; $rs = mysql_query($q) or die("Problem with the query: <pre>$q</pre>" . mysql_error()); $if (mysql_num_rows > 0) { $user_info = mysql_fetch_asssoc($rs); if ($username == $user_info['username']) echo 'This username has already been taken<br>'; if ($email == $user_info['e-mail']) echo 'This E-mail has already been Registered'; } else { $q = "INSERT INTO user_info (username, email, password, rights) VALUES ($username, $email, $password, $rights)"; $rs = mysql_query($q) or die ("Problem with the insert query <pre>$q</pre>" . mysql_error()); echo "You are now registered, you may now login."; } ?> Ken Ken you got the right idea, but I've learned from dealing with large tables that using the select * is a very poor decision. Try and only grab 1 field like ID or something like that to speed up load times. Rule of thumb is always grab what you need rather than the whole row or rows Quote Link to comment Share on other sites More sharing options...
Foser Posted June 5, 2007 Author Share Posted June 5, 2007 I get this error... Parse error: syntax error, unexpected T_STRING in C:\WAMP\www\Tutorials\PHP_MYSQL\Simple_MySQL\Login\regproc.php on line 12 <?php include("config.php"); //user data $username = mysql_real_escape_string($_POST['username']); $email = mysql_real_escape_string($_POST['mail']); $password = md5($_POST['pw']); $rights = "user"; $taken = false; while($user_info = mysql_fetch_assoc(mysqlquery(SELECT * FROM user_info))){ if ($_POST['user'] == $userinfo['username']) { $taken = true; echo "This username has already been taken.<br>";} if ($_POST['email'] == $userinfo['e-mail']){ $taken = true; echo "This E-mail has already been registered.<br>.";}} if (!$take){ mysql_query("INSERT INTO user_info (username, email, password, rights) VALUES ($username, $email, $password, $rights)") or die mysql_error(); echo "You are now registered, you may now login."; } ?> the line 12 is the while loop statement line. Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted June 5, 2007 Share Posted June 5, 2007 Do not try to "short cut" and put everything in one statement, you WILL run into problems. Instead of <?php while($user_info = mysql_fetch_assoc(mysqlquery(SELECT * FROM user_info))){ ?> where you've left off the quotes around your string. This would cause the loop not to terminate, do <?php\ $q = "SELECT username, e-mail FROM user_info"; $rs = mysql_query($q) or die("Problem with the query <pre>$q</pre>" . mysql_error()); while($user_info = mysql_fetch_assoc($rs)){ ?> Ken Quote Link to comment Share on other sites More sharing options...
Foser Posted June 5, 2007 Author Share Posted June 5, 2007 I don't understand the part that $q is twice but both equal to two different things. Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted June 5, 2007 Share Posted June 5, 2007 I don't understand the part that $q is twice but both equal to two different things. What are you referring to here? The variable $q is just used to hold the mysql_query, so when you execute the "mysql_query()" function, it can be echoed to the screen if there is an error. Ken Quote Link to comment Share on other sites More sharing options...
per1os Posted June 5, 2007 Share Posted June 5, 2007 I don't understand the part that $q is twice but both equal to two different things. What are you referring to here? The variable $q is just used to hold the mysql_query, so when you execute the "mysql_query()" function, it can be echoed to the screen if there is an error. Ken If you do not do that and execute the code the way you had it with the mysql_query() inside the while it will throw an endless loop as there is no solid reference to the query and the query keeps regenerating itself. So what you get is the first row being returned an infinite amount of times. Using ken's way the $q holds the reference the query and does not re-create that reference everytime the loop runs thus it can loop through and get all the rows returned and not cause an infinite loop. Hope that helps. Quote Link to comment Share on other sites More sharing options...
Foser Posted June 6, 2007 Author Share Posted June 6, 2007 $q = SELECT * FROM user_info; I have an error on that line... T_STRING error on that line. Quote Link to comment Share on other sites More sharing options...
chocopi Posted June 6, 2007 Share Posted June 6, 2007 Try $q = mysql_query("SELECT * FROM user_info"); Hope it helps, ~ Chocopi Quote Link to comment Share on other sites More sharing options...
Foser Posted June 6, 2007 Author Share Posted June 6, 2007 I did try it all together but someone told me to put it all in steps and i did... $q = SELECT * FROM user_info; $ms = mysql_query($q); while($user_info = mysql_fetch_assoc($ms)){ ... Quote Link to comment Share on other sites More sharing options...
Foser Posted June 6, 2007 Author Share Posted June 6, 2007 bump Quote Link to comment Share on other sites More sharing options...
per1os Posted June 6, 2007 Share Posted June 6, 2007 It would be nice if you encapsulated your string in some type of quotes. $q = "SELECT * FROM user_info"; $ms = mysql_query($q); while($user_info = mysql_fetch_assoc($ms)){ Basic syntax man. Read up on it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.