uramagget Posted July 2, 2007 Share Posted July 2, 2007 Hi, I'm making a registration form, and I need help with the form fields. How can I make fields OPTIONAL, and how can I make it so users HAVE to fill in a certain field in order to register? Here's my current code: register.php <html> <head> <title>UniDex - Registration</title> <link rel="stylesheet" href="style.css" type="text/css"> <style type="text/css"> #content { border: 1px solid #006699; background:white; padding-top: 20px; text-align:center; } </style> </head> <body> <div id="content"> <form action="register2.php" method="post"> <table width="100%" align="center"> <h2>Registrater for UniDex</h2> <p>Fields marked with a Poke Ball are required.</p> <tr> <td><img src="images/pokeball.png" alt="Required Field">Username</td> <td><input name="uname" type="text"></td> </tr> <tr> <td><img src="images/pokeball.png" alt="Required Field">Password</td> <td><input name="pass" type="password"></td> </tr> <tr> <td><img src="images/pokeball.png" alt="Required Field">E-Mail</td> <td><input name="email" type="text"></td> </tr> <tr> <td><input name="submit" value="Register" type="submit"></td> </tr> </table> </form> </div> </body> </html> register2.php <? $pagename = "Registration"; include "session2.inc.php"; include "../config.inc.php"; include "top.txt"; //Connect to mySQL Database mysql_connect("$host", "$username", "$password")or die("Can't connect"); mysql_select_db("$db_name")or die("Can't connect"); // Get the information the user submitted for registration $uname=$_POST['uname']; $pass=$_POST['pass']; $email=$_POST['email']; // Encrypt the password using MD5, to safely store the password. $md5pass=md5($password); $tbl_name = "admins"; $sql = "INSERT INTO $tbl_name (`uname` , `pass` , `email`) VALUES ('$uname' , '$md5pass' , '$email')"; $result=mysql_query($sql) or die("Error: ". mysql_error(). " with query ". $sql); if($result){ echo "Thank you for registering, $uname. You may now <a href=\"index.php\">Login</a>"; } else { echo "There was a mistake processing your registration. Go <a href=\"register.php\">back</a> and try again. ^^;"; } mysql_close(); include "bottom.txt"; ?> Quote Link to comment Share on other sites More sharing options...
corillo181 Posted July 2, 2007 Share Posted July 2, 2007 easy type a optional or required next to the field. Quote Link to comment Share on other sites More sharing options...
john010117 Posted July 2, 2007 Share Posted July 2, 2007 From what I can see, register2.php doesn't even check that all the fields were filled in. register2.php <?php $pagename = "Registration"; include "session2.inc.php"; include "../config.inc.php"; include "top.txt"; //Connect to mySQL Database mysql_connect("$host", "$username", "$password")or die("Can't connect"); mysql_select_db("$db_name")or die("Can't connect"); // Get the information the user submitted for registration $uname=$_POST['uname']; $pass=$_POST['pass']; $email=$_POST['email']; if(empty($uname)) { echo 'You did not fill in your username'; } elseif(empty($pass)) { echo 'You did not fill in your password.'; } elseif(empty($email)) { echo 'You did not fill in your e-mail.'; } // Encrypt the password using MD5, to safely store the password. $md5pass=md5($password); $tbl_name = "admins"; $sql = "INSERT INTO $tbl_name (`uname` , `pass` , `email`) VALUES ('$uname' , '$md5pass' , '$email')"; $result=mysql_query($sql) or die("Error: ". mysql_error(). " with query ". $sql); if($result){ echo "Thank you for registering, $uname. You may now <a href=\"index.php\">Login</a>"; } else { echo "There was a mistake processing your registration. Go <a href=\"register.php\">back</a> and try again. ^^;"; } mysql_close(); include "bottom.txt"; ?> For each of the fields that are required, do what I have done. If a field is optional, ignore it. Quote Link to comment Share on other sites More sharing options...
corillo181 Posted July 2, 2007 Share Posted July 2, 2007 but i know you want to be able to chekc any ways.. lol this is a quick way for a small form <?php foreach($_POST as $key=>$value){ if($value==""){ echo " sorry you left your $key empty this is a require field"; } } ?> Quote Link to comment Share on other sites More sharing options...
uramagget Posted July 2, 2007 Author Share Posted July 2, 2007 Alright, so now, if I want to make a field optional without showing a mySQL error if it's not filled in, what should I do now? Quote Link to comment Share on other sites More sharing options...
corillo181 Posted July 2, 2007 Share Posted July 2, 2007 make sure that in your mysql field the colum is set to null.. that way it does not expect a value but it will take a value if any value is given. Quote Link to comment Share on other sites More sharing options...
uramagget Posted July 2, 2007 Author Share Posted July 2, 2007 Wow, that worked like a charm! Thank you very much for your help, corillo181, and john. I got my form working. Quote Link to comment Share on other sites More sharing options...
corillo181 Posted July 2, 2007 Share Posted July 2, 2007 for security reason don't forget to add to your code a if(issset($submit)) to make sure that form was submitted and not someone that just ended up giving false values.. the rest I'm sure you will find out eventually. Quote Link to comment Share on other sites More sharing options...
uramagget Posted July 2, 2007 Author Share Posted July 2, 2007 Hm? Wouldn't using mysql_real_escape protect, partially from malicious users? Quote Link to comment Share on other sites More sharing options...
john010117 Posted July 2, 2007 Share Posted July 2, 2007 Yep, and also validating the e-mail address. This is just a function that I wrote a long time ago that validates the e-mail address.. <?php function validate_email ($email) { // First, we check that there's one @ symbol, and that the lengths are right if (!ereg("^[^@]{1,64}@[^@]{1,255}$", $email)) { // Email invalid because wrong number of characters in one section, or wrong number of @ symbols. return false; } // Split it into sections to make life easier $email_array = explode("@", $email); $local_array = explode(".", $email_array[0]); for ($i = 0; $i < sizeof($local_array); $i++) { if (!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_`{|}~-][A-Za-z0-9!#$%&'*+/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$", $local_array[$i])) { return false; } } if (!ereg("^\[?[0-9\.]+\]?$", $email_array[1])) { // Check if domain is IP. If not, it should be valid domain name $domain_array = explode(".", $email_array[1]); if (sizeof($domain_array) < 2) { // Not enough parts to domain return false; } for ($i = 0; $i < sizeof($domain_array); $i++) { if (!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$", $domain_array[$i])) { return false; } } } return true; } ?> Quote Link to comment Share on other sites More sharing options...
corillo181 Posted July 2, 2007 Share Posted July 2, 2007 that's only for input text. but lets say a user go directly to your php code? your mysql well give out an error since there is no value at all saying syntax error and give out some information of your database.. so thats why you need to check that the form was submitted from the registration page and that the necessary fields are fill. sorry my English not very good. Quote Link to comment Share on other sites More sharing options...
corillo181 Posted July 2, 2007 Share Posted July 2, 2007 while this email check is effective with out all the code.. <?php $check="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})"; if(!eregi($check,$email)){ echo"You got a bad email"; }else{ //continue } ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.