Snooble Posted July 17, 2007 Share Posted July 17, 2007 Hello everyone... I'll give you straight code -> I want this page to check if : username is taken or empty password is empty or less than 6 charactors email is taken, empty, or doesn't include @ if any of those are true, redirect to register.php and explain the error to the user whilst reposting the form for completion again. at the moment its going back to register. but entering the data into the table anyway. also not displaying errors to user. This is the registercheck.php page <?php session_start(); $host="localhost"; $username="username"; $password="password"; $db_name="wezzsmusic"; $tbl_name="wmusers"; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $check = "SELECT * FROM wmusers where username='".$_POST['username']."' LIMIT 1"; $checkresult = mysql_query($check); if(mysql_num_rows($checkresult) != 0){ header("Location: register.php"); exit;} $_SESSION['usernamereg'] = $_POST['username']; $_SESSION['passwordreg'] = $_POST['password']; $_SESSION['emailreg'] = $_POST['email']; if ($_POST['username'] == NULL){ header("Location: register.php");} if ($_POST['password'] == NULL){ header("Location: register.php");} if ($_POST['email'] == NULL){ header("Location: register.php");} if (!eregi('@', $_SESSION['emailreg'])) { header("Location: register.php");} $sql = "INSERT INTO wmusers VALUES ('0', '".$_POST['username']."', '".$_POST['password']."', '".$_POST['email']."', '0')"; mysql_query($sql) or die ("Couldn't execute $sql: " . mysql_error()); ?> Here's the register.php form: <form id="form1" name="form1" method="post" action="checkregister.php"> <div align="center"> <table border="1" cellspacing="0" cellpadding="0"> <tr> <td width="305"><table width="278" height="131" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="110"> </td> <td width="13"> </td> <td width="155" colspan="2"> </td> </tr> <tr> <td class="style2"><div align="right" class="style4"> <?php $check = "SELECT * FROM wmusers where username='".$_POST['username']."' LIMIT 1"; $checkresult = mysql_query($check); if(isset($_SESSION['usernamereg']) && strlen($_SESSION['usernamereg'] < "1")){ echo '(Empty) Username'; } elseif(mysql_num_rows($checkresult) != 0 && isset($_SESSION['usernamereg'])){ echo '(Taken) Username'; } else{ echo 'Username'; } ?> </div></td> <td class="style2"><div align="center"><span class="register">:</span></div></td> <td height="40" colspan="2" class="style2"><div align="left"> <?php if(isset($_SESSION['usernamereg']) && strlen($_SESSION['usernamereg'] < "1")){ echo '<input name="username" type="text" id="username" size="10" maxlength="10"/>'; } else{ echo '<input name="username" type="text" id="username" size="10" maxlength="10" value="'.$_SESSION['usernamereg'].'"/>'; } ?> </div></td> </tr> <tr> <td class="style2"><img src="images/1.jpg" width="1" height="5" /></td> <td class="style2"><img src="images/1.jpg" width="1" height="1" /></td> <td colspan="2" class="style2"><img src="images/1.jpg" width="1" height="1" /></td> </tr> <tr> <td class="style2"><div align="right" class="style4"> <?php if(isset($_SESSION['passwordreg']) && strlen($_SESSION['passwordreg'] < "1")){ echo '(Empty) Password'; }elseif(strlen($_SESSION['passwordreg'] > "1")){ echo 'Password'; } else{ echo 'Password'; } ?> </div></td> <td class="style2"><div align="center"><span class="register">:</span></div></td> <td height="40" colspan="2" class="style2"><div align="left"> <?php if(isset($_SESSION['passwordreg']) && strlen($_SESSION['passwordreg'] < "1")){ echo '<input name="password" type="password" id="password" size="10" maxlength="10" />'; } elseif(strlen($_SESSION['passwordreg'] > "1")){ echo '<input name="password" type="password" id="password" size="10" maxlength="10" />'; } else{ echo '<input name="password" type="password" id="password" size="10" maxlength="10" />'; } ?> </div></td> </tr> <tr> <td class="style2"><img src="images/1.jpg" width="1" height="5" /></td> <td class="style2"><img src="images/1.jpg" width="1" height="5" /></td> <td colspan="2" class="style2"><img src="images/1.jpg" width="1" height="5" /></td> </tr> <tr> <td class="style2"><div align="right" class="style4"> <?php if(isset($_SESSION['emailreg']) && strlen($_SESSION['emailreg'] < "1")){ echo '(Empty) Email'; } elseif(!eregi('@', $_SESSION['emailreg']) && strlen($_SESSION['emailreg'] > "0")) { echo '(Invalid) Email'; } elseif(strlen($_SESSION['emailreg'] > "1")){ echo 'Email'; } else { echo 'Email'; } ?> </div></td> <td class="style2"><div align="center"><span class="register">:</span></div></td> <td height="40" colspan="2" class="style2"><div align="left"> <?php if(isset($_SESSION['emailreg']) && strlen($_SESSION['emailreg'] < "1")){ echo '<input name="email" type="text" id="email" size="10" />'; } elseif(strlen($_SESSION['emailreg'] > "1")){ echo '<input name="email" type="text" id="email" size="10" value="'.$_SESSION['emailreg'].'"/>'; } else{ echo '<input name="email" type="text" id="email" size="10" />'; } ?> </div></td> </tr> <tr> <td colspan="4"><div align="left"><br /> <div align="right"> <table width="69" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="133"><input type="submit" name="Submit" value="Register" /></td> </tr> </table> <br /> </div> </div></td> </tr> </table></td> </tr> </table> </div> </form> Thanks, Snooble Quote Link to comment https://forums.phpfreaks.com/topic/60370-solved-big-trouble-with-easy-form-check/ Share on other sites More sharing options...
Glyde Posted July 17, 2007 Share Posted July 17, 2007 Always get in the habit of adding an exit; statement after your header("Location: ...") calls. Setting a header location may result in your script being completed before the browser is redirected, which is why data is getting into the table. May I suggest this method instead, however: <?php $errors = array(); if (empty($_POST['username'])) { $errors[] = 'Please supply a username'; } if (empty($_POST['password']) || strlen($_POST['password']) < 6) { $errors[] = 'You entered an invalid password'; } if (empty($_POST['email']) || strpos($_POST['email'], '@') === false) { $errors[] = 'You entered an invalid email'; } if (count($errors)) { // Header here...redirect exit; } else { // mySQL insert here } ?> Quote Link to comment https://forums.phpfreaks.com/topic/60370-solved-big-trouble-with-easy-form-check/#findComment-300344 Share on other sites More sharing options...
Snooble Posted July 17, 2007 Author Share Posted July 17, 2007 looks good to be.. i'll implement your method now... thanks... topic solved THANK YOU EVER SO MUCH! Quote Link to comment https://forums.phpfreaks.com/topic/60370-solved-big-trouble-with-easy-form-check/#findComment-300357 Share on other sites More sharing options...
KevinM1 Posted July 17, 2007 Share Posted July 17, 2007 The logic of your form validation is pretty muddled. I believe the best thing to do would be to create a sticky form, which is basically what you're trying to build anyway. This will save you from jumping around between scripts, as well as trimming down the number of times you use the database. If you were to make a sticky form out of what you currently have, it'd probably go a bit like this: <?php function myEscape($string){ //function that helps clean info to be inserted into the database return (get_magic_quotes_gpc()) ? mysql_real_escape_string(stripslashes($string)) : mysql_real_escape_string($string); } $errMessage = NULL; if(isset($_POST['submit'])){ //if the form's been submitted, process the info if(isset($_POST['name'])){ //if a name's been entered, run the db check $checkQuery = "SELECT * FROM wmusers WHERE username = '{$_POST['name']}' LIMIT 1"; $checkResult = mysql_query($checkQuery); if(mysql_num_rows($checkResult)){ //if the name's already been taken (rows >= 1). $errMessage .= "That username has already been taken. Please enter another.<br />\n"; $nameCheck = false; } else{ $name = myEscape($_POST['name']); $nameCheck = true; } else{ //user forgot to enter a username $errMessage .= "Please enter a username.<br />\n"; $nameCheck = false; } if(isset($_POST['password'])){ //was the password set? if(strlen($_POST['password']) < 6)){ //if it's too short $errMessage .= "The password you provided is too short. Please enter a password of at least six characters in length<br />\n"; $passCheck = false; } else{ $password = myEscape($_POST['password']); $passCheck = true; else{ //user forgot to enter a password $errMessage .= "Please enter a password.<br />\n"; $passCheck = false; } if(isset($_POST['email')){ //was the e-mail set? if(preg_match("/^[\w-]+(\.[\w-]+)*@([\w-]+\.)+[a-zA-Z]{2,7}$/", $_POST['email'])){ //does it fit the correct pattern? $email = myEscape($_POST['email']); $emailCheck = true; else{ $errMessage .= "Please enter a correctly formed e-mail address (name@host).<br />\n"; $emailCheck = false; } else{ //e-mail not set $errMessage .= "Please enter your e-mail address.<br />\n"; $emailCheck = false; } if($nameCheck && $passCheck && $emailCheck){ //if everything checks out $insertQuery = "INSERT INTO wmusers (username, password, email) VALUES ('$name', '$password', '$email')"; $insertResult = mysql_query($insertQuery); if(mysql_affected_rows($insertResult) == 1){ //only 1 row was inserted header("Location: http://www.somewhereelse.php"); exit(); } else{ //something still went wrong! $errMessage .= "Something went wrong with the registration. Please contact the webmaster.<br />\n"; } } else{ echo "<span style='color: #ff0000;'>$errMessage</span><br />\n"; } } ?> //close PHP to display the form <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST"> <!-- form inputs go here --> </form> Quote Link to comment https://forums.phpfreaks.com/topic/60370-solved-big-trouble-with-easy-form-check/#findComment-300365 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.