Mouse Posted April 3, 2006 Share Posted April 3, 2006 Hi… I am in a pickle… I have followed a couple of tutorials on building a membership login and have come up with a hybrid that works ( [a href=\"http://www.sitepoint.com/article/users-php-sessions-mysql\" target=\"_blank\"]http://www.sitepoint.com/article/users-php-sessions-mysql[/a] )… then I got a little more adventurous and tried to tie in a another tutorial on adding a Captcha (http://www.sitepoint.com/article/toughen-forms-security-image ) basicly I want to do the same thing as PHP Freaks do for their login…The problem I have is the validation scripts… I don’t know how to make them into one working form validation.Session based Login script[code]<?php exit;}$_SESSION['uid'] = $uid;$_SESSION['pwd'] = $pwd;$sql = "SELECT * FROM user WHERE userid = '$uid' AND password = PASSWORD('$pwd')";$result = mysql_query($sql);if (!$result) { error('A database error occurred while checking your '. 'login details.\\nIf this error persists, please '. 'contact [email protected].');}if (mysql_num_rows($result) == 0) { unset($_SESSION['uid']); unset($_SESSION['pwd']); ?>[/code]Captcha validation code[code]<?php // check for posted form if (isset($_POST['login'])) { // see if the code the user typed matched the generated code if (strtoupper($_POST['code']) == $_SESSION['code']) { echo 'Congratulations, you entered the correct code.'; } else { echo 'You have entered the wrong code. Please <a href="index.php">try again</a>.'; } } else { ?>[/code]if anyone wants to have a look at this and walk me through a finished form validation code I would be truly grateful…many thanks in advance…Mouse Link to comment https://forums.phpfreaks.com/topic/6460-form-validation/ Share on other sites More sharing options...
wildteen88 Posted April 3, 2006 Share Posted April 3, 2006 make sure you have session_start as the first line in every php file you use session for.Also the guru status is about your post count not your actual skill/knowledge of PHP itself. Link to comment https://forums.phpfreaks.com/topic/6460-form-validation/#findComment-23420 Share on other sites More sharing options...
Mouse Posted April 3, 2006 Author Share Posted April 3, 2006 [!--quoteo(post=361159:date=Apr 3 2006, 10:19 AM:name=wildteen88)--][div class=\'quotetop\']QUOTE(wildteen88 @ Apr 3 2006, 10:19 AM) [snapback]361159[/snapback][/div][div class=\'quotemain\'][!--quotec--]make sure you have session_start as the first line in every php file you use session for.Also the guru status is about your post count not your actual skill/knowledge of PHP itself.[/quote]the session_start issue has been addressed, thank you. what i was aiming for is one flowing validation script that checks all the fields are filled and puts together the appropriate responce if not... Link to comment https://forums.phpfreaks.com/topic/6460-form-validation/#findComment-23430 Share on other sites More sharing options...
hadoob024 Posted April 3, 2006 Share Posted April 3, 2006 How about something like:[code]<?php// check for posted formif (isset($_POST['login'])){ // see if the code the user typed matched the generated code if (strtoupper($_POST['code']) == $_SESSION['code']) { $_SESSION['uid'] = $uid; $_SESSION['pwd'] = $pwd; $sql = "SELECT * FROM user WHERE userid = '$uid' AND password = PASSWORD('$pwd')"; $result = mysql_query($sql); if (!$result) { error('A database error occurred while checking your '.'login details.\\nIf this error persists, please '. 'contact [email protected].'); } if (mysql_num_rows($result) == 0) { unset($_SESSION['uid']); unset($_SESSION['pwd']); } echo 'Congratulations, you entered the correct code.'; } else { echo 'You have entered the wrong code. Please <a href="index.php">try again</a>.'; }}else{ ?>[/code] Link to comment https://forums.phpfreaks.com/topic/6460-form-validation/#findComment-23511 Share on other sites More sharing options...
complex05 Posted April 3, 2006 Share Posted April 3, 2006 I don't have time to give the exact code for your validation, but a simple way to structure your validation is as follows:if (!$_POST['variable']){ $validate = 1; $error .= "you left some variable blank";}if (!$_POST['variable']){ $validate = 1; $error .= "you left some variable blank";}if (!$_POST['variable']){ $validate = 1; $error .= "you left some variable blank";}THEN, final validationif ($validate == 1){ echo $error;} else { mysql_query("INSERT INTO users (username,pass) VALUES ('$username','$pass')"); echo("successful registration");}That's how I typically do it, hope it helps. Link to comment https://forums.phpfreaks.com/topic/6460-form-validation/#findComment-23541 Share on other sites More sharing options...
alpine Posted April 3, 2006 Share Posted April 3, 2006 You really should consider using a different password encryption method as the PASSWORD() hashing could cause compability problems from mysql version 4.1Consider using md5() or sha() instead.[a href=\"http://dev.mysql.com/doc/refman/4.1/en/application-password-use.html\" target=\"_blank\"]http://dev.mysql.com/doc/refman/4.1/en/app...ssword-use.html[/a] Link to comment https://forums.phpfreaks.com/topic/6460-form-validation/#findComment-23573 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.