Jump to content


Photo

help on posting data back to db


  • Please log in to reply
3 replies to this topic

#1 avo

avo
  • Members
  • PipPipPip
  • Advanced Member
  • 148 posts
  • Locationstaffordshire uk

Posted 03 April 2006 - 05:07 PM

Hi All

I wounder if this can be looked at for me please ive tryed and tryed but still can figure out why is giving me and error when i post data back to my db

if you do want to look at it in action please goto
www.ezee-books.co.uk/members

login with admin then bust as password

then on the left click new item enter any details
then click add user

you will then see it says Username already in use but its NOT!!! .
ive been on this now for about 5 hours and cant see why i bet its somethig silly im missing.

ok the code beind the form is

require_once('../members/common.php');
require_once('admin_header.php');
session_start();
create_header();
echo "<p> </p>";

$submit = $_REQUEST['submit'];

if(!isset($submit) && $submit != '')
{
    /* show the signup form */
    require("signup.txt");
}
else
{
    if(!is_valid_username())
    {
        err_message("Please fill in all the fields");
        require("signup.txt");                  
    }
    else if(!is_valid_addr())
    {
        err_message("the email address you entered is not valid or unacceptable.");
        require("signup.txt");                  
    }
    else
    {
        /*
        * check the referer otherwise this script can be used for mail spoofing.
        * todo: a more vigourous check.
        */
        if(is_valid_referer())
        {
            /*
            * everything has worked out let's create that account.
            */

            require    ("../inc/config.php");
            $username = sanitize_variable($_REQUEST['username']);    
            $password = sanitize_variable($_REQUEST['password']);    

            if($user_password_function == 1)
            {
                $query = "INSERT INTO USERS(userName,userPassword,userStatus)
                    values('$username',password('$password'),1)";
            }
            else
            {

                $query = "INSERT INTO USERS(userName,userPassword,userStatus)
                    values('$username',md5('$password'),1)";
            }

            db_query($query,$con);

        $err = db_error_log();
        if($err == '')    
        {    

                $userid = db_insert_id('users_userid_seq');
                $email = sanitize_variable($_REQUEST['email']);

                $query = "INSERT INTO userProfile(userEmail, userId)
                        VALUES('$email', $userid)";

                db_query($query);
                $err = db_error_log();

                if($err == '')    
                {
                    err_message('Account created.');
                    require("signup.txt");                  
                }                                
                else
                {    
                    echo mysql_error();
                    err_message('The username you chose is already in use');
                    require("signup.txt");                  
                }    
            }
            else
            {    
                err_message('The username you chose is already in use');
                require("signup.txt");                  
    }    
        }
        else    
        {    
        err_message('<font face="verdana" size="2">Username already in use</font>');
            require("signup.txt");                  
        }
    }
}

create_footer();
     
?>

The include text file is (signup.txt)

<style type="text/css">
<!--
.mTable
{
    background-color: #ffffff;
    
}

.mTr
{
    background-color: #e5e5c6;
    border-color: #eeeeee;
    
}
-->
</style>
<form action="newuser.php" method="post">
<table align="center" width="450" >
  <tbody>
    <tr  class="mTr"><td colspan="3" align="center"><h4>Add new user</h4></td></tr>
    <tr class="mTr">
      <td wdith="200">User name</td>
      <td width="200" align="center"><input type="text" name="username"  value="<? echo $_REQUEST['username']; ?>" style="width: 150px"></td>
      <td>*</td>
    </tr>
    <tr class="mTr">
      <td>email</td>
      <td align="center"><input type="text" name="email"  value="<? echo $_REQUEST['email']; ?>" style="width: 150px"></td>
      <td>*</td>
    </tr>
    <tr class="mTr">
      <td>Password</td>
      <td align="center"><input type="password" name="password" style="width: 150px"></td>
      <td>*</td>
    </tr>
    <tr class="mTr">
      <td>Confirm Password</td>
      <td align="center"><input type="password" name="password1" style="width: 150px"></td>
      <td>*</td>
    </tr>
    <tr class="mTr"><Br><td colspan="3" align="center">
    <input type="submit" name="submit" value="Add user"></td></tr>
  </tbody>
</table>
</form>

<img src="../images/blank.gif" onLoad="refresh_left();">

The header file is well just the header info and the common file is the db connection file

all help appriciated as always


Im loving it ........

#2 shortj75

shortj75
  • Members
  • PipPipPip
  • Advanced Member
  • 118 posts
  • LocationPort Huron,mi

Posted 03 April 2006 - 06:03 PM

do you have a code that is checking you db fo the username and password if so please post it that is probably where the error is
The Short One

hopfully this helps if it doesn't sorry
i won't write the code for you!!! you don't learn that way

#3 avo

avo
  • Members
  • PipPipPip
  • Advanced Member
  • 148 posts
  • Locationstaffordshire uk

Posted 03 April 2006 - 06:13 PM

Hi

Thanks for your reply

db connection file is

<?

/**
 * set to the servername or IP address of your mysql server
 */
$db_server = "private";

/**
 * postgres or mysql?
 */
$db_type = "mysql";

/**
 * set to the mysql account name.
 */
$db_user = "private";
 
/**
 * set the password for the mysql account given in $db_user
 */
$db_pass = "private";


/**
 * If your database isn't called user_manager, change the line below.
 */
 
$db_name = "private";


/**
 * When validate_email is set to one, users are sent an email with a
 * special 'account validation link'. Their account get's activated 
 * only if they click on that link.
 *
 * This step helps to ensure that visitors do not enter fake data 
 * at sign up.
 */
 
$validate_email = 0;

/**
 * Set to 1, if the system should send out a welcome email. If 
 * validate_email is set to 1, the system will send out an email 
 * asking the user to validate his account. In this case a separate
 * welcome email will not be sent.
 *
 * In other words $welcome_email takes effect only when $validate_email
 * is set to 0.
 */
$welcome_email = 1;


/**
 * site_name should be set to the name of your website.
 */
$site_name = "TeamConsole";

/** 
 * the url to the home page of your website.
 */
$site_url  = "http://{$_SERVER['SERVER_NAME']}/";
error_log($site_url);

/**
 * The following email address will be used in the from field for 
 * password reminder and user validation emails.
 */
 
 
 /**
 * don't change the next few lines
 */
if($db_type == "mysql")
{
    $con = mysql_connect($db_server, $db_user, $db_pass);
    mysql_select_db($db_name,$con);
}
else
{
    $pgString = "host=$db_server dbname=$db_name user=$db_user";
    if($db_pass != '')
    {
        $pgString .= " password=$db_pass";
    }
    $con = pg_connect($pgString);
    error_log('connecting to db with ' . $pgString);
    
}

$member_service_email = "admin@teamconsole.co.uk";

/**
 * This is the default setting for the <title></title> tag of each
 * page in the members area. Can be customized at page level too.
 */
$msg_title  = "Team Console Progress Checker";    


/**
 * This is the prompt on the signup page.
 */
$msg_signup =    '<p>Please select a username for your account along with a password. Please also
    fill in your current email address.</p>';    

/**
 * this is the prompt on the password reminder page.
 */    
$msg_password_reminder ='If you have forgotten your password please enter your username below.
            We will reset your password and email it to the address in our records. If you have forgotten your
            username as well, you will need to create a <a href="signup.php">new account</a>';
    
/**
 * this message is displayed after the password is reset successfully.
 */                    
$msg_pass_changed="Your password has been reset and the new password has been emailed to the
                address in our records, please login with the new password and change it immidiately.";            

                
/**
 * The message to be displayed when the user clicks on the account validation
 * link. (which is sent via email, at signup time).
 */                
$msg_validated ='<p> </p>
                <table border="0" width="80%" align="center">
                  <tr><td><h3>Welcome to Rad Inks.</h3></td></tr>
                 <tr><td>Your account has been activated. You can now make full use of the
                 added benefits available to members of this website. 
                 Please <a href="login.php">click here</a> to login for the first time.</td></tr>
                </table>';                                
                
//$session_save = 'db';

/**
 * set this to 1, if you want to use the password() function to encrypt the
 * user's passwords instead of the md5() function when using a mysql db.
 */
$user_password_function=0;    
?>

Thanks in advance
Im loving it ........

#4 shortj75

shortj75
  • Members
  • PipPipPip
  • Advanced Member
  • 118 posts
  • LocationPort Huron,mi

Posted 04 April 2006 - 04:33 AM

in all of you code you are not actually checking to see if the user nam exists so you code is automaticaly comming back with the error
The Short One

hopfully this helps if it doesn't sorry
i won't write the code for you!!! you don't learn that way




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users