Jump to content

help on posting data back to db


avo

Recommended Posts

Hi All

I wounder if this can be looked at for me please ive tryed and tryed but still can figure out why is giving me and error when i post data back to my db

if you do want to look at it in action please goto [code]www.ezee-books.co.uk/members[/code]

login with admin then bust as password

then on the left click new item enter any details
then click add user

you will then see it says Username already in use but its NOT!!! .
ive been on this now for about 5 hours and cant see why i bet its somethig silly im missing.

ok the code beind the form is

[code]require_once('../members/common.php');
require_once('admin_header.php');
session_start();
create_header();
echo "<p> </p>";

$submit = $_REQUEST['submit'];

if(!isset($submit) && $submit != '')
{
    /* show the signup form */
    require("signup.txt");
}
else
{
    if(!is_valid_username())
    {
        err_message("Please fill in all the fields");
        require("signup.txt");                  
    }
    else if(!is_valid_addr())
    {
        err_message("the email address you entered is not valid or unacceptable.");
        require("signup.txt");                  
    }
    else
    {
        /*
        * check the referer otherwise this script can be used for mail spoofing.
        * todo: a more vigourous check.
        */
        if(is_valid_referer())
        {
            /*
            * everything has worked out let's create that account.
            */

            require    ("../inc/config.php");
            $username = sanitize_variable($_REQUEST['username']);    
            $password = sanitize_variable($_REQUEST['password']);    

            if($user_password_function == 1)
            {
                $query = "INSERT INTO USERS(userName,userPassword,userStatus)
                    values('$username',password('$password'),1)";
            }
            else
            {

                $query = "INSERT INTO USERS(userName,userPassword,userStatus)
                    values('$username',md5('$password'),1)";
            }

            db_query($query,$con);

        $err = db_error_log();
        if($err == '')    
        {    

                $userid = db_insert_id('users_userid_seq');
                $email = sanitize_variable($_REQUEST['email']);

                $query = "INSERT INTO userProfile(userEmail, userId)
                        VALUES('$email', $userid)";

                db_query($query);
                $err = db_error_log();

                if($err == '')    
                {
                    err_message('Account created.');
                    require("signup.txt");                  
                }                                
                else
                {    
                    echo mysql_error();
                    err_message('The username you chose is already in use');
                    require("signup.txt");                  
                }    
            }
            else
            {    
                err_message('The username you chose is already in use');
                require("signup.txt");                  
    }    
        }
        else    
        {    
        err_message('<font face="verdana" size="2">Username already in use</font>');
            require("signup.txt");                  
        }
    }
}

create_footer();
    
?>[/code]

The include text file is (signup.txt)

[code]<style type="text/css">
<!--
.mTable
{
    background-color: #ffffff;
    
}

.mTr
{
    background-color: #e5e5c6;
    border-color: #eeeeee;
    
}
-->
</style>
<form action="newuser.php" method="post">
<table align="center" width="450" >
  <tbody>
    <tr  class="mTr"><td colspan="3" align="center"><h4>Add new user</h4></td></tr>
    <tr class="mTr">
      <td wdith="200">User name</td>
      <td width="200" align="center"><input type="text" name="username"  value="<? echo $_REQUEST['username']; ?>" style="width: 150px"></td>
      <td>*</td>
    </tr>
    <tr class="mTr">
      <td>email</td>
      <td align="center"><input type="text" name="email"  value="<? echo $_REQUEST['email']; ?>" style="width: 150px"></td>
      <td>*</td>
    </tr>
    <tr class="mTr">
      <td>Password</td>
      <td align="center"><input type="password" name="password" style="width: 150px"></td>
      <td>*</td>
    </tr>
    <tr class="mTr">
      <td>Confirm Password</td>
      <td align="center"><input type="password" name="password1" style="width: 150px"></td>
      <td>*</td>
    </tr>
    <tr class="mTr"><Br><td colspan="3" align="center">
    <input type="submit" name="submit" value="Add user"></td></tr>
  </tbody>
</table>
</form>

<img src="../images/blank.gif" onLoad="refresh_left();">
[/code]

The header file is well just the header info and the common file is the db connection file

all help appriciated as always

Link to comment
Share on other sites

Hi

Thanks for your reply

db connection file is

[code]<?

/**
* set to the servername or IP address of your mysql server
*/
$db_server = "private";

/**
* postgres or mysql?
*/
$db_type = "mysql";

/**
* set to the mysql account name.
*/
$db_user = "private";

/**
* set the password for the mysql account given in $db_user
*/
$db_pass = "private";


/**
* If your database isn't called user_manager, change the line below.
*/

$db_name = "private";


/**
* When validate_email is set to one, users are sent an email with a
* special 'account validation link'. Their account get's activated
* only if they click on that link.
*
* This step helps to ensure that visitors do not enter fake data
* at sign up.
*/

$validate_email = 0;

/**
* Set to 1, if the system should send out a welcome email. If
* validate_email is set to 1, the system will send out an email
* asking the user to validate his account. In this case a separate
* welcome email will not be sent.
*
* In other words $welcome_email takes effect only when $validate_email
* is set to 0.
*/
$welcome_email = 1;


/**
* site_name should be set to the name of your website.
*/
$site_name = "TeamConsole";

/**
* the url to the home page of your website.
*/
$site_url  = "http://{$_SERVER['SERVER_NAME']}/";
error_log($site_url);

/**
* The following email address will be used in the from field for
* password reminder and user validation emails.
*/


/**
* don't change the next few lines
*/
if($db_type == "mysql")
{
    $con = mysql_connect($db_server, $db_user, $db_pass);
    mysql_select_db($db_name,$con);
}
else
{
    $pgString = "host=$db_server dbname=$db_name user=$db_user";
    if($db_pass != '')
    {
        $pgString .= " password=$db_pass";
    }
    $con = pg_connect($pgString);
    error_log('connecting to db with ' . $pgString);
    
}

$member_service_email = "admin@teamconsole.co.uk";

/**
* This is the default setting for the <title></title> tag of each
* page in the members area. Can be customized at page level too.
*/
$msg_title  = "Team Console Progress Checker";    


/**
* This is the prompt on the signup page.
*/
$msg_signup =    '<p>Please select a username for your account along with a password. Please also
    fill in your current email address.</p>';    

/**
* this is the prompt on the password reminder page.
*/    
$msg_password_reminder ='If you have forgotten your password please enter your username below.
            We will reset your password and email it to the address in our records. If you have forgotten your
            username as well, you will need to create a <a href="signup.php">new account</a>';
    
/**
* this message is displayed after the password is reset successfully.
*/                    
$msg_pass_changed="Your password has been reset and the new password has been emailed to the
                address in our records, please login with the new password and change it immidiately.";            

                
/**
* The message to be displayed when the user clicks on the account validation
* link. (which is sent via email, at signup time).
*/                
$msg_validated ='<p> </p>
                <table border="0" width="80%" align="center">
                 <tr><td><h3>Welcome to Rad Inks.</h3></td></tr>
                 <tr><td>Your account has been activated. You can now make full use of the
                 added benefits available to members of this website.
                 Please <a href="login.php">click here</a> to login for the first time.</td></tr>
                </table>';                                
                
//$session_save = 'db';

/**
* set this to 1, if you want to use the password() function to encrypt the
* user's passwords instead of the md5() function when using a mysql db.
*/
$user_password_function=0;    
?>
[/code]

Thanks in advance
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.