Jump to content

[SOLVED] User and Email check

dare87

By dare87
in PHP Coding Help

 Share

Recommended Posts

dare87 Regular Member

dare87

Posted
Posted

I have a register form that I have made that will allow the user to register with

first name, last name, user name, email, address, city, state, zip, and phone

It will then send an e-mail to them that will make them activate there account.

 

I have everything working.. but i want it to check the data base to see if the username has been taken.

right now it checks the email to see if it is taken.. but i would like it to check both email and username.

 

Here is the code.

 

<?php
// Include the PHP script that contains the session information.
include('../includes/session.php');

// Start output buffering. This will allow me to set my headers at a later point in the script.
ob_start();
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>The Date Tiki - Your Dating Resource</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="stylesheet" type="text/css" href="includes/base.css" title="Default" media="screen" />
<script type="text/javascript" src="includes/include.js"></script>
<script type="text/javascript">
   window.onload = formFocus;
</script>
</head>

<body>

<?php include('includes/top.php'); ?>
<div id="main">

	<div id="sideBarLeft"><?php include('includes/left.php'); ?></div>

	<div id="content">
		<div class="innerContent">
			<div class="title">User Registration</div>


<?php

if (isset($_POST['submitted'])) { // Handle the form.

require_once ('../../datemysql_connect.php'); // Connect to the database.

// Check for a first name.
if (eregi ('^[[:alpha:]\.\' \-]{2,15}$', stripslashes(trim($_POST['first_name'])))) {
	$fn = escape_data($_POST['first_name']);
} else {
	$fn = FALSE;
	echo 'Please enter your first name!';
}

// Check for a last name.
if (eregi ('^[[:alpha:]\.\' \-]{2,30}$', stripslashes(trim($_POST['last_name'])))) {
	$ln = escape_data($_POST['last_name']);
} else {
	$ln = FALSE;
	echo 'Please enter your last name!';
}

// Check for a user name.
if (eregi ('^[[:alnum:]\.\' \-]{2,15}$', stripslashes(trim($_POST['user_name'])))) {
	$usn = escape_data($_POST['user_name']);
} else {
	$usn = FALSE;
	echo 'Please enter your user name!';
}

// Check for address.
if (eregi ('^[[:alnum:]\.\' \-]{2,50}$', stripslashes(trim($_POST['address'])))) {
	$address = escape_data($_POST['address']);
}

// Check for city.
if (eregi ('^[[:alpha:]\.\' \-]{2,50}$', stripslashes(trim($_POST['city'])))) {
	$c = escape_data($_POST['city']);
}

// Check for state.
if (eregi ('^[[:alpha:]\.\' \-]{2,2}$', stripslashes(trim($_POST['state'])))) {
	$s = escape_data($_POST['state']);
}

// Check for zip.
if (eregi ('^[[:alnum:]\.\' \-]{2,5}$', stripslashes(trim($_POST['zip'])))) {
	$z = escape_data($_POST['zip']);
}

// Check for phone.
if (eregi ('^[[:alnum:]\.\' \-]{2,17}$', stripslashes(trim($_POST['phone'])))) {
	$ph = escape_data($_POST['phone']);
}

// Check for an email address.
if (eregi ('^[[:alnum:]][a-z0-9_\.\-]*@[a-z0-9\.\-]+\.[a-z]{2,40}$', stripslashes(trim($_POST['email'])))) {
	$e = escape_data($_POST['email']);
} else {
	$e = FALSE;
	echo 'Please enter a valid email address!';
}

// Check for a password and match against the confirmed password.
if (eregi ('^[[:alnum:]]{4,20}$', stripslashes(trim($_POST['password1'])))) {
	if ($_POST['password1'] == $_POST['password2']) {
		$p = escape_data($_POST['password1']);
	} else {
		$p = FALSE;
		echo 'Your password did not match the confirmed password!';
	}
} else {
	$p = FALSE;
	echo 'Please enter a valid password!';
}

if ($fn && $ln && $e && $p && $usn && address && c && s && z &&ph) { // If everything's OK.

	// Make sure the email address is available.
	$query = "SELECT user_id FROM users WHERE email='$e'";		
	$result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error());

	if (mysql_num_rows($result) == 0) { // Available.

		// Create the activation code.
		$a = md5(uniqid(rand(), true));

		// Add the user.
		$query = "INSERT INTO users SET email='$e', password=SHA('$p'), first_name='$fn', last_name='$ln', user_name='$usn', address='$address', city='$c', state='$s', zip='$z', phone='$ph', active='$a', date_registered=NOW()";		
		$result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error());

		if (mysql_affected_rows() == 1) { // If it ran OK.

			// Send the email.
			$body = "Thank you for registering at TheDateTiki.com. To activate your account, please click on this link:\n\n";
			$body .= "http://www.thedatetiki.com/activate.php?x=" . mysql_insert_id() . "&y=$a\n\n";
			$body .= "TheDateTiki Management";
			mail($_POST['email'], 'Registration Confirmation', $body, 'From: admin@thedatetiki.com');

			// Finish the page.
			echo ' Thank you for registering! A confirmation email has been sent to your address. Please click on the link in that email in order to activate your account.';

			exit();				

		} else { // If it did not run OK.
			echo '  You could not be registered due to a system error. We apologize for any inconvenience.'; 
		}		

	} else { // The email address is not available.
		echo '  That email address has already been registered. If you have forgotten your password, use the link to have your password sent to you.'; 
	}

} else { // If one of the data tests failed.
	echo '  Please try again.';		
}

mysql_close(); // Close the database connection.

} // End of the main Submit conditional.
?>

<form action="register.php" method="post">
<div style="padding-left:5px; padding-top:5px;"><b>Why Register?</b><br>
      By registering you can take advantage of everything.  You will have access special news blog, you will be able to submit date ideas, have access to giveaways, and many other great things.</div>
  <table border="0" cellpadding="0" cellspacing="5">
    <tr>
      <td>First Name:</td>
      <td><input type="text" class="required" id="focus" value="<?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>" name="first_name" size="40" maxlength="15"></td>
    </tr>
    <tr>
      <td>Last Name:</td>
      <td><input type="text" class="required" value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>" name="last_name" size="40" maxlength="30"></td>
    </tr>
    <tr>
      <td>User Name:</td>
      <td><input type="text" class="required" value="<?php if (isset($_POST['user_name'])) echo $_POST['user_name']; ?>" name="user_name" size="40" maxlength="15"></td>
    </tr>
    <tr>
      <td>Email:</td>
      <td><input type="text" class="required" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" name="email" size="40" maxlength="30"></td>
    </tr>
    <tr>
      <td>Password:</td>
      <td><input type="password" class="required" id="focus" value="" name="password1" size="40" maxlength="30"></td>
    </tr>
    <tr>
      <td> </td>
      <td class="smallText">Use only letters and numbers.<br>
        Must be between 4 and 20 characters long.</td>
    </tr>
    <tr>
      <td>Confirm Password:</td>
      <td><input type="password" class="required" id="focus" value="" name="password2" size="40" maxlength="30"></td>
    </tr>
    <tr>
      <td>Address:</td>
      <td><input type="text" value="<?php if (isset($_POST['address'])) echo $_POST['address']; ?>" name="address" size="40" maxlength="50"></td>
    </tr>
    <tr>
      <td>City:</td>
      <td><input type="text" value="<?php if (isset($_POST['city'])) echo $_POST['city']; ?>" name="city" size="40" maxlength="50"></td>
    </tr>
    <tr>
      <td>State:</td>
      <td><input type="text" value="<?php if (isset($_POST['state'])) echo $_POST['state']; ?>" name="state" size="2" maxlength="2">
        Zip Code:
        <input type="text" value="<?php if (isset($_POST['zip'])) echo $_POST['zip']; ?>" name="zip" size="7" maxlength="5"></td>
    </tr>
    <tr>
      <td>Phone:</td>
      <td><input type="text" value="<?php if (isset($_POST['phone'])) echo $_POST['phone']; ?>" name="phone" size="17" maxlength="17"></td>
    </tr>
    <tr>
      <td><input type="hidden" value="4" name="access_level">
      </tr>
    <tr>
      <td><input type="submit" class="button" name="submit" value="Register" />
          <input type="hidden" name="submitted" value="TRUE" /></td>
    </tr>
  </table>
</form>

</div><div id="footer"><?php include('includes/bottom.php'); ?></div>
	</div>



</div>

</body>
</html>

 

Thanks for all the help!

Link to comment
Share on other sites
Psycho Prolific Member

Psycho

Posted
Posted

Ok, I spoke too soon. After looking at your code further I see that will give you an incorrect error message (e.g. "That email is already in use") when you attempt a duplicate username. You will probably want to run individual queries.

 

This should work

// Check if email address is available.
$query = "SELECT user_id FROM users WHERE email='$e'";		
$result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error());
$emailAvail = (mysql_num_rows($result) == 0);

// Check if usrname is available.
$query = "SELECT user_id FROM users WHERE user_name='$usn'";		
$result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error());
$unameAvail = (mysql_num_rows($result) == 0);

if (!$emailAvail) { // The email address is not available.

echo '  That email address has already been registered. If you have forgotten your password, use the link to have your password sent to you.';

} else if (!$unameAvail) { // The email address is not available.

echo '  That username has already been registered. If you have forgotten your password, use the link to have your password sent to you.';

} else { //username and email are available

// Create the activation code.
$a = md5(uniqid(rand(), true));

// Add the user.
$query = "INSERT INTO users SET email='$e', password=SHA('$p'), first_name='$fn', last_name='$ln', user_name='$usn', address='$address', city='$c', state='$s', zip='$z', phone='$ph', active='$a', date_registered=NOW()";		
$result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error());

if (mysql_affected_rows() == 1) { // If it ran OK.

	// Send the email.
	$body = "Thank you for registering at TheDateTiki.com. To activate your account, please click on this link:\n\n";
	$body .= "http://www.thedatetiki.com/activate.php?x=" . mysql_insert_id() . "&y=$a\n\n";
	$body .= "TheDateTiki Management";
	mail($_POST['email'], 'Registration Confirmation', $body, 'From: admin@thedatetiki.com');

	// Finish the page.
	echo ' Thank you for registering! A confirmation email has been sent to your address. Please click on the link in that email in order to activate your account.';

	exit();				

} else { // If it did not run OK.
	echo '  You could not be registered due to a system error. We apologize for any inconvenience.'; 
}		
}

Link to comment
Share on other sites
Psycho Prolific Member

Psycho

Posted
Posted

Well i add the "OR" into the sql statment and tried the registration form and it worked... should it have not?

 

Well, it will work in that it will not allow the user to add a new account with a duplicate username, but the user will be presented with an error message that is not correct. It would state "That email address has already been registered. If you have forgotten your password, use the link to have your password sent to you."

 

The revised code I posted would present the user with a different error message based upon wehter they had entered a duplicate email or a duplicate username.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.