yobo Posted December 7, 2007 Share Posted December 7, 2007 hey all i am having problems with my login script and the pacge that i am having problems with is signup.php these are the problems 1) it checks to see if a user already exsists if it does it still adds the data to the database but i don't want it to do this if a user exsist it should not add the data to the database. 2) if there is no data in the form fileds and a user hits the refrsh button data does not get added which is good, however if there is data in the form filed and the user keeps hitting refresh the same duplicate data is being added all the time 3) also i think my email validation is not working correctly and i am a php newbie when it comes to php <head> <link rel="stylesheet" type="text/css" href="css/formcss21.css" </head> </body> <div id="container"> <?php //include 'include/config.php'; $dbcon = @mysql_connect('localhost', 'root'); if (!$dbcon) { exit('<p> unable to connect to the database server at this time </p>'); } if (!@mysql_select_db('website')) { exit('<p>unable to locate the joke database</p>'); } if($_SERVER['REQUEST_METHOD'] == "POST"){ //if the form was posted then only do something.... $firstname = mysql_real_escape_string($_POST['firstname']); $lastname = mysql_real_escape_string($_POST['lastname']); $email = mysql_real_escape_string($_POST['email']); $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string(md5($_POST ['password'])); // Validation Routine if ($_POST){ // This regex from http://www.smartwebby.com/PHP/emailvalidation.asp if (ereg("^[^@ ]+@[^@ ]+\.[^@ ]+$",$email)) {;} else {echo "<P class=\"$error_mes\"></P>";} } $error = 0; $error_mes = ''; if (strlen($_POST['firstname']) < 1) {$error = $error + 1; $error_mes .= "Sorry, no name entered\n";} if (strlen($_POST['lastname']) < 1) {$error = $error + 1; $error_mes .= "Sorry, no last name entered\n";} if (strlen($_POST['email']) < 1) {$error = $error + 1; $error_mes .= "Sorry, no email entered / Invalid Email\n";} if (strlen($_POST['username']) < 1) {$error = $error + 1; $error_mes .= "Sorry, no username entered\n";} if (strlen($_POST['password']) < 1) {$error = $error + 1; $error_mes .= "Sorry, no password entered\n";} if($error >= 1) {echo "<PRE>"; echo "<span style=\"color: red;\">Errors!!!\n\n"; echo $error_mes; echo "</span>"; echo "</PRE>"; }else{ // If no errors, enter data into database $sql = "INSERT INTO members SET firstname='$firstname', lastname='$lastname', username='$username', password='$password', email='$email'"; $sql2 = "INSERT INTO profile SET username='$username'"; if (@mysql_query($sql)) { echo '<p>User Created! Thank you.</p>'; } else { echo '<p>Database Error - Unable to create user</p>'; } }} //execute second query $sql2 = "INSERT INTO profile SET username='$username'"; if (@mysql_query($sql2)) { echo '<p>User profile updated!</p>'; } else { echo '<p>Database Error - Unable to create user profile.</p>'; } if ($_POST){ if ($error >= 1) { // Prints any errors at the beginning of the page // echo "<PRE>"; // echo "<span style=\"color: red;\">Errors!!!\n\n"; // echo $error_mes; // echo "</span>"; // echo "</PRE>"; } } ?> <div id="form"> <table width="400" border="0" align="center" cellpadding="0" cellspacing"1" bgcolor="#CCCC0C"> <tr> <form action="<?php echo $_SERVER['PHP_SELF']; ?> " method="post"> <td> <table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> <tr> <td colspan="3"><strong>Member Login </strong></td> </tr> <tr> <td width="200"><label for="firstname">Enter your Firstname</td> <td width="6">:</td> <div class="div_texbox"> <td width="200"><input type="text" name="firstname" id="firstname" value="<?php if (strlen($firstname) > 0 ) {echo $firstname;} ?>" /> </label></td> </div> </tr> <tr> <td><label for="lastname">Enter your Lastname </td> <td>:</td> <div class="div_texbox"> <td><input type="text" name="lastname" id="lastname" value="<?php if (strlen($lastname) > 0 ) {echo $lastname;} ?>" /> </label></td> </div> </tr> <tr> <td><label for="username">Enter your Username</td> <td>:</td> <div class="div_texbox"> <td><input type="text" name="username" id="username" value="<?php if (strlen($username) > 0 ) {echo $username;} ?>" /> </label></td> </div> </tr> <tr> <td><label for="password">Enter your password</td> <td>:</td> <div class="div_texbox"> <td><input type="password" name="password" id="password" value="" /> </label></td> </div> </tr> <tr> <td><label for="email">Enter E-Mail</td> <td>:</td> <div class="div_texbox"> <td><input type="text" name="email" id="email" value="<?php if (strlen($email) > 0) {echo $email;} ?>" /></label></td> </div> </tr> <tr> <td><input type="submit" name="add_user" value="Register" id="adduser" /></td> </tr> </table> </td> </form> </tr> </table> <table width="400" border="0" align="center" cellpadding="0" cellspacing"1" bgcolor="#CCCC0C"> </table> </div> </div> </body> </html> Quote Link to comment Share on other sites More sharing options...
phpknight Posted December 7, 2007 Share Posted December 7, 2007 For #1, you should just make that the key. For #2, you need a key again. It enforces unique values. For #3, try this one. It might not be perfect, but it should do the job. if (!eregi ("^[[:alnum:]][a-z0-9_.-]*@[a-z0-9.-]+\.[a-z]{2,4}$", stripslashes($email))) { return false; } Quote Link to comment Share on other sites More sharing options...
yobo Posted December 7, 2007 Author Share Posted December 7, 2007 what do you mean by key, i forgot to mention that i am a newbie when it comes to php Quote Link to comment Share on other sites More sharing options...
adam291086 Posted December 7, 2007 Share Posted December 7, 2007 1) You will need to do a mysql search for the username and password. If the result you get back from the query == 1 then they are already a member and therefore change the header location. If the result ==0 then carry out the insert. Google mysql select. Get this working first, then we can move onto 2) Quote Link to comment Share on other sites More sharing options...
phpknight Posted December 7, 2007 Share Posted December 7, 2007 A key is a field (or column) that is unique and therefore cannot be used twice. This might be something like user_ID or username. The database will not let you put two of the same in there. It will give you an error. It is always good to do your own checks and code, but if you do not have a key in the table, you are just asking for trouble. Do you have phpMyAdmin for your site? Quote Link to comment Share on other sites More sharing options...
revraz Posted December 7, 2007 Share Posted December 7, 2007 Use a checkunique function to make sure the data isnt taken first. You can use this to check the Email, Username or whatever you want to compare it to function checkUnique($table, $field, $compared){ if (get_magic_quotes_gpc()) { $table = stripslashes($table); $field = stripslashes($field); $compared = stripslashes($compared); } $table = mysql_real_escape_string($table); $field = mysql_real_escape_string($field); $compared = mysql_real_escape_string($compared); $result = mysql_query("SELECT $field FROM $table WHERE $field = '$compared'"); if(mysql_num_rows($result)==0) { return TRUE; } else { return FALSE; } } Quote Link to comment Share on other sites More sharing options...
phpknight Posted December 7, 2007 Share Posted December 7, 2007 If you do something like that without having a key or unique mark, too, then you are just asking for problems. Quote Link to comment Share on other sites More sharing options...
revraz Posted December 7, 2007 Share Posted December 7, 2007 There was no mention about not having a primary key anywhere in his post. He stated he didn't want the user to be added if they already existed. You have to check that first, regardless if you have a primary key or not. Normally a primary key is a id #, not a name. Quote Link to comment Share on other sites More sharing options...
revraz Posted December 7, 2007 Share Posted December 7, 2007 Here is an example of how to use the checkunique function //validate input if (trim (strlen($uname)) >= 6) { if (checkUnique ("users", "uname", $uname) == FALSE) { $errorList[] = 'Username Taken, please try another Username'; } } else { $errorList[] = 'Invalid entry: User Name'; } if (trim (strlen($pw)) <= 5) { $errorList[] = 'Invalid entry: Password'; } if (trim ($email) != "") { if (checkUnique ("users", "uemail", $email) == FALSE) { $errorList[] = 'Email Taken, did you forget your PW?'; } } else { $errorList[] = 'Invalid entry: Email'; } Quote Link to comment Share on other sites More sharing options...
yobo Posted December 7, 2007 Author Share Posted December 7, 2007 ok how would i intergrate that into my script as said before i am a newbie i would be greatfull if you could show me please guys/gals many thanks joe Quote Link to comment Share on other sites More sharing options...
yobo Posted December 7, 2007 Author Share Posted December 7, 2007 anyone please Quote Link to comment Share on other sites More sharing options...
yobo Posted December 10, 2007 Author Share Posted December 10, 2007 anyone please? as i need help asap Quote Link to comment Share on other sites More sharing options...
nafetski Posted December 10, 2007 Share Posted December 10, 2007 There is a fine line between asking for help/advice, and asking people to work for you =P Most of your questions have been so basic that a google search and 30 minutes of reading would of 1) Solved your problem 2) Enlightened you Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.