Jump to content

[SOLVED] Making form feild required before submitting it

Dada78

By Dada78
in PHP Coding Help

 Share

Recommended Posts

  • Replies 90
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Ken2k7 Member

Ken2k7

Posted
Posted

Be sure to take that extra ; out of Ken2k7's first query line as well.

Actually I'm not sure if that's an issue because I've stated it before and revraz said it's okay to have a semi-colon in the query. If that doesn't work, I can remove it later. :P

simcoweb Advanced Member

simcoweb

Posted
Posted

In my PHP editor it didn't produce an error but it still looks goofy :)

 

I'm thinking that the $num_rows isn't producing any value. Otherwise the code should work as it would either prove to be true/false and act accordingly. Try echoing the value of that variable to see if it carries anything.

Dada78 Member

Dada78

Posted
  • Author
Posted

Oh my effin god I can not believe it, after three weeks it is finally working, I think I am going to cry. Thank you guys so much.

 

If you would be so kind can you go test it out and see if you find and holes around the registration process. You should receive errors on empty fields not filled out, and duplicate emails already in use.

 

http://www.mesquitechristmas.com/local/register.php

 

After replacing my code, find:

Code:

 

$insert = mysql_query("INSERT INTO users VALUES  ('NULL', '".$_POST['email']."', '".$_POST['password']."')")

or die("Could not insert data because ".mysql_error());

 

 

See where it says "INSERT INTO user VALUES"? Well you need to add something there. You have to specify the columns of the table user like this: "INSERT INTO user (something, email, password) VALUES"... Of course I don't know your table column names so you have to edit in the correct ones.

 

Also can you tell me what you meant by this? Users is the table name and email and password are the two columns in the table.

 

 

-Thanks again

 

 

Ken2k7 Member

Ken2k7

Posted
Posted

You can't just say "INSERT INTO table_name VALUES ('$blah','$bleh','$something')"

 

You have to say:

"INSERT INTO table_name (column_name_1, column_name_2) VALUES ('$column_1_value', '$column_2_value')"

 

Of you still don't understand, then you need to just read up on it. It is not that hard to understand.

 

Dada78 Member

Dada78

Posted
  • Author
Posted

You can't just say "INSERT INTO table_name VALUES ('$blah','$bleh','$something')"

 

You have to say:

"INSERT INTO table_name (column_name_1, column_name_2) VALUES ('$column_1_value', '$column_2_value')"

 

Of you still don't understand, then you need to just read up on it. It is not that hard to understand.

 

 

So then it would need to look like this right?

 

$insert = mysql_query("INSERT INTO users (email, password)  VALUES  ('NULL', '".$_POST['email']."', '".$_POST['password']."')")
or die("Could not insert data because ".mysql_error());

 

 

If that is correct, then why was it working without that? I am not questioning you, just trying to learn the logic behind it.

 

 

Ken2k7 Member

Ken2k7

Posted
Posted

It's not so much that you HAVE to specify the unique columns. The reason for this is because I wanted to get a sense of what columns you have in your database.

 

If you only have 2 columns in the table users and they are just email and password, then you can't insert in 3 things in the value field. Get it?

 

So like if the user table has:

- email

- password

 

And you're adding in Null, $_POST['email'] and $_POST['password'], there aren't enough columns to spread out the data you give it.

 

Get it now? I'm thinking you have 3 columns at least right?

Dada78 Member

Dada78

Posted
  • Author
Posted

Yes that is correct, I have 3 columns ID, Email, and Password. The ID is auto-increment though so it doesn't need to be part of the insert.

 

After furthering testing of this that I don't remember if I caught this last night or not. If you register successfully it is suppose to forward you to user.php as shown in the code, but all it does it just refresh the page to a blank white page now since I moved the code. It use to forward you to the user.php page if you registered successfully.

Ken2k7 Member

Ken2k7

Posted
Posted

Then why put NULL?

 

$insert = mysql_query("INSERT INTO users (email, password)  VALUES  ('".$_POST['email']."', '".$_POST['password']."')")
or die("Could not insert data because ".mysql_error());

 

And what's your entire code now?

Dada78 Member

Dada78

Posted
  • Author
Posted

I didn't put the NULL in that is what someone suggested. That is what I was referring to earlier is I get some people telling me to do this and then another telling me that is not right which is how my code gets jacked up because I get like 10 different people help all with different ways. Not that I don't appreciate the help just that that is what is happening and why the code is everywhere.

 

Here is the entire file now. The only problem I am having is it is not redirecting to user.php after successful registration like it is suppose to. Instead it just redirects to a blank white page which you can test and see this from trying to register with the link below.

 

http://www.mesquitechristmas.com/local/register.php

 

Here is the code

 

<?php

// here, we check if the form has been submitted, because we need to handle
// redirection before we handle outputting the HTML stuff.
if (isset($_POST['submit']))
{
    if (empty($_POST['email']) || empty($_POST['password']))
    {
        $error = 'Please fill in all fields.';  // here, they have not filled in either the username OR the password.  Set an error.
    }
    else
    {
        // MAKE CONNECTION
        include ('db_connect.php');

        // connect to the mysql server
        $link = mysql_connect($host, $username, $password) or die ("Could not connect to mysql because ".mysql_error());

        // select the database
        mysql_select_db($database) or die ("Could not select database because ".mysql_error());

        // check if the email is taken (safe query):
        $query = sprintf("SELECT `email` FROM `users` WHERE `email` = '%s'",
                mysql_real_escape_string($_POST['email']));
        $qry = mysql_query($query) or die ("Could not match data because ".mysql_error());
        $num_rows = mysql_num_rows($qry) or die(mysql_error());
        if ($num_rows < 1)
        {
            // Reverse magic_quotes_gpc/magic_quotes_sybase effects on those vars if ON.
            if(get_magic_quotes_gpc())
            {
                $product_name        = stripslashes($_POST['email']);
                $product_description = stripslashes($_POST['password']);
            }
            else
            {
                $product_name        = $_POST['email'];
                $product_description = $_POST['password'];
            }

            // Make a safe query
            $query = sprintf("INSERT INTO users (`email`, `password`) VALUES ('%s', '%s')",
                    mysql_real_escape_string($email, $link),
                    mysql_real_escape_string($password, $link));
            $result = mysql_query($query, $link);

            // If there is no result, or there was not at least 1 row affected, die...
            if(!$result || mysql_affected_rows() < 1)
            {
                $error = 'Could not insert user because ' . mysql_error();
            }
            else
            {
                // redirect them to the user account page, because we successfully ran the SQL
                // notice how we haven't output ANYTHING to the browser yet- header() works
                header('Location: user.php');
                exit();
            }
        }
        else
        {
            $error = 'That email is already in use, please select a different one.';
        }

    }

}

// If they've posted but there was an error, kindly show their email address for them again.
if(isset($_POST['email']))
    $email = $_POST['email'];
else
    $email = '';

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta name="description" content="Mesquite Texas Country Christmas" />
<meta name="keywords" content="Mesquite, Texas, Country Christmas" />
<meta name="author" content="NA" />
<link rel="stylesheet" type="text/css" href="/stylesheet.css" media="screen" title="FBC" />
<script type="text/javascript" src="drop_down.js"></script>
<title>A Mesquite Country Christmas - Register for account</title>
</head>
<body>

<div id="wrap">

<a href="/index.html">
<img id="frontphoto" src="/images/header.png" width="760" height="237" alt="Mesquite Country Christmas" border="0"></a>

<div id="menu">

<h2 class="hide">Menu:</h2>

<ul id="avmenu">
<li><a href="index.html">Home</a></li>
<li><a href="christmasstory.html">The Christmas Story</a></li>
<li><a href="directions.html">Directions</a></li>
<li><a href="faq.html">FAQ</a></li>
<li><a href="#">Photos</a>
  <ul>
      <li><a href="2007photos.html">2007</a></li>
  </ul></li>
<li><a href="#">Videos</a>
  <ul>
      <li><a href="2007videos.html">2007</a></li>
  </ul></li>
<li><a href="guestbook.php">Guestbook</a></li>
<li><a href="webcam.html">Web Cam</a></li>
<li><a href="webradio.html">Internet Radio</a></li>
<li><a href="http://www.noradsanta.org/" TARGET="_blank">Track Santa</a></li>
<li><a href="projects.html">Projects & How Tos</a></li>
<li><a href="links.html">Links</a></li>
<li><a href="contact_us.html">Contact Us</a></li>
</ul>

<center><a href="http://www.toysfortots.org/" TARGET="_blank"><img src="/images/toys_for_tots.jpg" border="0" width="110" height="153" vspace="10"></a></center>

<center><a href="http://christmas.bronners.com/2007/house/534.html"><img src="http://christmas.bronners.com/voteforme/vote.jpg" border="0" width="110" height="153" alt="christmas decorations" vspace="10"></a></center>

</div>

<div id="content">


<div class="fadebox">

<h2>Register for a FREE Account</h2>

<hr />

<p> In order to submit your display on our website, we require that you register for a free account. This will enable you to make changes to your listings each year. If you already have an account then <a href="login.php"> Log In</a> now.</p>

<table width="28%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td>	

<table width="331" border="0" align="left" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="2"><strong>Registration - Please fill in all fields. </strong></td>
</tr>
<tr>
<td width="103">Email:</td>
<td width="180"><input type="text" name="email" value="<?php echo $email; ?>" size="30" maxlength="40" /></td>
</tr>
<tr>
<td>Desired Password:</td>
<td><input type="password" name="password" size="30" maxlength="20" /></td>
</tr>
<tr>
<td colspan="2" align="right" class="errorText">
<?PHP
// then we check for the error message
if (isset($error)) {
   echo $error . '<br />';
}
?> 
</td>
</tr>
<tr>
<td colspan="2" align="right"><input value="Register Now" name="submit" type="submit"></td>
</tr>
</table>
</td>
</form>
</tr>
</table></td>
</tr>
</table>


   </div>
</div>


<div id="footer">
© 2007 Mesquite Country Christmas
</div>

</div>
</body>
</html>

simcoweb Advanced Member

simcoweb

Posted
Posted

Take the 'or die...' off the end of this:

 

$num_rows = mysql_num_rows($qry) or die(mysql_error());

 

If it didn't die on the statement above then it's definitely not going to on this one. I just had this happen to me the other day on a similar situation where the page would just go blank. Took out that clause and worked like a charm.

Ken2k7 Member

Ken2k7

Posted
Posted 

            $query = sprintf("INSERT INTO users (`email`, `password`) VALUES ('%s', '%s')",
                    mysql_real_escape_string($email, $link),
                    mysql_real_escape_string($password, $link));
            $result = mysql_query($query, $link);

            // If there is no result, or there was not at least 1 row affected, die...
            if(!$result || mysql_affected_rows() < 1)
            {
                $error = 'Could not insert user because ' . mysql_error();
            }

First, replace:

$result = mysql_query($query, $link);

 

With:

$result = mysql_query($query, $link) or die(mysql_error());

 

Also I don't know too much about mysql_affected_rows(). But try editing $result and if it doesn't give an error, try using mysql_num_rows instead.

simcoweb Advanced Member

simcoweb

Posted
Posted

I just tried your form again. Produced this error:

 

Warning: Cannot modify header information - headers already sent by (output started at /home/mesquit1/public_html/local/register.php:7) in /home/mesquit1/public_html/local/register.php on line 64

Errors galore!! I should see some errors about headers already being sent just above this!!

 

 

Dada78 Member

Dada78

Posted
  • Author
Posted

Because I am echoing all the major steps to trying to figure out where the code is stopping here is the code I am using for that

 

<?php

// here, we check if the form has been submitted, because we need to handle
// redirection before we handle outputting the HTML stuff.
if (isset($_POST['submit']))
{
echo 'The form has been posted.  Processing ... <br />';
    if (empty($_POST['email']) || empty($_POST['password']))
    {
echo 'Empty form fields!! ... <br />';
        $error = 'Please fill in all fields.';  // here, they have not filled in either the username OR the password.  Set an error.
    }
    else
    {
echo 'Form fields okay, moving on ... <br />';
        // MAKE CONNECTION
        include ('db_connect.php');

        // connect to the mysql server
        $link = mysql_connect($host, $username, $password) or die ("Could not connect to mysql because ".mysql_error());

        // select the database
        mysql_select_db($database) or die ("Could not select database because ".mysql_error());

echo 'Database connected & selected .... querying ... <br />';

        // check if the email is taken (safe query):
        $query = sprintf("SELECT `email` FROM `users` WHERE `email` = '%s'",
                mysql_real_escape_string($_POST['email']));
        $qry = mysql_query($query) or die ("Could not match data because ".mysql_error());
        $num_rows = mysql_num_rows($qry);
        if ($num_rows < 1)
        {
echo 'No duplicate email found, cleaning & inserting ... <br />';
            // Reverse magic_quotes_gpc/magic_quotes_sybase effects on those vars if ON.
            if(get_magic_quotes_gpc())
            {
                $product_name        = stripslashes($_POST['email']);
                $product_description = stripslashes($_POST['password']);
            }
            else
            {
                $product_name        = $_POST['email'];
                $product_description = $_POST['password'];
            }

            // Make a safe query
            $query = sprintf("INSERT INTO users (`email`, `password`) VALUES ('%s', '%s')",
                    mysql_real_escape_string($email, $link),
                    mysql_real_escape_string($password, $link));
            $result = mysql_query($query, $link);

            // If there is no result, or there was not at least 1 row affected, die...
            if(!$result || mysql_affected_rows() < 1)
            {
echo 'Error inserting user into database!!<br />';
                $error = 'Could not insert user because ' . mysql_error();
            }
            else
            {
echo 'User successfully inserted ... Now I would redirect ... <br />';
                // redirect them to the user account page, because we successfully ran the SQL
                // notice how we haven't output ANYTHING to the browser yet- header() works
                header('Location: user.php');
echo 'Errors galore!! I should see some errors about headers already being sent just above this!!';
                exit();
            }
        }
        else
        {
echo 'Email address is a duplicate ... <br />';
            $error = 'That email is already in use, please select a different one.';
        }

    }

}

echo 'Outside the form posting if() statement ... displaying the form ... <br />';
// If they've posted but there was an error, kindly show their email address for them again.
if(isset($_POST['email']))
    $email = $_POST['email'];
else
    $email = '';

?>

Dada78 Member

Dada78

Posted
  • Author
Posted

Okay, well did they all echo out?

 

Read my previous post and try that.

 

I did try your previous post and no change.

 

You can visit http://www.mesquitechristmas.com/local/register.php and try to register and see for yourself...

Dada78 Member

Dada78

Posted
  • Author
Posted

I get an error:

 

Parse error: syntax error, unexpected T_IF in /home/mesquit1/public_html/local/register.php on line 54

 

What's your code currently?

 

Yea cause I am working on this and making some changes this is my current situation.

 

I removed all the echo statements and this is what it shows when you try to register.

 

Notice: Undefined variable: email in /home/mesquit1/public_html/local/register.php on line 46

 

Warning: Cannot modify header information - headers already sent by (output started at /home/mesquit1/public_html/local/register.php:46) in /home/mesquit1/public_html/local/register.php on line 59

 

BUT...

 

When I add the die statement back to this line....

 

$num_rows = mysql_num_rows($qry) or die(mysql_error());

 

and hit register I get redirect to a blank white page again.

 

 

Here is the current code with the changes I made.

 

<?php

ini_set('display_errors', 1);
ini_set('error_reporting', E_ALL | E_STRICT);

// here, we check if the form has been submitted, because we need to handle
// redirection before we handle outputting the HTML stuff.
if (isset($_POST['submit']))
{
    if (empty($_POST['email']) || empty($_POST['password']))
    {
        $error = 'Please fill in all fields.';  // here, they have not filled in either the username OR the password.  Set an error.
    }
    else
    {
        // MAKE CONNECTION
        include ('db_connect.php');

        // connect to the mysql server
        $link = mysql_connect($host, $username, $password) or die ("Could not connect to mysql because ".mysql_error());

        // select the database
        mysql_select_db($database) or die ("Could not select database because ".mysql_error());

        // check if the email is taken (safe query):
        $query = sprintf("SELECT `email` FROM `users` WHERE `email` = '%s'",
                mysql_real_escape_string($_POST['email']));
        $qry = mysql_query($query) or die ("Could not match data because ".mysql_error());
        $num_rows = mysql_num_rows($qry) or die(mysql_error());
        if ($num_rows < 1)
        {
            // Reverse magic_quotes_gpc/magic_quotes_sybase effects on those vars if ON.
            if(get_magic_quotes_gpc())
            {
                $product_name        = stripslashes($_POST['email']);
                $product_description = stripslashes($_POST['password']);
            }
            else
            {
                $product_name        = $_POST['email'];
                $product_description = $_POST['password'];
            }

            // Make a safe query
            $query = sprintf("INSERT INTO users (`email`, `password`) VALUES ('%s', '%s')",
                    mysql_real_escape_string($email, $link),
                    mysql_real_escape_string($password, $link));
            $result = mysql_query($query, $link);

            // If there is no result, or there was not at least 1 row affected, die...
            if(!$result || mysql_affected_rows() < 1)
            {
                $error = 'Could not insert user because ' . mysql_error();
            }
            else
            {
                // redirect them to the user account page, because we successfully ran the SQL
                // notice how we haven't output ANYTHING to the browser yet- header() works
                header('Location: /user.php');
                exit();
            }
        }
        else
        {
            $error = 'That email is already in use, please select a different one.';
        }

    }

}

// If they've posted but there was an error, kindly show their email address for them again.
if(isset($_POST['email']))
    $email = $_POST['email'];
else
    $email = '';

?>

Dada78 Member

Dada78

Posted
  • Author
Posted

One more time, I take this line

 

$num_rows = mysql_num_rows($qry) or die(mysql_error());

 

change it to this removing the or die statement like this

 

$num_rows = mysql_num_rows($qry);

 

And I get this error....

 

Notice: Undefined variable: email in /home/mesquit1/public_html/local/register.php on line 46

 

Warning: Cannot modify header information - headers already sent by (output started at /home/mesquit1/public_html/local/register.php:46) in /home/mesquit1/public_html/local/register.php on line 59

 

I then add the or die statement to this line as suggest while the one above is still removed.

 

$result = mysql_query($query, $link) or die(mysql_error());

 

I get the same error as listed above.

 

Now when I echo all the lines or steps in the code while the or die statement is removed from that first code I get all the echos sent which tells me the script is going through. But as soon as I remove the echos I get the list error above.

 

I am out of ideas.

 

 

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.