Jump to content

Huh?

ohdang888

By ohdang888
in PHP Coding Help

 Share

Recommended Posts

ohdang888 Advanced Member

ohdang888

Posted
Posted

so this code is supposed to stop it from inserting the info if the uesrnames and such already exist, but when you click submit, it will say USERNAME ALREADY EXISTS, but.....it will still insert the info.....

 

this is the part of the code that i think would say "STOP IF FALSE", how do i do that? , and where exactly would it go?

$aError     = array();
function basic_xss_clean($s)
{
    $s = trim(strip_tags(mysql_real_escape_string($s)));
    return $s;
}
if (isset($_POST['submit'])) {
	$bHasErrors = false;
                
	$_POST['username'] = trim($_POST['username']);

                if ($_POST['username'] && strlen($_POST['username']) >= 3) {
		$query = mysql_query("SELECT id FROM user WHERE username='".$_POST['username']."' LIMIT 1");
		if(mysql_num_rows($query)){
			$aError['userexists'] = 'Username exists';
		}
	} else {
		$aError['usernameinput'] = 'Please enter a username';
                        $bHasErrors = true;
	}

this is the whole code.... below...

$aError     = array();
function basic_xss_clean($s)
{
    $s = trim(strip_tags(mysql_real_escape_string($s)));
    return $s;
}
if (isset($_POST['submit'])) {
	$bHasErrors = false;
                
	$_POST['username'] = trim($_POST['username']);

                if ($_POST['username'] && strlen($_POST['username']) >= 3) {
		$query = mysql_query("SELECT id FROM user WHERE username='".$_POST['username']."' LIMIT 1");
		if(mysql_num_rows($query)){
			$aError['userexists'] = 'Username exists';
		}
	} else {
		$aError['usernameinput'] = 'Please enter a username';
                        $bHasErrors = true;
	}

	$_POST['username'] = trim($_POST['username']);

                if ($_POST['email'] && strlen($_POST['email']) >= 5) {
		$query = mysql_query("SELECT id FROM user WHERE email='".$_POST['email']."' LIMIT 1");//////////////[b]LINE 19[/b]
		if (mysql_num_rows($query)){
			$aError['emailexists'] = 'Email is already signed up!';
		}
	} else {
		$aError['emailinput'] = 'Please enter a valid e-mail';
                        $bHasErrors = true;
	}


	$_POST['email'] = trim($_POST['email']);
	if ($_POST['email']) {
		 if(!eregi("^[a-zA-Z0-9]+[a-zA-Z0-9_.-]*@[a-zA-Z0-9]+[a-zA-Z0-9_.-])*\.[a-z]{2,4}$", $_POST['email'])){
		  $aError['emailerror'] = 'Email Incorrect';
	  }
	} else {
		$aError['emailinput'] = 'Please supply an email address';
                        $bHasErrors = true;
	}

	if ($_POST['password1'] && $_POST['password2']) {
		if ($_POST['password1'] != $_POST['password2']) {
		    $aError['passmismatch'] = "Passwords don't match";
		}
	} else {
	    $aError['passwordinput'] = 'Please enter your password in both fields';
                    $bHasErrors = true;
	}


if ($bHasErrors == true) {
            //dump errors on screen in untidy fashion
            print_r($aError);
            
}
        else {
            //consider moving these variable assignments along with some trim()'ing and strip_tags()'ing to the top and testing
            //those variables, it'll make things easier to work with
            $username = basic_xss_clean($_POST["username"]);
            $email    = basic_xss_clean($_POST["email"]);
            $password = basic_xss_clean($_POST["password1"]); 
  
            $sql="INSERT INTO user (username, password, email) VALUES ( '$username', '$password', '$email')";
            //echo $sql;
            mysql_query($sql) or die ( mysql_error());
        }
    }
?>

<html>
<form name="reg" method="post" >
username: <input type="text" name="username" /><span><?php if (isset($aError['userexists'])) echo $aError['userexists']; if (isset($aError['usernameinput'])) echo $aError['usernameinput']; ?></span><br />
email: <input type="text" name="email" /><br />
password1: <input type="password" name="password1" /><br/>
password2: <input type="password" name="password2" /><br/>
<input type=submit name="submit" value="submit" /><br> 
</form>

Link to comment
Share on other sites
KrisNz Newbie

KrisNz

Posted
Posted

Notice how the insert code is only run if bHasErrors is false.  you can either set $bHasErrors to true after this line 

$aError['userexists'] = 'Username exists';

 

or change

 

//this
if ($bHasErrors == true) {
//to
if (!empty($aError)) { //the error array has something in it

and then remove all references to bHasErrors.

 

 

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.