Dada78 Posted January 22, 2008 Share Posted January 22, 2008 Hello again, I am trying to clean up some code and in the process I am having a small problem. This is a registration form which inserts fine. The problem I am having is if a field is left unfilled it is suppose to show an error and required the field to be filled out. It doesn't do that and you can register without feeling out both fields and you can register without it being a email. Can someone please tell me what I did wrong Here is the the url to the form http://www.mesquitechristmas.com/local/register.php Here is the code <?php // here, we check if the form has been submitted, because we need to handle // redirection before we handle outputting the HTML stuff. if (isset($_POST['submit'])) { $errors = array(); // Check if user registered an email address if (!empty($_REQUEST['email'])) $email = $_REQUEST['email']; else $errors[] = 'Please enter a email.'; // Check if user entered a password if (!empty($_REQUEST['password'])) $password = $_REQUEST['password']; else $errors[] = 'Please enter a desired password.'; } else { // If the user entered an e-mail address check the syntax. if (eregi ('^([_a-z0-9-]+)(\.[_a-z0-9-]+)*@([a-z0-9-]+)(\.[a-z0-9-]+)*(\.[a-z]{2,4})$', $_POST['email'])) { $email = $_REQUEST['email']; } else { $errors[] = 'Please enter a valid e-mail address.'; } } // MAKE CONNECTION include ('db_connect.php'); // connect to the mysql server $link = mysql_connect($host, $username, $password) or die ("Could not connect to mysql because ".mysql_error()); // select the database mysql_select_db($database) or die ("Could not select database because ".mysql_error()); $error = ""; $email = $_POST['email']; $pwd = $_POST['password']; // check if the email is taken (safe query): $query = sprintf("SELECT `email` FROM `users` WHERE `email` = '%s'", mysql_real_escape_string($_POST['email'])); $qry = mysql_query($query) or die ("Could not match data because ".mysql_error()); $num_rows = mysql_num_rows($qry); if ($num_rows < 1) { // Reverse magic_quotes_gpc/magic_quotes_sybase effects on those vars if ON. if(get_magic_quotes_gpc()) { $product_name = stripslashes($_POST['email']); $product_description = stripslashes($_POST['password']); } else { $product_name = $_POST['email']; $product_description = $_POST['password']; } // Make a safe query $query = sprintf("INSERT INTO users (`email`, `password`) VALUES ('%s', '%s')", mysql_real_escape_string($email, $link), md5(mysql_real_escape_string($password, $link))); $result = mysql_query($query, $link); // If there is no result, or there was not at least 1 row affected, die... if(!$result || mysql_affected_rows() < 1) { $error = 'Could not insert user because ' . mysql_error(); } else { // redirect them to the user account page, because we successfully ran the SQL // notice how we haven't output ANYTHING to the browser yet- header() works header('Location: user.php'); exit(); } } else { $error = 'That email is already in use, please select a different one.'; } // If they've posted but there was an error, kindly show their email address for them again. if(isset($_POST['email'])) $email = $_POST['email']; else $email = ''; ?> -Thanks Quote Link to comment Share on other sites More sharing options...
mmarif4u Posted January 22, 2008 Share Posted January 22, 2008 I am not sure about your code here and maybe below also: if (!empty($_REQUEST['email'])) $email = $_REQUEST['email']; else $errors[] = 'Please enter a email.'; // Check if user entered a password if (!empty($_REQUEST['password'])) $password = $_REQUEST['password']; else $errors[] = 'Please enter a desired password.'; } else { If statment followed like: if($_POST['email'] != '' ){ $email=$_POST['email']; }else{ $errors[] = 'Please enter a email.'; } And echo your error. Quote Link to comment Share on other sites More sharing options...
Dada78 Posted January 22, 2008 Author Share Posted January 22, 2008 Ok? I am not sure I followed you? Quote Link to comment Share on other sites More sharing options...
mmarif4u Posted January 22, 2008 Share Posted January 22, 2008 If statement would be like this: if (somthing) { do somthing } else { do nothing } Quote Link to comment Share on other sites More sharing options...
Dada78 Posted January 22, 2008 Author Share Posted January 22, 2008 You are missing the code above that if (isset($_POST['submit'])) { $errors = array(); It checks if submit button has been pressed and if the field has been filled out IF not then show error. If that is not right then what is? Quote Link to comment Share on other sites More sharing options...
mmarif4u Posted January 22, 2008 Share Posted January 22, 2008 The best scenario would be like this for code: if (isset($_POST['submit'])){ //start of main if if($_POST['email'] != '' ){ $email=$_POST['email']; }else{ $errors[] = 'Please enter a email.'; } //Do for all inputs Then run your queries here... }//close of main if Quote Link to comment Share on other sites More sharing options...
Dada78 Posted January 22, 2008 Author Share Posted January 22, 2008 That doesn't work ether. I have this code I was using and it works but I would like to display an error for each field instead of just one error so the user knows exactly what they didn't feel out. <?php ini_set('display_errors', 1); ini_set('error_reporting', E_ALL | E_STRICT); // here, we check if the form has been submitted, because we need to handle // redirection before we handle outputting the HTML stuff. if (isset($_POST['submit'])) { if (empty($_POST['email']) || empty($_POST['password'])) { $error = 'Please fill in all fields.'; // here, they have not filled in either the username OR the password. Set an error. } else { // MAKE CONNECTION include ('db_connect.php'); // connect to the mysql server $link = mysql_connect($host, $username, $password) or die ("Could not connect to mysql because ".mysql_error()); // select the database mysql_select_db($database) or die ("Could not select database because ".mysql_error()); $error = ""; $email = $_POST['email']; $pwd = $_POST['password']; // check if the email is taken (safe query): $query = sprintf("SELECT `email` FROM `users` WHERE `email` = '%s'", mysql_real_escape_string($_POST['email'])); $qry = mysql_query($query) or die ("Could not match data because ".mysql_error()); $num_rows = mysql_num_rows($qry); if ($num_rows < 1) { // Reverse magic_quotes_gpc/magic_quotes_sybase effects on those vars if ON. if(get_magic_quotes_gpc()) { $product_name = stripslashes($_POST['email']); $product_description = stripslashes($_POST['password']); } else { $product_name = $_POST['email']; $product_description = $_POST['password']; } if (!preg_match("/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i",$product_name)||!mail($product_name)) $error = "Invalid email"; else { // Make a safe query $query = sprintf("INSERT INTO users (`email`, `password`) VALUES ('%s', '%s')", mysql_real_escape_string($email, $link), mysql_real_escape_string($password, $link)); $result = mysql_query($query, $link); // If there is no result, or there was not at least 1 row affected, die... if(!$result || mysql_affected_rows() < 1) { $error = 'Could not insert user because ' . mysql_error(); } else { // redirect them to the user account page, because we successfully ran the SQL // notice how we haven't output ANYTHING to the browser yet- header() works header('Location: user.php'); exit(); } } } else { $error = 'That email is already in use, please select a different one.'; } } } // If they've posted but there was an error, kindly show their email address for them again. if(isset($_POST['email'])) $email = $_POST['email']; else $email = ''; ?> Quote Link to comment Share on other sites More sharing options...
Dada78 Posted January 22, 2008 Author Share Posted January 22, 2008 I have tried this trying to intergrate it into the code I have working and I get this error. Parse error: syntax error, unexpected '}' in /home/mesquit1/public_html/local/register.php on line 86 line one starts and <?php <?php // here, we check if the form has been submitted, because we need to handle // redirection before we handle outputting the HTML stuff. if (isset($_POST['submit'])){ if($_POST['email'] != '' ){ $email=$_POST['email']; }else{ $errors[] = 'Please enter a email.'; } if($_POST['password'] != '' ){ $password=$_POST['password']; }else{ $errors[] = 'Please enter a desired password.'; } } else { // MAKE CONNECTION include ('db_connect.php'); // connect to the mysql server $link = mysql_connect($host, $username, $password) or die ("Could not connect to mysql because ".mysql_error()); // select the database mysql_select_db($database) or die ("Could not select database because ".mysql_error()); $error = ""; $email = $_POST['email']; $pwd = $_POST['password']; // check if the email is taken (safe query): $query = sprintf("SELECT `email` FROM `users` WHERE `email` = '%s'", mysql_real_escape_string($_POST['email'])); $qry = mysql_query($query) or die ("Could not match data because ".mysql_error()); $num_rows = mysql_num_rows($qry); if ($num_rows < 1) { // Reverse magic_quotes_gpc/magic_quotes_sybase effects on those vars if ON. if(get_magic_quotes_gpc()) { $product_name = stripslashes($_POST['email']); $product_description = stripslashes($_POST['password']); } else { $product_name = $_POST['email']; $product_description = $_POST['password']; } if (!preg_match("/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i",$product_name)||!mail($product_name)) $error = "Invalid email"; else { // Make a safe query $query = sprintf("INSERT INTO users (`email`, `password`) VALUES ('%s', '%s')", mysql_real_escape_string($email, $link), mysql_real_escape_string($password, $link)); $result = mysql_query($query, $link); // If there is no result, or there was not at least 1 row affected, die... if(!$result || mysql_affected_rows() < 1) { $error = 'Could not insert user because ' . mysql_error(); } else { // redirect them to the user account page, because we successfully ran the SQL // notice how we haven't output ANYTHING to the browser yet- header() works header('Location: user.php'); exit(); } } } else { $error = 'That email is already in use, please select a different one.'; } } } // If they've posted but there was an error, kindly show their email address for them again. if(isset($_POST['email'])) $email = $_POST['email']; else $email = ''; ?> Quote Link to comment Share on other sites More sharing options...
mmarif4u Posted January 22, 2008 Share Posted January 22, 2008 Split into two parts: if (empty($_POST['email'])) { $error = 'Please fill in email field.'; echo $error;//or you can echo it any where you want } if (empty($_POST['password'])) { $error = 'Please fill in password field.'; echo $error;//or you can echo it any where you want } Quote Link to comment Share on other sites More sharing options...
Dada78 Posted January 22, 2008 Author Share Posted January 22, 2008 With the suggestion above I am getting this error. Parse error: syntax error, unexpected '}' in /home/mesquit1/public_html/local/register.php on line 83 Line one starts at <?php below <?php // here, we check if the form has been submitted, because we need to handle // redirection before we handle outputting the HTML stuff. if (isset($_POST['submit'])) { if (empty($_POST['email'])) { $error = 'Please fill in email field.'; echo $error;//or you can echo it any where you want } if (empty($_POST['password'])) { $error = 'Please fill in desired password field.'; echo $error;//or you can echo it any where you want } } else { // MAKE CONNECTION include ('db_connect.php'); // connect to the mysql server $link = mysql_connect($host, $username, $password) or die ("Could not connect to mysql because ".mysql_error()); // select the database mysql_select_db($database) or die ("Could not select database because ".mysql_error()); $error = ""; $email = $_POST['email']; $pwd = $_POST['password']; // check if the email is taken (safe query): $query = sprintf("SELECT `email` FROM `users` WHERE `email` = '%s'", mysql_real_escape_string($_POST['email'])); $qry = mysql_query($query) or die ("Could not match data because ".mysql_error()); $num_rows = mysql_num_rows($qry); if ($num_rows < 1) { // Reverse magic_quotes_gpc/magic_quotes_sybase effects on those vars if ON. if(get_magic_quotes_gpc()) { $product_name = stripslashes($_POST['email']); $product_description = stripslashes($_POST['password']); } else { $product_name = $_POST['email']; $product_description = $_POST['password']; } if (!preg_match("/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i",$product_name)||!mail($product_name)) $error = "Invalid email"; else { // Make a safe query $query = sprintf("INSERT INTO users (`email`, `password`) VALUES ('%s', '%s')", mysql_real_escape_string($email, $link), mysql_real_escape_string($password, $link)); $result = mysql_query($query, $link); // If there is no result, or there was not at least 1 row affected, die... if(!$result || mysql_affected_rows() < 1) { $error = 'Could not insert user because ' . mysql_error(); } else { // redirect them to the user account page, because we successfully ran the SQL // notice how we haven't output ANYTHING to the browser yet- header() works header('Location: user.php'); exit(); } } } else { $error = 'That email is already in use, please select a different one.'; } } } // If they've posted but there was an error, kindly show their email address for them again. if(isset($_POST['email'])) $email = $_POST['email']; else $email = ''; ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.