Jon W
01-09-2008, 09:04 AM
Alright, so here is the problem,
I have a Register form right now that I'm using to learn and get the feel for using PHP. I have a if statement to check in the database if a user has already submited the same users, and if there is already a user with that name, it comes back false, the same is for the email address. So heres the problem, if you say for eample type in a user name that is already in the database it will come back with the error, but it will also submit the info that you have already typed in if all of the fields are filled in. Which means that you get two users names that are the same and the persons email address so when he does go and find a name that isn't already been used, he wont be able to use his email address because it will be already in the database. How do I fix such problem? I've used the if(isset($_POST['submit'])) to make sure that, but it seems to ignore that script and go on through with its actions...
<?php
include("db.php");
include("function.php");
if(isset($_POST['submit']))
{
$query = mysql_query("SELECT username FROM users WHERE username = '".mysql_real_escape_string($_POST['username'])."'") or die('Database error: ' .mysql_error());
$checkuser = mysql_fetch_row($query);
if(isset($_POST['submit']) && $checkuser > 0)
{
$error = 'This username is already being used.'; include("register.php");
}
$query1 = mysql_query("SELECT email FROM users WHERE email = '".mysql_real_escape_string($_POST['email'])."'") or die('Database error: ' .mysql_error());
$checkemail = mysql_fetch_row($query1);
if(isset($_POST['submit']) && $checkemail > 0)
{
$error = 'This Email is already being used.';
include("register.php");
}
if(isset($_POST['submit']) && empty($_POST['username']))
{
$error = 'Please fill in your username';
include("register.php");
}
elseif(isset($_POST['submit']) && empty($_POST['password']))
{
$error = 'Please fill in a password';
include("register.php");
}
elseif(isset($_POST['submit']) && $_POST['password'] != $_POST['comfirmed_password'])
{
$error = 'Your passwords do not match. Please retype them and try again';
include("register.php");
}
elseif(isset($_POST['submit']) && empty($_POST['email']))
{
$error = 'Please fill in your email';
include("register.php");
}
elseif(isset($_POST['submit']) && $_POST['email'] != $_POST['comfirmed_email'])
{
$error = 'Your emails do not match. Please retype them and try again';
include("register.php");
}
else
{
$query = mysql_query("INSERT INTO users(`id`, `username`, `password`, `email`, `random_key`) VALUES('', '".mysql_real_escape_string($_POST[username])."', '".mysql_real_escape_string(md5($_POST[password]))."', '".mysql_real_escape_string($_POST[email])."', '".random_string('alnum', 32)."')") or die('Database error: ' .mysql_error());
$getuser = mysql_query("SELECT id, username, email, random_key FROM users WHERE username = '".mysql_real_escape_string($_POST['username'])."'") or die('Database error: ' .mysql_error());
if(mysql_num_rows($getuser)==1)
{
$row = mysql_fetch_assoc($getuser);
$header = "From: TopGameHQ";
$subject = "Account Registerion";
$message = "Dear ".$row['username'].",\r\n\r\n Your account is almost actived. To finish your activeion, please click this link: http://topgamehq.com/learn/comfirm.php?id=".$row['id']."&key=".$row['random_key']."\r\n\r\n Thank you for joining TopGameHQ!";
if(mail($row['email'], $subject, $message, $header))
{
$msg = '<fieldset style=\"width:500px; height:100px;\"><legend>Comfirm email</legend>Account was created. Please login to your email and comfirme your account.</fieldset>';
?>
<html>
<head><title>TopGameHQ - Register</title>
<style type="text/css">
body { background-color:#000000;
margin-top:6px;
}
.main_table_border {
border: 1px solid #FF6600;
}
.input_table {
font-size:12px;
font-style:normal;
color:#000000;
}
fieldset {
border: 1px solid #FF6600;
}
.input {
border: 1px solid #FF6600;
font-size:12px;
font-weight:bold;
font-style:normal;
font-family:inherit;
}
</style></head>
<body>
<table width="750" align="center" cellpadding="0" cellspacing="0" class="main_table_border">
<tr>
<td align="center" valign="top" height="800" bgcolor="#FFFFFF">
<table width="750" align="center" cellpadding="0" cellspacing="0" bgcolor="#FF6600">
<tr>
<td height="70" align="center" valign="midddle"><span class="header">TopGameHQ - Register</span></td>
</tr>
</table>
<table width="700" align="center" cellpadding="0" cellspacing="0" class="input_table">
<tr>
<td> </td>
</tr>
<tr>
<td align="center" valign="top"><?php echo($msg); ?></td>
</tr>
</table>
</td></tr>
</table>
</body>
</html>
<?php
}
else
{
$error = 'We created your account, but failed to send a email out';
}
}
}
}
?>
I'm sure its something easy that I'm over looking. But with me not having that much knowledge and seeing that I'm still in the process of learning, its hard for me to find these errors.
Thanks for your help
Jon W
I have a Register form right now that I'm using to learn and get the feel for using PHP. I have a if statement to check in the database if a user has already submited the same users, and if there is already a user with that name, it comes back false, the same is for the email address. So heres the problem, if you say for eample type in a user name that is already in the database it will come back with the error, but it will also submit the info that you have already typed in if all of the fields are filled in. Which means that you get two users names that are the same and the persons email address so when he does go and find a name that isn't already been used, he wont be able to use his email address because it will be already in the database. How do I fix such problem? I've used the if(isset($_POST['submit'])) to make sure that, but it seems to ignore that script and go on through with its actions...
<?php
include("db.php");
include("function.php");
if(isset($_POST['submit']))
{
$query = mysql_query("SELECT username FROM users WHERE username = '".mysql_real_escape_string($_POST['username'])."'") or die('Database error: ' .mysql_error());
$checkuser = mysql_fetch_row($query);
if(isset($_POST['submit']) && $checkuser > 0)
{
$error = 'This username is already being used.'; include("register.php");
}
$query1 = mysql_query("SELECT email FROM users WHERE email = '".mysql_real_escape_string($_POST['email'])."'") or die('Database error: ' .mysql_error());
$checkemail = mysql_fetch_row($query1);
if(isset($_POST['submit']) && $checkemail > 0)
{
$error = 'This Email is already being used.';
include("register.php");
}
if(isset($_POST['submit']) && empty($_POST['username']))
{
$error = 'Please fill in your username';
include("register.php");
}
elseif(isset($_POST['submit']) && empty($_POST['password']))
{
$error = 'Please fill in a password';
include("register.php");
}
elseif(isset($_POST['submit']) && $_POST['password'] != $_POST['comfirmed_password'])
{
$error = 'Your passwords do not match. Please retype them and try again';
include("register.php");
}
elseif(isset($_POST['submit']) && empty($_POST['email']))
{
$error = 'Please fill in your email';
include("register.php");
}
elseif(isset($_POST['submit']) && $_POST['email'] != $_POST['comfirmed_email'])
{
$error = 'Your emails do not match. Please retype them and try again';
include("register.php");
}
else
{
$query = mysql_query("INSERT INTO users(`id`, `username`, `password`, `email`, `random_key`) VALUES('', '".mysql_real_escape_string($_POST[username])."', '".mysql_real_escape_string(md5($_POST[password]))."', '".mysql_real_escape_string($_POST[email])."', '".random_string('alnum', 32)."')") or die('Database error: ' .mysql_error());
$getuser = mysql_query("SELECT id, username, email, random_key FROM users WHERE username = '".mysql_real_escape_string($_POST['username'])."'") or die('Database error: ' .mysql_error());
if(mysql_num_rows($getuser)==1)
{
$row = mysql_fetch_assoc($getuser);
$header = "From: TopGameHQ";
$subject = "Account Registerion";
$message = "Dear ".$row['username'].",\r\n\r\n Your account is almost actived. To finish your activeion, please click this link: http://topgamehq.com/learn/comfirm.php?id=".$row['id']."&key=".$row['random_key']."\r\n\r\n Thank you for joining TopGameHQ!";
if(mail($row['email'], $subject, $message, $header))
{
$msg = '<fieldset style=\"width:500px; height:100px;\"><legend>Comfirm email</legend>Account was created. Please login to your email and comfirme your account.</fieldset>';
?>
<html>
<head><title>TopGameHQ - Register</title>
<style type="text/css">
body { background-color:#000000;
margin-top:6px;
}
.main_table_border {
border: 1px solid #FF6600;
}
.input_table {
font-size:12px;
font-style:normal;
color:#000000;
}
fieldset {
border: 1px solid #FF6600;
}
.input {
border: 1px solid #FF6600;
font-size:12px;
font-weight:bold;
font-style:normal;
font-family:inherit;
}
</style></head>
<body>
<table width="750" align="center" cellpadding="0" cellspacing="0" class="main_table_border">
<tr>
<td align="center" valign="top" height="800" bgcolor="#FFFFFF">
<table width="750" align="center" cellpadding="0" cellspacing="0" bgcolor="#FF6600">
<tr>
<td height="70" align="center" valign="midddle"><span class="header">TopGameHQ - Register</span></td>
</tr>
</table>
<table width="700" align="center" cellpadding="0" cellspacing="0" class="input_table">
<tr>
<td> </td>
</tr>
<tr>
<td align="center" valign="top"><?php echo($msg); ?></td>
</tr>
</table>
</td></tr>
</table>
</body>
</html>
<?php
}
else
{
$error = 'We created your account, but failed to send a email out';
}
}
}
}
?>
I'm sure its something easy that I'm over looking. But with me not having that much knowledge and seeing that I'm still in the process of learning, its hard for me to find these errors.
Thanks for your help
Jon W