...

View Full Version : Problem with error messages and form submit



ycpc55
08-13-2012, 10:51 PM
Hi,
i was wondering if anyone has any idea why my sign up form is not working? problem 1 when i leave some of the text box fields empty and click submit, the error messages will not show saying what text fields are empty. Problem 2 when all text box fields are filled in and the submit button is clicked, it will not submit the info into the database any help would be great thanks.

$errors = array();
if ($user == "") { $errors[] = "Please Enter A Username."; }
if ($pass == "") { $errors[] = "Please Enter A Password."; }
if ($confirmpass == "") { $errors[] = "Please Enter A confirmation password."; }
if ($mail == "") { $errors[] = "Please Enter Your E-mail Address."; }
if ($mailc == "") { $errors[] = "Please Enter Your Confirmation E-mail Address."; }
if ($gender == "") { $errors[] = "Please Select A Gender."; }
if ($firstname == "") { $errors[] = "Please Enter Your First Name."; }
if ($lastname == "") { $errors[] = "Please Enter Your Last Name."; }
if ($terms == "") { $errors[] = "Please Agree To The Terms Of Service."; }
if (strlen($pass) < $passLengthMIN ) { $errors[] = "The password contains to little chars."; }
if (strlen($pass) > $passLengthMAX ) { $errors[] = "The password contains to much chars."; }
if (strlen($user) < $userLengthMIN ) { $errors[] = "The username contains to little chars."; }
if (strlen($user) > $userLengthMAX ) { $errors[] = "The username contains to much chars."; }
if (validadres($mail) == false ) { $errors[] = "The given e-mail address is not valid."; }
if ($pass <> $confirmpass) { $errors[] = "Passwords do not match."; }
if ($mail <> $mailc) { $errors[] = "Email Address do not match."; }
$query = "SELECT * FROM ALS_signup WHERE user = :user Or mail = :mail";
$query_params = array(
':user' => $_POST['user'],
':mail' => $mail
);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
if ($row = $stmt->fetch($result)){
if ($row["user"] == $user) { $errors[] = "Your username is already used by another member."; }
if ($row["mail"] == $mail) { $errors[] = "Your e-mail address is already registrated in our database."; }
}
if ($errors) {
$errorstr = "<ul><li>" . implode("</li><li>", $errors) . "</li></ul>";
} else {
$errorstr = "";
$query = "INSERT INTO users (user,pass,salt,mail,gender,firstname,lastname
) VALUES (:user,:pass,:salt,:mail,:gender,:firstname,:lastname)";
$salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647));
$pass = hash('sha256', $_POST['pass'] . $salt);
$query_params = array(
':user' => $_POST['user'],
':pass' => $pass,
':salt' => $salt,
':mail' => $mail,
':gender' => $gender,
':firstname' => $firstname,
':lastname' => $lastname
);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
$query = "INSERT INTO msg_sent (user,mailmsg,totalmsg
) VALUES (:user,:0,:0)";
$query_params = array(
':user' => $_POST['user'],
':mailmsg' => $mailmsg,
':totalmsg' => $totalmsg
);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
}
function validadres($Mail){
$prereturn = true;
if (strlen($Mail) < 5){$prereturn = false;}
$partsNumber = split("@",$Mail);
if (count($partsNumber) <> 2) {$prereturn = false;}
else{
list($user,$domain) = split("@",$Mail);
if (strlen($user) < 1) {$prereturn = false;}
}
return $prereturn;
}

Dormilich
08-14-2012, 07:58 AM
your second insert query is wrong. placeholders must be names, not numbers (:0 !)

note: PDO will only use Exceptions for the connection by default. if you want to use Exceptions for PDO’s error handling, you have to manually set it.

and specifically to exception handling: Exceptions are not to be used with die() ! you have Exceptions so that you can control the programme flow (not to cut it). as a rule of thumb, "Catch Exceptions where you can handle the problem them". that means, if you can’t fix the problem (and die()ing is not fixing the problem) at this spot, do it at a later or upper level (and if there is nothing, wrap your whole code in a try... catch block).

ycpc55
08-14-2012, 07:17 PM
hi thanks for the reply,
for my second insert query. you said the placeholders must be names, not numbers (:0 !) how can i add numbers? thanks.

Dormilich
08-14-2012, 07:25 PM
why would you only use numbers? besides that, the placeholders must match the keys in the parameter array.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum