...

View Full Version : Another Problem



Fashong
06-16-2005, 01:23 PM
The problem is I can signup more then once, I don't know what is wrong in my coding but if their is more then one ip in the users it shouldn't let them signup. Also, if I goto that page, even without hitting submit it says "You can not make more then one account!".

Please help






<?php
$title = "Signup";
include("top.php");
$IP = $_SERVER['REMOTE_ADDR'];
?>


<div id="content">
<span>Signup</span>


<p>
<form method="POST" action="signup.php?action=signup">
Username:<br> <input type="text" name="username" size="20" maxlength="15"><br>
Password:<br> <input type="password" name="password" size="20" maxlength="15"><br>
Verify Password:<br> <input type="password" name="verpassword" size="20" maxlength="15"><br>
Email:<br> <input type="text" name="email" size="20" maxlength="25"><br><br>


Note: Your ip will be logged so please do not make multiple accounts<br><br>
<input type="submit" name="action" value="Signup"></form>


<?php
$ipcheck = mysql_query("select * from users where IP='$IP'");
IF(@mysql_numrows($ipcheck) > 0){
$ipused = yes;
}else{
$ipused = no;
}





IF ($action == "Signup" && $ipused == "no"){
$userupdate = mysql_query("INSERT INTO users (id, username, email, password, status, ipaddress, age) VALUES ('', '$username', '$email', '$password', '', '$IP', '')");
echo "Thank you for signing up.";
}else{
echo "You can not make more then one account!";
}
?>




</div>


<?php
include("bottom.php");
?>

marek_mar
06-16-2005, 03:47 PM
Validating with IP is meaningless as anyone could go to a internet cafe, freind, connect via modem, have a dynbamic IP or use a proxy.

Fou-Lu
06-16-2005, 03:49 PM
You cannot trust that remote_addr is accurate, dialup will always change, and if you have a dynamic high speed connection, your ip will also change.

The only way to control this is to disallow users from signing up more than once, meaning the user must be logged in to control that they do not create more than one account.
But there is no other accurate way of controlling this.

Fashong
06-16-2005, 03:51 PM
Can you guys just help me get this working please?? I am gonna try this for now because I am just making it. I will worry about that situation later.

mhunt
06-16-2005, 04:36 PM
well first off, you input an age into the query, but you don't have an age section in the form, might want to fix that first.

$userupdate = mysql_query("INSERT INTO users (id, username, email, password, status, ipaddress, age) VALUES ('', '$username', '$email', '$password', '', '$IP', '')");

unless you just have the age auto_increment which just doesn't make any sense to me

Fashong
06-16-2005, 04:38 PM
I do not have a status one etheir, it is default set to 0 and my status one is default set to member

schleppel
06-16-2005, 04:51 PM
You have (note "signup")


<form method="POST" action="signup.php?action=signup">

But then you have (note Signup)


IF ($action == "Signup" && $ipused == "no"){

PHP is case sensitive.

EDIT: And shouldn't it be $_GET['action'] ?
EDIT2: or maybe $_POST['action']?

Fashong
06-16-2005, 04:55 PM
No, that was for the button the submit button and the value = Signup...

Fashong
06-16-2005, 05:02 PM
Thanks

Nightfire
06-16-2005, 11:40 PM
The submit button will be $_POST['action'] as that's what you've named the button..

davehaz
06-17-2005, 12:07 AM
I agree $action isn't Signup so you will never execute your query.

Nightfire
06-17-2005, 12:40 AM
<?php
$title = "Signup";
include("top.php");
$IP = $_SERVER['REMOTE_ADDR'];
?>


<div id="content">
<span>Signup</span>


<p>
<form method="POST" action="signup.php?action=signup">
Username:<br> <input type="text" name="username" size="20" maxlength="15"><br>
Password:<br> <input type="password" name="password" size="20" maxlength="15"><br>
Verify Password:<br> <input type="password" name="verpassword" size="20" maxlength="15"><br>
Email:<br> <input type="text" name="email" size="20" maxlength="25"><br><br>


Note: Your ip will be logged so please do not make multiple accounts<br><br>
<input type="submit" name="action" value="Signup"></form>


<?php
if(isset($_POST['action'])){
$ipcheck = mysql_query("SELECT IP FROM users WHERE IP='$IP'");
IF(@mysql_num_rows($ipcheck) > 0){

echo "You can not make more then one account!";

}else{
$userupdate = mysql_query("INSERT INTO users (id, username, email, password, status, ipaddress, age) VALUES ('',$_POST['username'],$_POST['email'],$_POST['password'],'',$IP,'')");
echo "Thank you for signing up.";
}
}
}
?>

</div>

<?php
include("bottom.php");
?>


Still not 100% efficient, but it's been cleaned up a bit



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum