Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 10 of 10
  1. #1
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    923
    Thanks
    76
    Thanked 29 Times in 29 Posts

    issues with host?

    Hello, I have a site which allows user to register. It is working fine in WAMP and allows me to register many different usernames. When I upload it to my host, it is returning the error "Fill in all of the form.".

    I think it must be hosting issue otherwise it wouldn't work in WAMP neither. The code fails at the if statement: if($user && $enc_pass && $email){ even though I have filled in all of the form.
    PHP Code:
    <?php
    session_start
    ();

    /*FUNCTION TO SANITIZE USER INPUT. RETURNS USER INPUT STRIPPED OF ANY SPECIAL CHARACTERS*/
    function check_input($data) {
        
    $illegalChars = array('!','@','#','$','%','^','&','*','(',')','+','=','-','[',']','.',';',',','/','{','}','|','"',':','<','>','?','~','£'); 
        
    $data str_replace($illegalChars,'',$data);
        
    $data trim($data);
        
    $data stripslashes($data);
        
    $data htmlspecialchars($dataENT_QUOTES);
        
    $data mysql_real_escape_string($data);
        return 
    $data;
    }

    /*FUNCTION TO SEND EMAIL TO USER*/
    function sendEmail($email$user$pass){

        
    $code rand(1000099999);
        
        
    $to $email;
        
    $subject "Welcome to the Deus Ex Demo Upload/Download Site";
        
    $body "Welcome, {$user}<br />";
        
    $body .= "Username: {$user}<br />";
        
    $body .= "Password: {$pass}<br />";
        
    $body .= "Activation Code: {$code}";
        
        if(
    mail($to$subject$body)){
           
        }
        else{
            echo 
    "<p>Message delivery failed...</p>";
        }
    }

    $user check_input($_POST['user']);
    $pass check_input($_POST['pass']);
    $enc_pass md5($pass); 
    $email $_POST['email'];

    if(
    $user && $enc_pass && $email){
       
       if(!
    filter_var($emailFILTER_VALIDATE_EMAIL)){
           
    $_SESSION["email"] = "Email is not valid";
           
    header("Location: index.php");
       }
       else{
           
    // Connect to server and select database.
           
    require("connectdb.php");
           
           
    $query mysql_query("SELECT * FROM $tblname WHERE username='{$user}' or email='{$email}'");
           
    $count mysql_num_rows($query);
           
           if(
    $count >= 1){
               
    $_SESSION["emailinuse"] = "Email AND/OR Username already in use.";
               
    header("Location: index.php");
           }
           else{
               
    $qry mysql_query("INSERT INTO members VALUES('', '{$user}', '{$enc_pass}', '{$email}')")or die("error");
               
    sendEmail($email$user$pass);
               
    $_SESSION["registered"] = "You have successfully registered. Please check your email for login details.<a href='index.php'>Click here</a> to 
                                 return to the homepage to login."
    ;
               
    header("Location: registered.php");
           }
       }
     
       
    }
    else{
       
    $_SESSION["fill"] = "Please fill in all of the form.";
       
    header("Location: index.php");
    }

    ?>
    Does anyone know what could be the issue?

    Kind regards,

    LC.
    Last edited by LearningCoder; 07-10-2012 at 10:17 PM. Reason: explained better

  • #2
    Senior Coder
    Join Date
    Jun 2008
    Location
    New Jersey
    Posts
    2,536
    Thanks
    45
    Thanked 259 Times in 256 Posts
    Have you echoed out the POST values and their sanitized counterparts? Are you using the same version of Apache and PHP as your host is using? If you remove check_input, does it work? Basic debugging steps.

  • #3
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    923
    Thanks
    76
    Thanked 29 Times in 29 Posts
    I have echo'd the values out and they are working.

    I have just checked my own WAMP PHP/MYSQL versions.

    My version
    php version: 5.3.1
    apache version: 2.2.21

    webhost version
    php version: 5.2.17
    apache version: It doesn't say, it just says 'Apache'.

    Thanks for the reply,

    Kind regards,

    LC.

  • #4
    Senior Coder
    Join Date
    Jun 2008
    Location
    New Jersey
    Posts
    2,536
    Thanks
    45
    Thanked 259 Times in 256 Posts
    So just before the if, if you echo $user, it shows the correct value? All 3 do? None are blank? If so, I can't think of what could be wrong.

  • #5
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    923
    Thanks
    76
    Thanked 29 Times in 29 Posts
    Ah, it seems to be returning errors regarding the check_input() function.

    Something to do with $data = mysql_real_escape_string($data);

    It is only printing out the email address, which is the only value to not go through the check_input() function.

    Here is an image to show the exact error messages which can be found here:
    http://www.abjava.host22.com/realescape.JPG

    Do anyone know what the issue could be?

    Kind regards,

    LC.

  • #6
    Senior Coder
    Join Date
    Jun 2008
    Location
    New Jersey
    Posts
    2,536
    Thanks
    45
    Thanked 259 Times in 256 Posts
    Do you have a MySQL connection active at the time of the code? The error is pretty straight forward.

  • Users who have thanked Keleth for this post:

    LearningCoder (07-11-2012)

  • #7
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    923
    Thanks
    76
    Thanked 29 Times in 29 Posts
    No not at the time of retrieving the data, the only time I connect is after checking that the email is valid. Here is my code to help explain it.

    PHP Code:
    <?php
    session_start
    ();

    /*FUNCTION TO SANITIZE USER INPUT. RETURNS USER INPUT STRIPPED OF ANY SPECIAL CHARACTERS*/
    function check_input($data) {
        
    $illegalChars = array('!','@','#','$','%','^','&','*','(',')','+','=','-','[',']','.',';',',','/','{','}','|','"',':','<','>','?','~','£'); 
        
    $data str_replace($illegalChars,'',$data);
        
    $data trim($data);
        
    $data stripslashes($data);
        
    $data htmlspecialchars($dataENT_QUOTES);
        
    $data mysql_real_escape_string($data);
        return 
    $data;
    }

    /*FUNCTION TO SEND EMAIL TO USER*/
    function sendEmail($email$user$pass){

        
    $code rand(1000099999);
        
        
    $to $email;
        
    $subject "Welcome to the Deus Ex Demo Upload/Download Site";
        
    $body "Welcome, {$user}<br />";
        
    $body .= "Username: {$user}<br />";
        
    $body .= "Password: {$pass}<br />";
        
    $body .= "Activation Code: {$code}";
        
        if(
    mail($to$subject$body)){
           
        }
        else{
            echo 
    "<p>Message delivery failed...</p>";
        }
    }

    $user check_input($_POST['user']);
    $pass check_input($_POST['pass']);
    $enc_pass md5($pass); 
    $email $_POST['email'];

    echo 
    $user."<br />";
    echo 
    $pass."<br />";
    echo 
    $email."<br />";

    if(
    $user && $enc_pass && $email){
       
       if(!
    filter_var($emailFILTER_VALIDATE_EMAIL)){
           
    $_SESSION["email"] = "Email is not valid";
           
    header("Location: index.php");
       }
       else{
           
    // Connect to server and select database.
           
    require("connectdb.php");
           
           
    $query mysql_query("SELECT * FROM $tblname WHERE username='{$user}' or email='{$email}'");
           
    $count mysql_num_rows($query);
           
           if(
    $count >= 1){
               
    $_SESSION["emailinuse"] = "Email AND/OR Username already in use.";
               
    //header("Location: index.php");
           
    }
           else{
               
    $qry mysql_query("INSERT INTO members VALUES('', '{$user}', '{$enc_pass}', '{$email}')")or die("error");
               
    sendEmail($email$user$pass);
               
    $_SESSION["registered"] = "You have successfully registered. Please check your email for login details.<a href='index.php'>Click here</a> to 
                                 return to the homepage to login."
    ;
               
    //header("Location: registered.php");
           
    }
       }
     
       
    }
    else{
       
    $_SESSION["fill"] = "Please fill in all of the form.";
       
    //header("Location: index.php");
    }

    ?>
    Do I need to be connected to the server to use mysql_real_escape_string();?

    I have a file called connectdb.php:
    PHP Code:
    <?php

    $con 
    mysql_connect("localhost""root""");
         if(!
    $con){
             
    $_SESSION['server_error'] = "<span class='marginL'>Error: Could not connect to server.</span>";
             
    header("Location: index.php");
         }
          
    $db mysql_select_db("deus_ex");
         if(!
    $db){
             
    $_SESSION['db_error'] = "<span class='marginL'>Error: Could not connect to database.</span>";
             
    header("Location: index.php");
         }
    ?>
    Kind regards,

    LC.
    Last edited by LearningCoder; 07-11-2012 at 10:46 PM. Reason: edited code

  • #8
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    923
    Thanks
    76
    Thanked 29 Times in 29 Posts
    Shame on me.

    2nd parameter of mysql_real_escape_string is the connection...

    Thanks for the guidance nonetheless!

    Kind regards,

    LC.

  • #9
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,327
    Thanks
    60
    Thanked 525 Times in 512 Posts
    Blog Entries
    4
    You really should be using isset() on your $_POST variables to be sure they exist, not just passing them to your function and then assigning to variables like $user.

    I'm surprised no one else has mentioned that seeing as its kind of crucial..
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  • #10
    Regular Coder LearningCoder's Avatar
    Join Date
    Jan 2011
    Location
    The Pleiades
    Posts
    923
    Thanks
    76
    Thanked 29 Times in 29 Posts
    Something like:
    PHP Code:
    $user $_POST['user'];
    $pass $_POST['pass'];
    $email $_POST['email'];

    if(isset(
    $user$pass$email)){
    $user check_input($user);
    $pass check_input($pass);
        if(
    $emailFILTER_VALIDATE_EMAIL){
        
    //do something
        
    }
        else{
        
    //do something else
        
    }
    }
    else{
       
    //do something else here

    Is that somewhere near right?

    Regards,

    LC.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •