Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 7 of 7
  1. #1
    New Coder
    Join Date
    Mar 2013
    Posts
    14
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Use MD5 passwords + stickyforms and make select choose stay after refresh

    Hello i got 3 problems with my register script.

    1. I don't get the errors messages when i leave $pass1 and $pass2 empty.
    Those errors messages below.

    PHP Code:
    if (!$pass1) {
    $errors[] = "You forgot to fill the first password field.";
    }

    if (!
    $pass2) {
    $errors[] = "You forgot to fill the second password field";

    2. I can't use stickyforms on $pass1 or $pass2. I want text to stay in the text field after the user have doing something wrong so he don't need to write the passwords again.

    3. I can't use stickyforms on $regender I want the choose to stay in the select list after the user have doing something wrong so he don't need to choose man or woman again.

    Remember I'm a beginner in php. If you see something else who is wrong please tell me and help me! If you want too.

    register.php
    PHP Code:
    <?php
    include 'db.php';


    if(isset(
    $_POST['regbutton'])) {

    $regfname "";
    $reglname "";
    $regage "";
    $regpass1 "";
    $regpass2 "";
    $regender "";
    $regemail1 "";
    $regemail2 "";
    $regcheckbox "";
    $regpage "";
    $regaccess "1";
    $regdate date("Y/m/d");

    function 
    protect($string){
    $string mysql_real_escape_string($string);
    $string strip_tags($string);
    $string addslashes($string);
    $string htmlspecialchars($string);
    return 
    $string;
    }

    $regfname protect($_POST['regfname']);
    $reglname protect ($_POST['reglname']);
    $regnickname protect ($_POST['regnickname']);
    $regage protect ($_POST['regage']);
    $pass1 md5 ($_POST['pass1']);
    $pass2 md5 ($_POST['pass2']);
    $regender protect ($_POST['regender']);
    $regemail1 protect ($_POST['regemail1']);
    $regemail2 protect($_POST['regemail2']);
    $regpage protect ($_POST['regpage']);
    $regcheckbox = ($_POST['regcheckbox']);
    $regip $_SERVER['REMOTE_ADDR'];

    $errors = array();

    if(
    $pass1 != $pass2) {

    $errors[] = "Passwords don't match."

    }

    if(
    $regemail1 != $regemail2) {

    $errors[] = "E-Mails don't match";

    }

    if (
    $regnickname){
    $sql "SELECT * FROM `accounts` WHERE `nickname`='".$regnickname."'";
    $res mysql_query($sql) or die(mysql_error());
    if(
    mysql_num_rows($res) > 0){
    $errors[] = "Nickname already exist.";
    }
    }

    if (
    $regemail1){
    $sql "SELECT * FROM `accounts` WHERE `email`='".$regemail1."'";
    $res mysql_query($sql) or die(mysql_error());
    if(
    mysql_num_rows($res) > 0){
    $errors[] = "E-Mail already exist.";
    }
    }

    if (
    $regemail1) {
    $checkregemail1 "/^[a-z0-9]+([_\\.-][a-z0-9]+)*@([a-z0-9]+([\.-][a-z0-9]+)*)+\\.[a-z]{2,}$/i";
    if(!
    preg_match($checkregemail1$regemail1)){
    $errors[] = "The E-Mail need to be name@example.com";
    }
    }

    if (!
    $regcheckbox) {
    $errors[] = "You forgot to mark the checkbox";
    }

    if (!
    $regfname) {
    $errors[] = "You forgot to fill the Firstname field.";
    }

    if (!
    $reglname) {
    $errors[] = "You forgot to fill the Lastname field.";
    }

    if (!
    $regnickname) {
    $errors[] = "You forgot to fill the Nickname field.";
    }

    if (!
    $regage) {
    $errors[] = "You forgot to fill the Age field.";
    }

    if (!
    $pass1) {
    $errors[] = "You forgot to fill the first password field.";
    }

    if (!
    $pass2) {
    $errors[] = "You forgot to fill the second password field";
    }

    if (!
    $regemail1) {
    $errors[] = "You forgot to fill the first E-Mail field.";
    }

    if (!
    $regemail2) {
    $errors[] = "You forgot to fill the second E-Mail field";
    }

    if (
    $regage 18){
    $error[] = "You need to be atleast 18 years old or older.";
    }


    if(
    count($errors) > 0){
    foreach(
    $errors AS $error)
    echo 
    $error "<br>\n";
    } else {
    mysql_query("INSERT INTO accounts (firstname, lastname, nickname, age, password, gender, email, access, ip, page, date) 
    values ('$regfname', '$reglname', '$regnickname', '$regage', '$pass1', '$regender', '$regemail1', '$regaccess', '$regip', '$regpage', '$regdate')"
    );
    echo 
    "Congratulations the user ";
    echo 
    $regnickname ;
    echo 
    " has been created and you can ";
    echo 
    '<a href="?p=login">login here.</a>';
    }
    }

    echo 
    '
    <html><body>
    <center><h3>Register</h3>
    <form method="post" action="?p=register">
    Firstname
    <br><input type="text" maxlength="20" name="regfname" value="' 
    $regfname '">

    <br><br>Lastname
    <br><input type="text" maxlength="20" name="reglname" value="' 
    $reglname '">

    <br><br>Nickname (Max 30 characters)
    <br><input type="text" maxlength="30" name="regnickname" value="' 
    $regnickname '">

    <br><br>How old are you?
    <br><input type="text" maxlength="3" name="regage" value="' 
    $regage '">

    <br><br>Password (Max 15 characters)
    <br><input type="password" maxlength="15" name="pass1">

    <br><br>Password again (Max 15 characters)
    <br><input type="password" maxlength="15" name="pass2">

    <br><br>Man or Woman?<br>
    <select name="regender">
    <option>Man</option>' 
    . (isset($_POST['regender']) ? 'selected="selected"':'') .'<option>Woman</option></select>

    <br><br>Email
    <br><input type="text" name="regemail1" value="' 
    $regemail1 '">

    <br><br>Email again
    <br><input type="text" name="regemail2" value="' 
    $regemail2 '">

    <br><br>Do you got a homepage? Maybe facebook?<br>
    <input type="text" name="regpage" value="' 
    $regpage '"><br><br>

    I have read the <a href="?p=rules">RULES </a>and I agree them.
    <input type="checkbox" name="regcheckbox" ' 
    . (isset($_POST['regcheckbox']) ? 'checked="checked"':'') .'><br><br>

    <input type="submit" name="regbutton" value="Register">
    </form>
    </center>
    </html></body>'
    ;
    ?>

  • #2
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,979
    Thanks
    4
    Thanked 2,659 Times in 2,628 Posts
    Although you don't have a use test listed here, !$pass1 and !$pass2 are never true (anytime after they've been declared that is, and within scope of course). Both of these are an md5 hash of $_POST['pass1']/$_POST['pass2'] (consider using a sha256 from the hash() family of functions instead; md5 has been long compromised), and hashing nothing still results in a hashed value. So compare instead against $_POST['pass1']/$_POST['pass2'] instead of the $pass1 / $pass2.

    For stickyforms, are you meaning to repopulate them on the bad submit? (that's what it sounds like you're looking for). With the passwords, that's simply because you don't have this: <br><input type="password" maxlength="15" name="pass1"> specificed with a value="" option. That's a simple matter of using: <br><input type="password" maxlength="15" name="pass1" value="' . (isset($_POST['pass1']) ? $_POST['pass1'] : '') . '">, and similar for the second one using pass2. I would recommend however that you do not let these set automatically and instead reforce the user to input again.
    Gender simply needs to check the value as well as the isset status.
    PHP Code:
    <select name="regender">
    <
    option value="Man"' . (isset($_POST['regender']) && strcasecmp($_POST['regender'], 'man') == 0 ? ' selected="selected"' : '') . '>Man</option>
    <
    option value="Woman"' . (isset($_POST['regender']) && strcasecmp($_POST['regender'], 'woman') == 0 ? ' selected="selected"' : '') . '>Woman</option
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • Users who have thanked Fou-Lu for this post:

    slexus (03-18-2013)

  • #3
    New Coder
    Join Date
    Mar 2013
    Posts
    14
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Fou-Lu View Post
    Although you don't have a use test listed here, !$pass1 and !$pass2 are never true (anytime after they've been declared that is, and within scope of course). Both of these are an md5 hash of $_POST['pass1']/$_POST['pass2'] (consider using a sha256 from the hash() family of functions instead; md5 has been long compromised), and hashing nothing still results in a hashed value. So compare instead against $_POST['pass1']/$_POST['pass2'] instead of the $pass1 / $pass2.

    For stickyforms, are you meaning to repopulate them on the bad submit? (that's what it sounds like you're looking for). With the passwords, that's simply because you don't have this: <br><input type="password" maxlength="15" name="pass1"> specificed with a value="" option. That's a simple matter of using: <br><input type="password" maxlength="15" name="pass1" value="' . (isset($_POST['pass1']) ? $_POST['pass1'] : '') . '">, and similar for the second one using pass2. I would recommend however that you do not let these set automatically and instead reforce the user to input again.
    Gender simply needs to check the value as well as the isset status.
    PHP Code:
    <select name="regender">
    <
    option value="Man"' . (isset($_POST['regender']) && strcasecmp($_POST['regender'], 'man') == 0 ? ' selected="selected"' : '') . '>Man</option>
    <
    option value="Woman"' . (isset($_POST['regender']) && strcasecmp($_POST['regender'], 'woman') == 0 ? ' selected="selected"' : '') . '>Woman</option
    Thank you very much are helped me alot. But there is 2 problems left i didn't get that with md5 thing? You know the error messages won't show if i use MD5 for pass 1 and 2.

    Here is the other problem i couldn't get or fix.


  • #4
    New Coder
    Join Date
    Mar 2013
    Posts
    14
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Bump!

  • #5
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,979
    Thanks
    4
    Thanked 2,659 Times in 2,628 Posts
    Did you make sure you closed your select?
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • #6
    Regular Coder Arcticwarrio's Avatar
    Join Date
    May 2012
    Location
    UK
    Posts
    709
    Thanks
    20
    Thanked 84 Times in 84 Posts
    the box after women is email
    There are 10 types of people on CodingForums,
    Those who understand Binary and those who dont.
    Get Cloud Hosting now from only£59 / month

  • #7
    Regular Coder Arcticwarrio's Avatar
    Join Date
    May 2012
    Location
    UK
    Posts
    709
    Thanks
    20
    Thanked 84 Times in 84 Posts
    i think you need to move the if is gender bit

    PHP Code:
    <option>Man</option>' . (isset($_POST['regender']) ? 'selected="selected"':'') .'<option>Woman</option></select
    should be <option selected="selected">man</option>

    PHP Code:
    <select name="regender"
    if(isset(
    $_POST['regender']){
        if (
    $_POST['regender'] == 'Man'){
            
    $man 'selected="selected"';
            
    $woman '';
        }
        if (
    $_POST['regender'] == 'Woman'){
            
    $man '';
            
    $woman 'selected="selected"';
        }
    }

    <
    option value="Man" '.$man.'>Man</option>
    <
    option value="Woman" '.$woman.'>Woman</option></select
    </
    select
    There are 10 types of people on CodingForums,
    Those who understand Binary and those who dont.
    Get Cloud Hosting now from only£59 / month


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •