[SOLVED] PHP Registration grief! :(

S

silverj2k7

Member
Joined
Apr 15, 2012
Posts
6
Ignore all following posts - I managed to fix this issue!

I had 3 issues that I had to resolve.

Firstly hen a database table contains a field that is set to a default which in this case was '0' the quote marks must also still be included in the SQL query.

Secondly - I was missing a field from my register form.

Thirdly - The password field was conflicting with the msql_connect password (so I removed password from the db connect statement and it now works.

[FONT=verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif]Thank you laxer very much for yet again trying to help me! :)

Now onto the last problem... I really have no clue! :([/FONT]
 

Attachments

  • help-4.png
    help-4.png
    45.1 KB · Views: 7
Last edited:
Hi Justin,

Let's work on the HTML form then move to the back end...

First thing I would do... lets switch your form to POST not GET.

The reason: GET puts all the variables in the url... when using sensitive information this is not always the best idea.

Also, I suggest adding a second password field so that users are less likely to create typos.
Once you have the HTML form looking how you want it post the code here. (use [html]code here[/html] if you can)

From there, we can go to error trapping, then to submitting it to the database.
 
Laxer said:
Hi Justin,

Let's work on the HTML form then move to the back end...

First thing I would do... lets switch your form to POST not GET.

The reason: GET puts all the variables in the url... when using sensitive information this is not always the best idea.

Also, I suggest adding a second password field so that users are less likely to create typos.
Once you have the HTML form looking how you want it post the code here. (use [html]code here[/html] if you can)

From there, we can go to error trapping, then to submitting it to the database.
Click to expand...

Hiya

Firstly thanks for the reply and secondly I will get back to you later with more information and try this out because I am moving to another place today.

Thanks :)
 
Hiya - Okay, So I've changed the GET to POST and these are the errors I am getting:


Notice: Undefined index: username in C:\xampp\htdocs\addusertodb.php on line 8

Notice: Undefined index: password in C:\xampp\htdocs\addusertodb.php on line 9

Notice: Undefined index: age in C:\xampp\htdocs\addusertodb.php on line 10

Notice: Undefined index: emailaddress in C:\xampp\htdocs\addusertodb.php on line 11
Column count doesn't match value count at row 1

HTML: 
<center><h1 style="color:#fff;">Registration form</h1>    <form action="addusertodb.php" method="POST"><table border="1" cellspacing="5" width="50%" cellpadding="5" style="border: 1px solid #B11718; color: #fff">    <tr>        <td><h3>Login Details</h3></td></tr>        <tr>        <td>Username: <input type="text" name="username">        <td>Password: <input type="password" name="password"></tr>            <tr>                <td><label>Email: <input type="text" name="emailaddress"></label></td>                <td><label>Age: <input type="text" name="age" size="3"></label></td>    </tr>        </table>            <br />                <input type="submit" name="register" size="5" value="Register"></form>                <a href="index.php"><input type="submit" value="Return"></a></input></center>            <br />

That is the HTML form that I am using, for now I am just going to have one password field until I can get it working.


And this is the PHP form:
<?php


require "dbconn.php";


//Copy the variables that the form placed in the URL
// into these three variables


$name = $_POST['username'];
$password = $_POST['password'];
$age = $_POST['age'];
$emailaddress = $_POST['emailaddress'];


//connect to MySQL


$connect = mysql_connect($host, $user, $password )
or die ("Hey loser, check your server connection.");

//Make sure we are using the right database
mysql_select_db($database);


//set up the query using the values that were passed via the URL from the form
$query = "INSERT INTO person VALUES ('".$name."','".$password."','".$age."','".$emailaddress."')";


$results = mysql_query($query)
or die (mysql_error());



header( 'Location:registered.html');
?>
 
Also please bear in mind, In the persons table (where the user data is stored). I have an addition column called accounttype which by default is set to 0. I don't know if that would make any different or be the cause of the last bit of the error message:
Column count doesn't match value count at row 1
 
Ignore the PHP for now...

Ignore the errors for now as well...

Just look at the html page....

First we need to get that set up.

After that we will move onto getting and sanitizing the information with PHP then finally inserting it into the SQL DB.
 
Laxer said:
Ignore the PHP for now...

Ignore the errors for now as well...

Just look at the html page....

First we need to get that set up.

After that we will move onto getting and sanitizing the information with PHP then finally inserting it into the SQL DB.
Click to expand...

Okay - what I did was I got a little fed up with it so I decided to try use another form that I had working which adds a book to the booktable using a HTML form.

What I did was I used the same .php but changed the variables around and the GET to POST, I also used the same HTML form but also just changed it to match where it was, but I still have no luck.

Instead of the other errors I am getting this one which is very strange:
Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'root'@'localhost' (using password: YES) in C:\xampp\htdocs\addusertodb.php on line 15
Hey loser, check your server connection.

Which is very strange considering I am using the exact same .php and .html form from the already-working addbooks form. They both also use the dbconn.php and have identical line 15 lines in the PHP files?


HTML: 
<div id="registercenter">	<h1>Register</h1>			<br />			<form name="inputbook" action="addusertodb.php" method="POST">			<table cellspacing="1" cellpadding="2" border="1">				<tr>					<td>					Username:				</td>				     <td>						<input type="text" name="name"></input>					</td>				</tr>					<td>					Password: 			</td>				<td>					<input type="password" name="password"></input>				</td>			</tr>				<tr>					<td>					Age:				</td>					<td>			<input type="text" name="age"></input>					</td>			</tr>				<tr>					<td>					Email Address:				</td>					<td>			<input type="text" name="emailaddress"></input>				</td>			</tr>		</table><br /><input type="submit" value="Register"></input><a href="index.php"><input type="submit" value="Return"></input></a></form>

The PHP:
HTML: 
<?php
require "dbconn.php";
//Copy the variables that the form placed in the URL// into these three variables
$name = $_POST['name'];$password = $_POST['password'];$age = $_POST['age'];$emailaddress = $_POST['emailaddress'];
//connect to MySQL
$connect = mysql_connect($host, $user, $password )	or die ("Hey loser, check your server connection.");	//Make sure we are using the right databasemysql_select_db($database);
//set up the query using the values that were passed via the URL from the form$query = "INSERT INTO person VALUES ('".$name."','".$password."','".$age."','".$emailaddress."')";
$results = mysql_query($query)	or die (mysql_error());	header( 'Location:jobdone.html');?>
 
One step at a time... don't get ahead of yourself or you will end up making a bigger mess then you had before hand... (trust me :r1:)

Lets first work with user registration....

Let's create a basic form using html... nothing special here:

HTML: 
<form action="#" method="post" onSubmit="return Validator(this)">
  <table width="400px">
    <tr>
    	<th width="200px" align="right"><label>Username:</label></th><th><input name="name" /></th>
    </tr>
    <tr>
    	<th width="200px" align="right"><label>Password:</label></th><th><input name="pass" type="password" /></th>
    </tr>
    <tr>
    	<th width="200px" align="right"><label>Confirm Password:</label></th><th><input name="pass2" type="password" /></th>
    </tr>
    <tr>
    	<th width="200px" align="right"><label>E-mail Address:</label></th><th><input name="email" /></th>
    </tr>
    <tr>
    	<th width="200px" align="right"><label>Age:</label></th><th><input name="age" /></th>
    </tr>
    <tr><th colspan="2"><input type="submit" name="submit" value="Submit" /></th></tr>
  </table>
</form>

Before I let the user submit the form I like to make sure everything is filled out using some basic JS...
Code: 
function Validator(theForm)
{
	var alertsay = "";
	if (theForm.name.value == "")
	{
		alert("You must enter an Username.");
		theForm.name.focus();
		return (false);
	}
	if (theForm.name.value.length < 5)
	{
		alert("Please enter at least 5 characters in the \"UserName\" field.");
		theForm.name.focus();
		return (false);
	}
	var checkOK = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
	var checkStr = theForm.name.value;
	var allValid = true;
	for (i = 0;  i < checkStr.length;  i++)
	{
		ch = checkStr.charAt(i);
		for (j = 0;  j < checkOK.length;  j++)
			if (ch == checkOK.charAt(j))
				break;
		if (j == checkOK.length)
		{
			allValid = false;
			break;
		}
	}
	if (!allValid)
	{
		alert("Please enter only letter and numeric characters in the \"UserName\" field.");
		theForm.name.focus();
		return (false);
	}
	
	// require at least 5 characters in the password field
	if (theForm.pass.value.length < 5)
	{
		alert("Please enter at least 5 characters in the \"Password\" field.");
		theForm.pass.focus();
		return (false);
	}
	
	// check if both password fields are the same
	if (theForm.pass.value != theForm.pass2.value)
	{
		alert("The two passwords do not match.");
		theForm.pass2.focus();
		return (false);
	}
	
	// check if Email field is blank
	if (theForm.email.value == "")
	{
		alert("Please enter a value for the \"Email\" field.");
		theForm.email.focus();
		return (false);
	}

	// test if valid Email address, must have @ and .
	var checkEmail = "@.";
	var checkStr = theForm.email.value;
	var EmailValid = false;
	var EmailAt = false;
	var EmailPeriod = false;
	for (i = 0;  i < checkStr.length;  i++)
	{
	ch = checkStr.charAt(i);
	for (j = 0;  j < checkEmail.length;  j++)
	{
	if (ch == checkEmail.charAt(j) && ch == "@")
	EmailAt = true;
	if (ch == checkEmail.charAt(j) && ch == ".")
	EmailPeriod = true;
		  if (EmailAt && EmailPeriod)
			break;
		  if (j == checkEmail.length)
			break;
		}
		// if both the @ and . were in the string
	if (EmailAt && EmailPeriod)
	{
			EmailValid = true
			break;
		}
	}
	if (!EmailValid)
	{
		alert("Please enter a valid Email address");
		theForm.email.focus();
		return (false);
	}
	//Everything is good!
	return (true);
}

This will force users to have matching passwords, a username longer then 5 chars and a valid email address before form submit.

Note: you still need to check and clean everything with php...
Once you are happy with how this form works let me know and will will rip into the PHP :smile9:
 

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top