login/reg form not working

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
psychotomus
Forum Contributor
Posts: 487
Joined: Fri Jul 11, 2003 1:59 am

login/reg form not working

Post by psychotomus »

http://www.gamemakerforums.com/main.php


is it cause i'm using images as submit buttons?

Code:

Code: Select all

 
<?php
session_start();
include "template.php";
include "mysql.php";
 
$template = &New Template;
 
if(isset($_SESSION['userid']))
{
    header("Location: index.php");
    exit;
}
 
//set templates
$template->set_filenames(array('body' => "templates/default/main.tpl"));
 
if(isset($_POST['Reg']))
{
    //vars
    $ip = $_SERVER['REMOTE_ADDR'];
    $user = mysql_real_escape_string($_POST['textUser']);
    $pass = mysql_real_escape_string($_POST['textPass']);
    $email = mysql_real_escape_string($_POST['textEmail']);
    $ref = mysql_real_escape_string($_GET['ref']);
    $time = time();
    
    //check if username in use
    $result = mysql_query("SELECT userid FROM users WHERE username='$user'");
    if (mysql_num_rows($result) == 1)
    {
        //set error message
        $err = 'Username in use<br>';
    }
    
    //check if email in use
    $result = mysql_query("SELECT userid FROM users WHERE email='$email'");
    if (mysql_num_rows($result) == 1)
    {
        //set error message
        $err .= 'Email in use<br>';
    }
    
    //check if ip address is allready used
    $result = mysql_query("SELECT userid FROM users WHERE lastip='$ip'");
    if (mysql_num_rows($result) == 1)
    {
        //set error message
        $err .= 'IP address allready in use<br>';
    }
    
    //check if there was an error
    if (strlen($err) > 0 )
    {
        //set template var
        $template->assign_var("MESSAGE" , $err);
    }   
    else //reg details OK.
    {
    /*
        //if a referral
        if(isset($_GET['ref']))
        {
            //check if referal username exists
            $result = mysql_query("SELECT userid FROM users WHERE username='$ref'") or die(mysql_error());
            if (mysql_num_rows($result) == 1)
            {
                //get user
                $user = mysql_fetch_object($result);
                
                //check reward
                $result = mysql_query("SELECT conf_value FROM settings WHERE conf_name='Referral'") or die(mysql_error());
                $setting = mysql_fetch_object($result);
                
                //give reward to referal
                mysql_query("UPDATE users SET money=money+$setting->conf_value WHERE userid='$user->userid'") or die(mysql_error());
            }
            
        }
    */
        //insert new user query
        mysql_query("INSERT INTO users (username, userpass, lastip, signedup, email) VALUES ('$user','$pass','$ip','$time','$email')") or die(mysql_error());
    //run query
        $result = mysql_query("SELECT userid FROM users WHERE username='$user'") or die(mysql_error());
 
    
        //fetch user information
        $user = mysql_fetch_object($result);
        
        //set session
        $_SESSION['userid'] = $user->userid;
        
        //redirect user
        header("Location: index.php");
        
    }
}
if(isset($_POST['Login']))
{
 
    //vars
    $user = mysql_real_escape_string($_POST['textUser']);
    $pass = mysql_real_escape_string($_POST['textPass']);
    
    //run query
    $result = mysql_query("SELECT userid FROM users WHERE username='$user' AND userpass='$pass'") or die(mysql_error());
    
    //if username and password match
    if (mysql_num_rows($result) == 1)
    {
    
        //fetch user information
        $user = mysql_fetch_object($result);
        
        //set session
        $_SESSION['userid'] = $user->userid;
        
        //redirect user
        header("Location: index.php");
    }
    else
    {
        //set var
        $template->assign_var("MESSAGE" , 'Incorrect username and password combination');
    }
}
//parse templates
$template->pparse('body');
?>
 
Post Reply