Page 1 of 1

where am i going wrong registration form

Posted: Tue Nov 03, 2009 11:23 am
by chris_s_22
please help me! where am i going wrong?
if i put the registration form directly in index.php it works fine but if you read my notes in maincontent.php you can see why i want it to work this way.
i want everything done in php.

index.php - this as you can see calls for various parts of my site will be .css to style page later.

Code: Select all

 
<html>
<head>
<link href="style.css" rel="stylesheet" type="text/css">
</head>
<body>
<?php include "logo.php";?>
<?php include "navigationbar.php";?>
<?php include_once "registrationform.php"; ?>
<?php include_once "footer.php";?>
</body>
</html>
 
maincontent.php - This calls and displays registration form but has you can see from my notes of my future intentions.

Code: Select all

 
<?php
// include 'Connect.php';
//if (!is_authed()) 
//{
     include "registrationform.php";// if not logged in display registrationform.php
//}
//else
//{ // now logged in
//  include_once "pages/home.php";// if logged in show home.php
//}
// if home is pressed show    <a href="../pages/home.php"></a> 
// if profile is pressed show <a href="../profile/index.php"></a>  
// if inbox is pressed show   <a href="../inbox/index.php"></a> 
// if search is pressed show  <a href="../search/index.php"></a>
// if links is pressed show   <a href="../links/index.php"></a>
// if logout is pressed show  <a href="../pages/logout.php"></a>
?>
 
registrationform.php - this is just the form

Code: Select all

 
<form action="register.php" method="POST" name="myform2">
Username:
<input type="text" size="20" maxlength="20" name="username" value="" align="" tabindex="">
Email:
<input type="text" size="20" maxlength="100" name="email" value="" align="" tabindex="">
Date Of Birth:  
<select name="dobday">
<option value="1">1</option>
etc etc
<option value="31">31</option>
</select>
 
<select name="dobmonth">
<option value="January">January</option>
etc etc     
<option value="December">December</option>
</select> 
 
<select name="dobyear">
<option value="2009">2009</option>
etc etc
<option value="1900">1900</option>
</select>
 
Password:
<input type="password" size="20" maxlength="20" name="password" value="" align="" tabindex="">
Confirm Password:
<input type="password" size="20" maxlength="20" name="confirmpassword" value="" align="" tabindex="">
<input type="submit" value="Register" name="registereddate" align=""  tabindex="">   
 
register.php - this recieves data from form and validates form input

Code: Select all

 
<?php
// Include init file
include 'Connect.php';
 
if(isset($_POST[submit])) // checks if received name-email-date of birth-password data came from index.php
{
     // Show the form
     include 'index.php';
     exit;
}
else
{
    if (empty($_POST['username']) || empty($_POST['email']) || empty($_POST['password']) || empty($_POST['confirmpassword']))// Check if any of the fields are missing
    {
        // Reshow the form with an error
        $reg_error1 = 'One or more fields missing';
        include 'index.php';
        exit;
    }
//CHECKS USERNAME
    if(trim($_POST[username])=='' || strlen(trim($_POST[username])) < 6 || strlen(trim($_POST[username])) >12)
    {
        // Reshow the form with an error
        $reg_error2 = "Your username must be at least 6 characters in length!<br />";
        include 'index.php';
        exit;  
    }
    //if 
    //{
    // Reshow the form with an error
    //  $reg_error2 = "Your username must only contain letter and numbers and be at least 6 characters but no longer than 12 characters in length!<br />";
    //  include 'index.php';
    //  exit;  
    //}
 
//CHECKS EMAIL
    if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $_POST[email])) 
    { 
        $reg_error3 = "The e-mail you entered was not in the proper format!"; 
        include 'index.php';
        exit; 
    }
    
    //if 
    //{ 
    //  $reg_error3 = "e-mail you entered is already registered!"; 
    //    include 'index.php';
    //  exit; 
    //}
 
 
//CHECKS DATE OF BIRTH
    //if 
    //{ 
    //  $reg_error3 = "you must be over 16"; 
    //    include 'index.php';
    //  exit; 
    //}
    // CHECK DOBDAY IS A NUMBER FROM 1 TO 31
    // CHECK DOBMONTH IS EITHER JAN FEB ETC
    // CHECK DOBYEAR CHECK IT IS A NUMBER + A NUMBER BETWEEN 1990+ 1900 ETC 
 
//CHECKS PASSOWORD AND CONFIRMPASSWORD       
    if ($_POST['password'] != $_POST['confirmpassword'])// Check if the passwords match
    {
        // Reshow the form with an error
        $reg_error4 = 'Your passwords do not match';
        include 'index.php';
        exit;
    }
    // CHECK PASSWORD ONLY HAS LETTER AND NUMBERS
 
    // Everything is ok, register
    user_register ($_POST['username'], $_POST['email'], $_POST['dobday'], $_POST['dobmonth'], $_POST['dobyear'], $_POST['password']);
    echo "registered";
}
?>
 
the connect.php contains conections details and also includes function.php

function.php

Code: Select all

 
function user_register($username, $email, $dobday, $dobmonth, $dobyear, $password)
{  
     $salt = generate_salt();// Get a salt using our function
     $encrypted = md5(md5($password).$salt);// Now encrypt the password using that salt
     $registereddate = date("Y-m-d"); // get registereddate
     $confirm_code=md5(uniqid(rand()));   // Get a confirmation code                        
    // checks if username in use
    $query = mysql_query("SELECT * FROM members WHERE username = '". $username ."'");
    if (mysql_num_rows($query) > 0)
    {   
    // Reshow the form with an error
    $username_error = 'username already taken';
    include 'index.php';
    exit;
    }
    // And lastly, store the information in the database
    $query = "insert into members (username, email, dobday, dobmonth, dobyear, password, salt, registereddate, confirmation) values ('$username', '$email', '$dobday', '$dobmonth', '$dobyear', '$encrypted', '$salt', '$registereddate', '$confirm_code')";
    $result= mysql_query ($query) or die ('Could not create user.');
    // if suceesfully inserted data into database, send confirmation link to email 
    if($result)
    {
    // send e-mail from ...
    $headers = "From: NEWTEACH";
    // send e-mail to ...
    $to=$email;
    // Your subject
    $subject="Registration ... Your confirmation link here";
    // Your messages and contents of the actual email 
    $message="Hi ' . $username . ' \r\n";
    $message.="Your Comfirmation link \r\n";
    $message.="Click on this link to activate your account \r\n";
    $message.="http://domainname.co.uk/NEWTEACH/_registration/confirmationcheck.php?passkey=$confirm_code&user_email=$user_email";// send email
    // send email
    $sentmail = mail($to,$subject,$message,$headers);
    }
    // if not found 
    else 
    {   
        $sentmail_error = 'Not found your email in our database';
        include 'index.php';
        exit;
    }
    // if your email succesfully sent
    if($sentmail)
    {
        $confirmation_success = 'you registration process is almost done please go to your email account and click on the email verification link.<br>
    It is usually instant but please note it can take upto 24hours for the confirmation link to get to you. ';
        include 'index.php';
        exit;
    }
    else 
    {
        $failsend_error = 'Cannot send Confirmation link to your e-mail address';
        include 'index.php';
        exit;
    }
 
}
 
just if you need to know my file structure
index isnt in a folder
include folder contains the files index.php calls for + connect.php and functions.php
registration folder contains registration.php, register.php and confirmationcheck.php

im not expecting someone to do the work for my just help and advise where i am going wrong. However if you can help with any the code that isnt done with notes next to it be gratfully recieved but try keep it simple and with notes so i can understand what is happening

Re: where am i going wrong registration form

Posted: Tue Nov 03, 2009 1:52 pm
by socalocmatt
I think that the issue is calling the pages in different folders. Example:

if index is including registrationform.php which is in the folder called register it should look something like:

include "register/registrationform.php";

Now if registrationform.php is including connect.php which is also in the register folder, and registrationform.php is being called from index.php which is found in your web root, it would look like:

include "register/connect.php";
not
include "connect.php";

This is because registrationform.php is being used in the web root folder by index.php. If index.php is in the folder called index, then you should use the absolute server path for the included file. Example:

if index.php is in folder index (website.com/index/) and wants to connect to registrationform.php in folder register (website.com/register/):

include "/server_root/web_site_root/html_files/register/registrationform.php";

Suggestion, IMHO:

Bring the registration files to root along with the index.php, that way you can include the registration forms without worrying about folders, subfolders, server paths. Then keep the connection.php, css files, and function.php in the include folder.