Registration Form

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Mister_Bob
Forum Newbie
Posts: 15
Joined: Thu Apr 08, 2010 6:59 pm

Registration Form

Post by Mister_Bob »

If anyone could tell me where I am going wrong it would be appreciated. The form is working and going through to the database it just isnt telling me on registration.php what the error is if it fails ie. no username.

register.php

Code: Select all

<div id="content">
<?php
	if( isset($_SESSION['ERRMSG_ARR']) && is_array($_SESSION['ERRMSG_ARR']) && count($_SESSION['ERRMSG_ARR']) >0 ) {
		echo '<ul class="err">';
		foreach($_SESSION['ERRMSG_ARR'] as $msg) {
			echo '<li>',$msg,'</li>'; 
		}
		echo '</ul>';
		unset($_SESSION['ERRMSG_ARR']);
	}
?>
<form id="Register" name="Register" method="post" action="register-exec.php">
  <table width="505" align="center" cellpadding="2" cellspacing="0">
      <td align="center" colspan="2"><img src="images/register.png" width="155" height="30" alt="Register"/>
</td>
      </tr>
             <tr>
      <td colspan="2">&nbsp;</td>
     </tr>
      <tr >
      <th border="1" bordercolor="#FFCC00" bgcolor="#FFFF99"  align="left" width="157">UserName </th>
      <td  border="1" bordercolor="#FFCC00" bgcolor="#FFFF99"  width="338"><input name="username" type="text" class="textfield" id="username" size="25" maxlength="25" /></td>
    </tr>
       <tr>
      <td colspan="2">&nbsp;</td>
     </tr>
    <tr>
      <th border="1" bordercolor="#FFCC00" bgcolor="#FFFF99"  align="left">Password</th>
      <td border="1" bordercolor="#FFCC00" bgcolor="#FFFF99"  ><input name="password" type="password" class="textfield" id="password" size="25" maxlength="100" /></td>
    </tr>
    <tr>
      <th border="1" bordercolor="#FFCC00" bgcolor="#FFFF99"   align="left">Confirm Password </th>
      <td border="1" bordercolor="#FFCC00" bgcolor="#FFFF99"  ><input name="cpassword" type="password" class="textfield" id="cpassword" size="25" maxlength="100" /></td>
    </tr>
           <tr>
      <td colspan="2">&nbsp;</td>
     </tr>
        <tr>
      <th border="1" bordercolor="#FFCC00" bgcolor="#FFFF99"   align="left">Email </th>
      <td border="1" bordercolor="#FFCC00" bgcolor="#FFFF99"  ><input name="email" type="text" class="textfield" id="email" size="25" maxlength="100" /></td>
    </tr>
            <tr>
      <th border="1" bordercolor="#FFCC00" bgcolor="#FFFF99"  align="left">Comfirm Email </th>
      <td border="1" bordercolor="#FFCC00" bgcolor="#FFFF99"  ><input name="cemail" type="text" class="textfield" id="cemail" size="25" maxlength="188" /></td>
    </tr>
           <tr>
      <td colspan="2">&nbsp;</td>
     </tr>
    <tr>
    <th border="1" bordercolor="#FFCC00" bgcolor="#FFFF99" align="left">Basic Membership </th>
    <th border="1" bordercolor="#FFCC00" bgcolor="#FFFF99" align="left" >
        <input type="radio" name="basic" id="subscription" value="basic" checked/> &#163;1 p/m
    </td></tr>
    <tr>
    <tr>
    <th border="1" bordercolor="#FFCC00" bgcolor="#FFFF99" align="left">Gold Membership </th>
    <th border="1" bordercolor="#FFCC00" bgcolor="#FFFF99" align="left" >
    <input type="radio" name="gold" id="subscription" value="gold" unchecked/> &#163;2 p/m</td></tr>
    <tr>
      <th border="1" bordercolor="#FFCC00" bgcolor="#FFFF99"  align="left">Paypal Email </th>
      <td border="1" bordercolor="#FFCC00" bgcolor="#FFFF99"  ><input name="pemail" type="text" class="textfield" id="cemail" size="25" maxlength="188" /> Please ensure this is correct as payments will be sent here.</td>
    </tr>
    <tr>
      <td colspan="2"></td>
     </tr>
     <tr>
      <td colspan="2">&nbsp;</td>
     </tr>
      <td align="center" colspan="2"><input type="image" name="Submit" src="images/registerbtn.png" alt="Register" method="post" action="register-exec.php"/>
</td>
      </tr>
  </table>
</form>
</div>
register-exec.php

Code: Select all

<?php
	//Start session
	session_start();
	
	//Include database connection details
	require_once('dbconfig.php');
	
	//Array to store validation errors
	$errmsg_arr = array();
	
	//Validation error flag
	$errflag = false;
	
	//Connect to mysql server
	$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
	if(!$link) {
		die('Failed to connect to server: ' . mysql_error());
	}
	
	//Select database
	$db = mysql_select_db(DB_DATABASE);
	if(!$db) {
		die("Unable to select database");
	}
	
	//Function to sanitize values received from the form. Prevents SQL injection
	function clean($str) {
		$str = @trim($str);
		if(get_magic_quotes_gpc()) {
			$str = stripslashes($str);
		}
		return mysql_real_escape_string($str);
	}
	
	//Sanitize the POST values
	$username = clean($_POST['username']);
	$password = clean($_POST['password']);
	$cpassword = clean($_POST['cpassword']);
	$email= clean($_POST['email']);
	$cemail = clean($_POST['cemail']);
	$pemail = clean($_POST['pemail']);
	$subscription = clean($_POST['subscription']);
	//Input Validations
	if($username == '') {
		$errmsg_arr[] = 'Username missing';
		$errflag = true;
	}
	if($password == '') {
		$errmsg_arr[] = 'Password missing';
		$errflag = true;
	}
	if($cpassword == '') {
		$errmsg_arr[] = 'Confirm password missing';
		$errflag = true;
	}
	if( strcmp($password, $cpassword) != 0 ) {
		$errmsg_arr[] = 'Passwords do not match';
		$errflag = true;
	}
		if($email == '') {
		$errmsg_arr[] = 'Email missing';
		$errflag = true;
	}
	if($cemail == '') {
		$errmsg_arr[] = 'Confirm email missing';
		$errflag = true;
	}
	if( strcmp($email, $cemail) != 0 ) {
		$errmsg_arr[] = 'Emails do not match';
		$errflag = true;
	}
	//Check for duplicate username
	if($username != '') {
		$qry = "SELECT * FROM Users WHERE username='$username'";
		$result = mysql_query($qry);
		if($result) {
			if(mysql_num_rows($result) > 0) {
				$errmsg_arr[] = 'Username already in use';
				$errflag = true;
			}
			@mysql_free_result($result);
		}
		else {
			die("Query failed");
		}
	}
	
	//Check for duplicate email
	if($email != '') {
		$qry = "SELECT * FROM Users WHERE email='$email'";
		$result = mysql_query($qry);
		if($result) {
			if(mysql_num_rows($result) > 0) {
				$errmsg_arr[] = 'Email already in use';
				$errflag = true;
			}
			@mysql_free_result($result);
		}
		else {
			die("Query failed");
		}
	}
	
	//If there are input validations, redirect back to the registration form
	if($errflag) {
		$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
		session_write_close();
		header("location: register.php");
		exit();
	}

	//Create INSERT query
	$qry = "INSERT INTO Users(Username, PaypalEmail, Email, Subscription, Password) VALUES('$username','$pemail','$email','$subscription','".md5($_POST['password'])."')";
	$result = @mysql_query($qry);
	
	//Check whether the query was successful or not
	if($result) {
		header("location: register-success.php");
		exit();
	}else {
		die("Query failed");
	}
?>
Thank you in advance if anyone is able to help with this.

Bob
Mister_Bob
Forum Newbie
Posts: 15
Joined: Thu Apr 08, 2010 6:59 pm

Re: Registration Form

Post by Mister_Bob »

Ok ignore me I'm a crazy person :D I missed my session_start(); on top of my page :D FIN
Post Reply