Page 1 of 1

add user page <<error>> help mee pls

Posted: Fri May 04, 2012 10:42 am
by viddz
my add user page always shows login must contain only letters, numbers and underscores! error. Can any1 help me to debug it

Code: Select all

<?php 
session_start(); 
if ($_POST['adduserForm']) { 

    if(!isset($_SESSION['SESS_LOGIN']) || $_SESSION['SESS_TYPE'] !='admin')// if session variable "login" does not exist.   
    { 
        echo '<script language="javascript">'; 
        echo  'alert("Please login as ADMINISTRATOR to add a user");';  
        echo    ' window.location.replace("index.html");'; 
        echo  '</script>';                 

//header("location:login-form.php"); // Re-direct to login-form.php  

    } else { 
        include("config.php"); 

        $login    = mysql_real_escape_string($_POST['login']); 
        $password = mysql_real_escape_string($_POST['password']); 
        $type     = mysql_real_escape_string($_POST['type']); 
     
        $password = ("This is salt text1" . md5($password) . "another salt for more security"); 

        $checkformembers = mysql_query("SELECT * FROM members WHERE login='$login'"); 
        if(mysql_num_rows($checkformembers) != 0) 
        { 
           
            echo  '<script language="javascript">'; 
            echo  'alert("Username already in use. Please try again.!" );'; 
            echo  '</script>';  
        } else { 

            $qry_add = " INSERT INTO members 
            (login, password,type ) 
             VALUES ('$login', '$password', '$type') "; 

            $count = mysql_query("SELECT COUNT(login) FROM members WHERE login='$login'"); 
            if($count==1) 
            { 
                echo "<font color=red> Duplicate Entry. Please Verify login</font>"; 
            } else { 
                 
                if($result=mysql_query($qry_add)) 
                { 
                     echo  '<script language="javascript">'; 
                     echo  'alert("you have successfully added one user !" );'; 
                                 
                    //echo "<br><font color=green size=+1 >you have successfully added one user ! <br>[ username = $login ] </font>" ; 
                    //echo    ' window.location.reload("adduser.php");'; 
                     echo  '</script>';  
                } else { 
                    echo "<br><font color=red size=+1 >Problem in Adding !</font>" ; 
                    echo "ERROR - unable to save new username and password!<br>"; 
                    $SQLError =  "SQL ERROR: ".mysql_errno().".  ".mysql_error()."<BR><BR>"; 
                    echo "$SQLError"; 
                    mysql_close(); 
                } 
            } 
        } 
    } 
    echo "<BR><BR>"; // just to create a little space between anything sent prior to the form 
} 
?> 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml"> 
<head> 
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 
<title>Add user</title> 



<script type="text/javascript"> 

  function validateForm(){ 
      with (document.adduserForm) 
       
  { 
    if(login.value == "") { 
      alert("Error: login cannot be blank!"); 
      login.focus(); 
      return false; 
    } 
     if(login.value.length < 4) { 
        alert("Error:Login must contain at least four characters!"); 
        login.focus(); 
        return false; 
       
      } 
     
    re = /^w+$/; 
    if(!re.test(login.value)) { 
      alert("Error: login must contain only letters, numbers and underscores!"); 
      login.focus(); 
      return false; 
    } 

    if(password.value == "" ) { 
    alert("Error: Password field cannot be blank !"); 
      password.focus(); 
      return false; 
    } 
      if(password.value.length < 4) { 
        alert("Error: Password must contain at least four characters!"); 
        password.focus(); 
        return false; 
      } 
             
          if(!re.test(password.value)) { 
      alert("Error: Password must contain only letters, numbers and underscores!"); 
      password.focus(); 
      return false; 
       
      } 

      
     
    else  
       
       // alert("You have added a new user : " + login.value); 
    return true; 
   
  }} 
</script> 

<link href="table.css" rel="stylesheet" type="text/css" media="screen" /> 

</head> 

<body> 


<form ACTION="#" name="adduserForm" id="adduserForm" METHOD="POST" align="center" onsubmit="return validateForm()" > 

<div align="center"><center> 
  <table width="436" id="table"> 
    <tr> 
      <td width="214">username</td> 
      <td width="254"><input name="login" maxlength="10" id="login"/></td> 
    </tr> 
    <tr> 
      <td>password</td> 
      <td><input type="password" id="password" name="password" maxlength="10"/></td> 
    </tr> 
    <tr> 
      <td>Select user type :</td> 
      <td><select  name="type" id="type"> 
        <option value="admin"> Admin </option> 
        <option value="labassistant"> Lab Assistant </option> 
        <option value="storekeeper"> Store Keeper </option> 
      </select></td> 
    </tr> 
     
    <tr> 
      <td></td> 
      <td><input type="submit" name="button" id="button" value="save"/></td> 
    </tr> 
  </table> 
</center></div> 
       
      </form> 
</body> 
</html>

Re: add user page <<error>> help mee pls

Posted: Fri May 04, 2012 10:52 am
by x_mutatis_mutandis_x
Well its very easy to debug:

Code: Select all

re = /^w+$/; 
   if(!re.test(login.value)) { 
      alert("Error: login must contain only letters, numbers and underscores!; You have entered:" + login.value); //will tell you if this check succeeded or failed.
      login.focus(); 
      return false; 
    } 


Re: add user page <<error>> help mee pls

Posted: Fri May 04, 2012 11:01 am
by Celauran
You have a typo in your regex.

Code: Select all

re = /^\w+$/;

Re: add user page <<error>> help mee pls

Posted: Fri May 04, 2012 11:36 am
by viddz
@Celauran and x_mutatis_mutandis_x thank u both.
Yo guys will surprise i have made changes as u said. But the problem is still there. I am using dreamweaver cs4. In design mode there is something unusual thing. In design mode form (inside the table) covered with red dotted line except ist raw that means username row. I dnt knw it is a bug or not. Hope u guys will get a clue

Re: add user page <<error>> help mee pls

Posted: Fri May 04, 2012 12:34 pm
by x_mutatis_mutandis_x
viddz wrote:In design mode form (inside the table) covered with red dotted line except ist raw that means username row. I dnt knw it is a bug or not. Hope u guys will get a clue
Didn't quite understand that part. Do you mean there is red dotted line under 1st row which contains the username label, and "login" input text field? I'm guessing it may be indicating an error? I have never used Dreamwaver before so I cannot tell you what exactly it is..

Re: add user page <<error>> help mee pls

Posted: Fri May 04, 2012 12:41 pm
by Celauran
viddz wrote:I am using dreamweaver cs4.
Seriously, don't. Get a proper IDE. It will make your life significantly easier.

That aside, can you post your updated code so we can take a look?

Re: add user page <<error>> help mee pls

Posted: Fri May 04, 2012 3:01 pm
by viddz
I have removed this part

Code: Select all

re = /^w+$/; 
   if(!re.test(login.value)) { 
      alert("Error: login must contain only letters, numbers and underscores!; You have entered:" + login.value); //will tell you if this check succeeded or failed.
      login.focus(); 
      return false; 
    }
But still query dont perform. cant add user to the database :banghead: :cry:
this is the full code

Code: Select all

<?php 
session_start(); 
if ($_POST['adduserForm']) { 

    if(!isset($_SESSION['SESS_LOGIN']) || $_SESSION['SESS_TYPE'] !='admin')// if session variable "login" does not exist.   
    { 
        echo '<script language="javascript">'; 
        echo  'alert("Please login as ADMINISTRATOR to add a user");';  
        echo    ' window.location.replace("index.html");'; 
        echo  '</script>';                 

//header("location:login-form.php"); // Re-direct to login-form.php  

    } else { 
        include("config.php"); 

        $login    = mysql_real_escape_string($_POST['login']); 
        $password = mysql_real_escape_string($_POST['password']); 
        $type     = mysql_real_escape_string($_POST['type']); 
     
        $password = ("This is salt text1" . md5($password) . "another salt for more security"); 

        $checkformembers = mysql_query("SELECT * FROM members WHERE login='$login'"); 
        if(mysql_num_rows($checkformembers) != 0) 
        { 
           
            echo  '<script language="javascript">'; 
            echo  'alert("Username already in use. Please try again.!" );'; 
            echo  '</script>';  
        } else { 

            $qry_add = " INSERT INTO members 
            (login, password,type ) 
             VALUES ('$login', '$password', '$type') "; 

            $count = mysql_query("SELECT COUNT(login) FROM members WHERE login='$login'"); 
            if($count==1) 
            { 
                echo "<font color=red> Duplicate Entry. Please Verify login</font>"; 
            } else { 
                 
                if($result=mysql_query($qry_add)) 
                { 
                     echo  '<script language="javascript">'; 
                     echo  'alert("you have successfully added one user !" );'; 
                                 
                    //echo "<br><font color=green size=+1 >you have successfully added one user ! <br>[ username = $login ] </font>" ; 
                    //echo    ' window.location.reload("adduser.php");'; 
                     echo  '</script>';  
                } else { 
                    echo "<br><font color=red size=+1 >Problem in Adding !</font>" ; 
                    echo "ERROR - unable to save new username and password!<br>"; 
                    $SQLError =  "SQL ERROR: ".mysql_errno().".  ".mysql_error()."<BR><BR>"; 
                    echo "$SQLError"; 
                    mysql_close(); 
                } 
            } 
        } 
    } 
    echo "<BR><BR>"; // just to create a little space between anything sent prior to the form 
} 
?> 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml"> 
<head> 
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 
<title>Add user</title> 



<script type="text/javascript"> 

  function validateForm(){ 
      with (document.adduserForm) 
       
  { 
    if(login.value == "") { 
      alert("Error: login cannot be blank!"); 
      login.focus(); 
      return false; 
    } 
     if(login.value.length < 4) { 
        alert("Error:Login must contain at least four characters!"); 
        login.focus(); 
        return false; 
       
      } 
     
  
    if(password.value == "" ) { 
    alert("Error: Password field cannot be blank !"); 
      password.focus(); 
      return false; 
    } 
      if(password.value.length < 4) { 
        alert("Error: Password must contain at least four characters!"); 
        password.focus(); 
        return false; 
      } 
                    
       
     
    else  
       
       // alert("You have added a new user : " + login.value); 
    return true; 
   
  }} 
</script> 

<link href="table.css" rel="stylesheet" type="text/css" media="screen" /> 

</head> 

<body> 


<form ACTION="#" name="adduserForm" id="adduserForm" METHOD="POST" align="center" onsubmit="return validateForm()" > 

<div align="center"><center> 
  <table width="436" id="table"> 
    <tr> 
      <td width="214">username</td> 
      <td width="254"><input name="login" maxlength="10" id="login"/></td> 
    </tr> 
    <tr> 
      <td>password</td> 
      <td><input type="password" id="password" name="password" maxlength="10"/></td> 
    </tr> 
    <tr> 
      <td>Select user type :</td> 
      <td><select  name="type" id="type"> 
        <option value="admin"> Admin </option> 
        <option value="labassistant"> Lab Assistant </option> 
        <option value="storekeeper"> Store Keeper </option> 
      </select></td> 
    </tr> 
     
    <tr> 
      <td></td> 
      <td><input type="submit" name="button" id="button" value="save"/></td> 
    </tr> 
  </table> 
</center></div> 
       
      </form> 
</body> 
</html>

Re: add user page <<error>> help mee pls

Posted: Fri May 04, 2012 3:02 pm
by Celauran
viddz wrote:But still query dont perform. cant add user to the database
That is almost certainly a separate problem, then. What error(s) are you getting?

Re: add user page <<error>> help mee pls

Posted: Fri May 04, 2012 3:10 pm
by viddz
There are no errors. Nothing happens @ all. only the the form after reloading it.

Re: add user page <<error>> help mee pls

Posted: Fri May 04, 2012 3:19 pm
by viddz
Html form and form processing parts were in two seperate files as login.php and loginexec.php. @ that time this works perfectly all happens after i combined those two together.