Hopefully a simple problem with my script.

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

because the ) is after the literal
but you're right, it should not be removed. It just must go into the literal ;)

Code: Select all

$insert = "INSERT INTO users(uname, pword, email, age, gender) VALUES('".$username."', '".$password."', '".$email."', '".$age."', '".$gender."')";
User avatar
Kriek
Forum Contributor
Posts: 238
Joined: Wed May 29, 2002 3:46 am
Location: Florida
Contact:

Post by Kriek »

heh, to quote myself.
Kriek wrote:Syntax errors will be the death of me.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

with mysqli (man page) and parameterized queries more widely spread readability and security will (hopefully) improve ;)
Seifer
Forum Commoner
Posts: 25
Joined: Wed Oct 15, 2003 10:03 pm
Location: Columbia City, IN
Contact:

Post by Seifer »

Okay, you guys lost me lol..
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

Kriek has corrected the last script and it should be working
viewtopic.php?t=13715#65148
User avatar
Kriek
Forum Contributor
Posts: 238
Joined: Wed May 29, 2002 3:46 am
Location: Florida
Contact:

Post by Kriek »

The use of ini_set() function might prove to be easier and less confusing than php_flag in .htaccess.

Code: Select all

<?php 
    ob_start(); 
    session_start(); 
    error_reporting(2039);
    ini_set('display_errors', 1);
?> 
<html> 
<head> 
<title>Processing..</title> 
</head> 
<body> 
<?php 
    $dom = $_SERVER&#1111;'SERVER_NAME']; 
    $dbuser = 'username'; 
    $dbpass = 'password'; 
    $dbname = 'database'; 
    $username = mysql_escape_string($_POST&#1111;'username']); 
    $password = mysql_escape_string($_POST&#1111;'password']); 
    $email = mysql_escape_string($_POST&#1111;'email']); 
    $age = mysql_escape_string($_POST&#1111;'age']); 
    $gender = mysql_escape_string($_POST&#1111;'gender']); 
    $subject = 'Thank you for signing up!'; 
    $message = "Thank you for signing up, $username!\n"; 
    $message .= "Here is your user information:\n"; 
    $message .= "Username: $username\n Password: $password\n"; 
    $additional = 'registration@travisbsd.org'; 
    $link = mysql_connect($dbhost, $dbuser, $dbpass) or die(mysql_error()); 
    $sdb = mysql_select_db($dbname, $link) or die(mysql_error()); 
    $query = "SELECT uname FROM users WHERE uname='$username'"; 
    $check = mysql_query($query, $link) or die(mysql_error()); 
    if (mysql_num_rows($check) <= 0) &#123; 
        mail($email, $subject, $message, $additional); 
        $insert = "INSERT INTO users(uname, pword, email, age, gender) VALUES('".$username."', '".$password."', '".$email."', '".$age."', '".$gender."')"; 
        mysql_query($insert, $link) or die(mysql_error()); 
        header('Location: http://' . $dom . '/seifer.travisbsd.org'); 
    &#125; else &#123; 
        echo 'Username has already been taken!'; 
    &#125; 
?> 
</body> 
</html> 
<?php 
    mysql_close($link); 
    ob_end_flush(); 
?>
Post Reply