Page 1 of 2

I just want it to work!

Posted: Wed Oct 05, 2005 7:11 pm
by elecktricity
can somebody tell me why my code isnt working, i've tried almost everything and it just dosnt seem to work right. For some reason it isnt recognizing the variables, im not sure why, can somebody tell me what I did wrong.

register.php

Code: Select all

<form action="/processregister.php" method="get">
<table width="455" cellpadding="0" cellspacing="0" border="0" class="header1">
<tr>
<th colspan="2" height="20" class="header2">User Info:</th>
</tr>
<tr>
<td valign="middle" width="163" class="header8">&nbsp;&nbsp;Name:</td>
<td valign="middle" class="header8"><input maxlength="50" class="text3" type="text" name="name"></td>
</tr>
<tr>
<td valign="middle" width="163" class="header9">&nbsp;&nbsp;Passwords:</td>
<td valign="middle" class="header9"><input maxlength="16" class="text3" type="password" name="pwd"></td>
</tr>
<tr>
<td valign="middle" width="163" class="header8">&nbsp;&nbsp;Confirm Password:</td>
<td valign="middle" class="header8"><input maxlength="16" class="text3" type="password" name="pwd2"></td>
</tr>
<tr>
<td valign="middle" width="163" class="header9">&nbsp;&nbsp;Email:</td>
<td valign="middle" class="header9"><input maxlength="55" class="text3" type="text" name="email"></td>
</tr>
<tr>
<th colspan="2" height="20" class="header2">About You:</th>
</tr>
<tr>
<td valign="middle" width="163" class="header8">&nbsp;&nbsp;ICQ:</td>
<td valign="middle" class="header8"><input maxlength="40" class="text3" type="text" name="icq"></td>
</tr>
<tr>
<td valign="middle" width="163" class="header9">&nbsp;&nbsp;AIM:</td>
<td valign="middle" class="header9"><input maxlength="40" class="text3" type="text" name="aim"></td>
</tr>
<tr>
<td valign="middle" width="163" class="header8">&nbsp;&nbsp;MSN:</td>
<td valign="middle" class="header8"><input maxlength="40" class="text3" type="text" name="msn"></td></tr>
</tr>
<tr>
<td valign="middle" width="163" class="header9">&nbsp;&nbsp;Yahoo!:</td>
<td valign="middle" class="header9"><input maxlength="40" class="text3" type="text" name="yahoo"></td>
</tr>
<tr>
<td valign="middle" width="163" class="header8">&nbsp;&nbsp;Website:</td>
<td valign="middle" class="header8"><input maxlength="55" class="text3" type="text" name="website"></td>
</tr>
<tr>
<td valign="middle" width="163" class="header9">&nbsp;&nbsp;Location:</td>
<td valign="middle" class="header9"><input maxlength="55" class="text3" type="text" name="location"></td>
</tr>
<tr>
<td valign="middle" width="163" class="header8">&nbsp;&nbsp;Intrists:</td>
<td valign="middle" class="header8"><input maxlength="55" class="text3" type="text" name="intrists"></td>
</tr>
<tr>
<th colspan="2" height="20" class="header2" style="border-bottom: 1px solid black;"><input class="text3" type="submit" name="Register!"></th>
</tr>
</table>
</form>
processregister.php

Code: Select all

<?PHP
$name=$HTTP_POST_VARS['name'];
$pwd=$HTTP_POST_VARS['pwd'];
$pwd2=$HTTP_POST_VARS['pwd2'];
$email=$HTTP_POST_VARS['email'];
$icq=$HTTP_POST_VARS['icq'];
$aim=$HTTP_POST_VARS['aim'];
$msn=$HTTP_POST_VARS['msn'];
$yahoo=$HTTP_POST_VARS['yahoo'];
$website=$HTTP_POST_VARS['website'];
$location=$HTTP_POST_VARS['location'];
$intrists=$HTTP_POST_VARS['intrists'];
$dbh=mysql_connect ("localhost", "root", "password") or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ("database"); 

include('/header.php');
if ($name='')
{
 echo '<p class="text">You did not fill out all the necessary fields, please go back and enter in a name.</p>';
 include('/footer.php');
 exit;
}

if ($pwd='')
{
 echo '<p class="text">You did not fill out all the necessary fields, please go back and enter in a password.</p>';
 include('/footer.php');
 exit;
}

if ($pwd2='')
{
 echo '<p class="text">You did not fill out all the necessary fields, please go back and enter in a password.</p>';
 include('/footer.php');
 exit;
}

if ($email='')
{
 echo '<p class="text">You did not fill out all the necessary fields, please go back and enter in a email.</p>';
 include('/footer.php');
 exit;
}

if ($pwd != $pwd2)
{
 echo '<p class="text">Sorry the passwords didnt match, please go back and try again.</p>';
 include('/footer.php');
 exit;
}
$dbquery = mysql_query("INSERT INTO `users` ( `name`, `password`, `email`, `icq`, `aim`, `msn`, `yahoo`, `website`, `location`, `intrists`) VALUES ($name, $pwd, $email, $icq, $aim, $msn, $yahoo, $website, $location, $intrists )");
 echo '<p class="text">Thank you for registering, $name !</p>';
 include('/footer.php');
?>

Posted: Wed Oct 05, 2005 7:17 pm
by Luke
What isn't recognizing the variables.
I'd use $_GET instead of $HTTP_POST_VARS but I might be wrong Or change your form to use POST and then it should work... I think.

Jcart | Put your 3 sequential posts into 1, please familiarize yourself with the edit button

Posted: Wed Oct 05, 2005 7:22 pm
by Zoxive
Why are you using ... instead of $_POST['var'] ?

Im recently new, and just wanted to know, are you working on an older version of php?

-NSF

Posted: Wed Oct 05, 2005 7:24 pm
by elecktricity
I tried using the "$_GET" and then I tried the "post" but neither of them worked it just keeps displaying "Thank you for registering, $name !" it wont add anything to the database and it wont check to see if the variables equal anything like if the passwords are different it dosnt display the error message.

EDIT: im new to this as well and am not sure which version is installed

Posted: Wed Oct 05, 2005 7:27 pm
by Luke
Change the form method to post and then use $_POST['whatever']

Where's the magical feyd??

Posted: Wed Oct 05, 2005 7:30 pm
by mickd
2 things:

either:

change the get in there to post

Code: Select all

<form action="/processregister.php" method="[b]get[/b]">
and change the

Code: Select all

$HTTP_POST_VARS

to

$_POST
unless your using a very old php version leave it

or:

leave the get as get and change the

Code: Select all

$HTTP_POST_VARS

to

$_GET

or

$HTTP_GET_VARS
use $HTTP_GET_VARS only if your running an extremely old version of php.

Posted: Wed Oct 05, 2005 7:38 pm
by Jenk
To clarify:

Use:

<form action="/processregister.php" method="post">

$_POST['var'] not $HTTP_POST_VARS['var']

Posted: Wed Oct 05, 2005 7:42 pm
by elecktricity
Well I did what you guys said to do and it still aint working... not sure why

Code: Select all

<form action="/processregister.php" method="post">
<table width="455" cellpadding="0" cellspacing="0" border="0" class="header1">
<tr>
<th colspan="2" height="20" class="header2">User Info:</th>
</tr>
<tr>
<td valign="middle" width="163" class="header8">&nbsp;&nbsp;Name:</td>
<td valign="middle" class="header8"><input maxlength="50" class="text3" type="text" name="name"></td>
</tr>
<tr>
<td valign="middle" width="163" class="header9">&nbsp;&nbsp;Passwords:</td>
<td valign="middle" class="header9"><input maxlength="16" class="text3" type="password" name="pwd"></td>
</tr>
<tr>
<td valign="middle" width="163" class="header8">&nbsp;&nbsp;Confirm Password:</td>
<td valign="middle" class="header8"><input maxlength="16" class="text3" type="password" name="pwd2"></td>
</tr>
<tr>
<td valign="middle" width="163" class="header9">&nbsp;&nbsp;Email:</td>
<td valign="middle" class="header9"><input maxlength="55" class="text3" type="text" name="email"></td>
</tr>
<tr>
<th colspan="2" height="20" class="header2">About You:</th>
</tr>
<tr>
<td valign="middle" width="163" class="header8">&nbsp;&nbsp;ICQ:</td>
<td valign="middle" class="header8"><input maxlength="40" class="text3" type="text" name="icq"></td>
</tr>
<tr>
<td valign="middle" width="163" class="header9">&nbsp;&nbsp;AIM:</td>
<td valign="middle" class="header9"><input maxlength="40" class="text3" type="text" name="aim"></td>
</tr>
<tr>
<td valign="middle" width="163" class="header8">&nbsp;&nbsp;MSN:</td>
<td valign="middle" class="header8"><input maxlength="40" class="text3" type="text" name="msn"></td></tr>
</tr>
<tr>
<td valign="middle" width="163" class="header9">&nbsp;&nbsp;Yahoo!:</td>
<td valign="middle" class="header9"><input maxlength="40" class="text3" type="text" name="yahoo"></td>
</tr>
<tr>
<td valign="middle" width="163" class="header8">&nbsp;&nbsp;Website:</td>
<td valign="middle" class="header8"><input maxlength="55" class="text3" type="text" name="website"></td>
</tr>
<tr>
<td valign="middle" width="163" class="header9">&nbsp;&nbsp;Location:</td>
<td valign="middle" class="header9"><input maxlength="55" class="text3" type="text" name="location"></td>
</tr>
<tr>
<td valign="middle" width="163" class="header8">&nbsp;&nbsp;Intrists:</td>
<td valign="middle" class="header8"><input maxlength="55" class="text3" type="text" name="intrists"></td>
</tr>
<tr>
<th colspan="2" height="20" class="header2" style="border-bottom: 1px solid black;"><input class="text3" type="submit" name="Register!"></th>
</tr>
</table>
</form>

Code: Select all

<?PHP
$_POST['name'];
$_POST['pwd'];
$_POST['pwd2'];
$_POST['email'];
$_POST['icq'];
$_POST['aim'];
$_POST['msn'];
$_POST['yahoo'];
$_POST['website'];
$_POST['location'];
$_POST['intrists'];
$dbh=mysql_connect ("localhost", "root", "password") or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ("database"); 

include('/header.php');
if ($name='')
{
 echo '<p class="text">You did not fill out all the necessary fields, please go back and enter in a name.</p>';
 include('/footer.php');
 exit;
}

if ($pwd='')
{
 echo '<p class="text">You did not fill out all the necessary fields, please go back and enter in a password.</p>';
 include('http://www.vividgamers.com/footer.php');
 exit;
}

if ($pwd2='')
{
 echo '<p class="text">You did not fill out all the necessary fields, please go back and enter in a password.</p>';
 include('/footer.php');
 exit;
}

if ($email='')
{
 echo '<p class="text">You did not fill out all the necessary fields, please go back and enter in a email.</p>';
 include('/footer.php');
 exit;
}

if ($pwd != $pwd2)
{
 echo '<p class="text">Sorry the passwords didnt match, please go back and try again.</p>';
 include('/footer.php');
 exit;
}
$dbquery = mysql_query("INSERT INTO `users` ( `name`, `password`, `email`, `icq`, `aim`, `msn`, `yahoo`, `website`, `location`, `intrists`) VALUES ($name, $pwd, $email, $icq, $aim, $msn, $yahoo, $website, $location, $intrists )");
 echo '<p class="text">Thank you for registering, $name !</p>';
 include('/footer.php');
?>

Posted: Wed Oct 05, 2005 7:53 pm
by Jenk
change

Code: Select all

$dbquery = mysql_query("INSERT INTO `users` ( `name`, `password`, `email`, `icq`, `aim`, `msn`, `yahoo`, `website`, `location`, `intrists`) VALUES ($name, $pwd, $email, $icq, $aim, $msn, $yahoo, $website, $location, $intrists )");
To:

Code: Select all

$dbquery = mysql_query("INSERT INTO `users` ( `name`, `password`, `email`, `icq`, `aim`, `msn`, `yahoo`, `website`, `location`, `intrists`) VALUES ('$name', '$pwd', '$email', '$icq', '$aim', '$msn', '$yahoo', '$website', '$location', '$intrists' )") or die (mysql_error());
And try again. (Take note of the added apostrophies aswell as the 'or die')

If it works, change

Code: Select all

or die(mysql_error());
to

Code: Select all

or die("Error inserting record!");
because mysql_error() can output some sensitive information and you won't want the users to see it.

You will also need to read up on preventing SQL injection.

Posted: Wed Oct 05, 2005 7:57 pm
by John Cartwright
you forgot to set the variable names, silly :o

Code: Select all

$_POST['name'];
$_POST['pwd'];
$_POST['pwd2'];
$_POST['email'];
// the rest..
to

Code: Select all

$name = $_POST['name'];
$pwd = $_POST['pwd'];
$pwd2 = $_POST['pwd2'];
$email = $_POST['email'];
// the rest..
Secondly, set your error_reporting to E_ALL and see the errors fly :P
You should initialize your variables properly.

Code: Select all

$name = (!empty($_POST['name']) ? $_POST['name'] : '');
$pwd = (!empty($_POST['pwd']) ? $_POST['name'] : '');
better way to handle this whole situation:

Code: Select all

$required = array('name','pwd','pwd2'); //include rest of variables
foreach ($required as $postname) {
   $$postname = (!empty($_POST[$postname]) ? $_POST[$postname] : '');
}
That will initialize all your variables properly, aswell as set all the variable names instead of having to

Code: Select all

$name = $_POST['name'];
$pwd = $_POST['pwd'] 
//and so on..
Also try echoing out your query before executing to see if the SQL is what you expect

Posted: Wed Oct 05, 2005 7:58 pm
by mickd
closer look i noticed many things,

all the if statements that are like this

Code: Select all

if ($pwd='')
should be

Code: Select all

if ($pwd=='')
2 = signs are used to compare value.

also all the places you included the relative url for example

action="/processregister.php"
include('/header.php');

im pritty sure (not 100%) that if you have a / at the front it goes from the very base directory (unless you want that) else it should not have the / (meaning the files will be in the same folder)

also in the mysql query to insert the values, all the values inputted should be in '.

for example

Code: Select all

$dbquery = mysql_query("INSERT INTO `users` ( `name`, `password`, `email`, `icq`, `aim`, `msn`, `yahoo`, `website`, `location`, `intrists`) VALUES ('$name', '$pwd', '$email', '$icq', '$aim', '$msn', '$yahoo', '$website', '$location', '$intrists' )");
also, if you want to echo a variable, youll have to do one of these 2

Code: Select all

echo 'I am echoing ' . $variable . '.';
or

Code: Select all

echo "I am echoing $variable.";
reason is: if you use ', php will interpret everything inside as just the text with no variables, using " php will scan the text and replace any variables it finds in it.

Posted: Wed Oct 05, 2005 8:48 pm
by elecktricity
Allright thanks guy it works great now I kinda feel dumb for making all those careless mistakes lol, but I noticed while testing it that you can add more than one person with the same name is there a way to get it to were it wont allow this? I tried using this script:

Code: Select all

$result = mysql_query("SELECT FROM * WHERE name='%".$name."%'");
$num = mysql_num_rows($result);
if ($num=='1')
{
 echo 'Sorry Username allready taken, please go back and try again';
 include ('/footer.php');
 exit;
}
but it dosnt seem to be working, lol I just hope it isnt some dumb little error

Posted: Wed Oct 05, 2005 8:54 pm
by Jenk
You could also assign the field on the mysql table to be unique, thus duplicating the name cannot happen.

Posted: Wed Oct 05, 2005 8:58 pm
by John Cartwright
just do a query to see if the name exists..

Posted: Wed Oct 05, 2005 9:03 pm
by Jenk
As well as setting the name field on the table to unique..