Variable Specification

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
mlowery
Forum Newbie
Posts: 4
Joined: Tue Aug 31, 2004 12:30 am
Location: Texas

Variable Specification

Post by mlowery »

I am trying to write a registration form script in PHP. Here is how the script works:

A person goes to register.php and fills out the form. The form action is

Code: Select all

$_SERVER['PHP_SELF']
obviously meaning the page basically refreshes with the 'Action' being "Submitted." That will then initialize the intial if statement. That if statement first checks to see if the two passwords match each other. It then checks that the two-letter abbreviation of the state was submitted. If one of these conditions have not been met, it gives the error and then shows the form with the previosly submitted information already in the form fields. Otherwise it will submit the information into the database.

Here is the code. I'll tell you what the problem is after you've looked at the code (you'll probably be able to see it in the code anyways).

*Edited after feyd's reply.

Code: Select all

<HTML>
<HEAD>
<TITLE>Sign Up</TITLE>
</HEAD>
<BODY>
<?php $Self = $_SERVER['PHP_SELF'];
IF ($_POST['Action'] == "Submitted")
    {
       IF ($_POST['Password1'] != $_POST['Password2'])
        {
          ECHO "Your passwords did not match. Please try again";
          INCLUDE 'FORMRETRY.php';
        }
       ELSEIF ((STRLEN($_POST['Location'])) != 2)
        {
          ECHO "Please give the two-letter abbreviation of the state in which you live.";
          INCLUDE 'FORMRETRY.php';
        }
       ELSE
        {
        $Login=ADDSLASHES(HTMLSPECIALCHARS($_POST['Login']));
        $Password=md5($_POST['Password1']);
        $Email=ADDSLASHES(HTMLSPECIALCHARS($_POST['Email']));
        $Name=HTMLSPECIALCHARS($_POST['Name']);
        $Location=$_POST['Location'];
        INCLUDE ("db_connect.php");
        $sql = "INSERT into Members (Login, Password, Email, Name, Location)
                VALUES('$Login','$Password','$Email','$Name','$Location')";
        mysql_query($sql) or die(mysql_error());
        ECHO "Congratulations, you are now a member.";
        }
    }
ELSE
    {
        INCLUDE 'FORM.php';
    }
?>
</BODY>
</HTML>
In line 6 and 7 you probably noticed that there are includes. The code for the include file FORM.php is:
*Edited after feyd's reply.

Code: Select all

<form action="<?php ECHO $Self; ?>" method="POST">
<div>Desired Username:</div><INPUT TYPE="text" name="Login" SIZE="20"><br>
<div>Desired Password:</div><INPUT TYPE="password" name="Password1" SIZE="20"><br>
<div>Verify Password:</div><INPUT TYPE="password" name="Password2" SIZE="20"><br>
<div>Email Address:</div><INPUT TYPE="text" name="Email" SIZE="20"><br>
<div>First Name:</div><INPUT TYPE="text" name="First_Name" SIZE="20"><br>
<div>State:</div><INPUT TYPE="text" name="Location" SIZE="2"><br>
<input type="hidden" name="Action" value="Submitted">
<INPUT TYPE="submit" action="submit" name="submit" value="Register">
The code to the file FORMRETRY.php is:
*Edited after feyd's reply.

Code: Select all

<form action="<?php ECHO $Self; ?>" method="post">
<div>Desired Username:</div>
<INPUT TYPE="text" name="Login" SIZE="20" VALUE="<?php ECHO $_POST['Login']; ?>"><br>
<div>Desired Password:</div><INPUT TYPE="password" name="Password1" SIZE="20"><br>
<div>Verify Password:</div><INPUT TYPE="password" name="Password2" SIZE="20"><br>
<div>Email Address:</div><INPUT TYPE="text" name="Email" SIZE="20" VALUE="<?php ECHO $_POST['Email']; ?>"><br>
<div>First Name:</div><INPUT TYPE="text" name="First_Name" SIZE="20" VALUE="<?php ECHO $_POST['First_Name']; ?>"><br>
<div>State:</div><INPUT TYPE="text" name="Location" SIZE="2" VALUE="<?php ECHO $_POST['Location']; ?>"><br>
<input type="hidden" name="Action" value="Submitted">
<INPUT TYPE="submit" action="submit" name="submit" value="Register">
Here is a visual of the problem I'm running into:
http://mlowery.t35.com/CMS/register.php

According to my logic, initially:

Code: Select all

$_POST['Action'] != 'Submitted'
Therefore only "$Form" should be displayed. My questions are:
1. Why are both forms being displayed?
2. Why is the password verification not working? When I type two different passwords, I am supposed to get an error message.
3. Why, in the form $FORMRETRY are not all the fields being displayed? (I have a feeling it is with the quotes).43. Line 16 --> "ELSEIF ((STRLEN($_POST['Location'])) != 2)" does not seem to be working properly. Even whenever I only type 2 characters for the state, it does not count 2 for some reason and prints the proceding error message.

Thanks,
Mitch
Last edited by mlowery on Sun Feb 19, 2006 12:32 am, edited 2 times in total.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

the act of including the file tells php to parse it, not return it's contents after parsing. Include the files when and where they are needed. You can confirm this by seeing that a 1 is output after the second form. This is due to $FORM being set to 1, the return code from include().

$_SERVER['PHP_Self'] does not exist. $_SERVER['PHP_SELF'] may exist, given the right circumstances (some servers don't use it).

From FORMENTRY.php:

Code: Select all

<? $_POST['First_Name']; ?>
will print nothing, nor any others that look like it.

Code: Select all

<?= $_POST['First_Name']; ?>
is the short echo, however it is highly recommended to never use short tags, due to compatibility and portability issues. use <?php and <?php echo $yourvar instead.
mlowery
Forum Newbie
Posts: 4
Joined: Tue Aug 31, 2004 12:30 am
Location: Texas

Post by mlowery »

Wow, thanks a whole lot for your help. I updated my original post with the source code in it. I have also updated http://mlowery.t35.com/CMS/register.php with the new code as well.

The form displays correctly. If there is an error upon clicking "Register," then the error message is given above the form and the form has the previously typed contents in it, just like it is supposed to.

The code successfully checks whether or not the two passwords match.
The problem is with the state checker. No matter what, the form returns saying:
Please give the two-letter abbreviation of the state in which you live.
Any tips?

Thanks,
Mitchell
Last edited by mlowery on Sun Feb 19, 2006 12:54 pm, edited 1 time in total.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Your php code is looking for $_POST['Location'] but the state is in $_POST['State']
mlowery
Forum Newbie
Posts: 4
Joined: Tue Aug 31, 2004 12:30 am
Location: Texas

Post by mlowery »

Wow, that really helped. Thank you so much. The script works now, but there is still one very small problem. I will tell you after you have looked at the new script.

register.php

Code: Select all

<HTML>
<HEAD>
<TITLE>Sign Up</TITLE>
</HEAD>
<BODY>
<?php $Self = $_SERVER['PHP_SELF'];
IF ($_POST['Action'] == "Submitted")
    {
       IF ($_POST['Password1'] != $_POST['Password2'])
        {
          ECHO "Your passwords did not match. Please try again";
          INCLUDE 'FORMRETRY.php';
        }
       ELSEIF ((STRLEN($_POST['Location'])) != 2)
        {
          ECHO "Please give the two-letter abbreviation of the state in which you live.";
          INCLUDE 'FORMRETRY.php';
        }
       ELSE
        {
        $Login=ADDSLASHES(HTMLSPECIALCHARS($_POST['Login']));
        $Password=md5($_POST['Password1']);
        $Email=ADDSLASHES(HTMLSPECIALCHARS($_POST['Email']));
        $Name=HTMLSPECIALCHARS($_POST['Name']);
        $Location=$_POST['Location'];
        INCLUDE ("db_connect.php");
        $sql = "INSERT into Members (Login, Password, Email, Name, Location)
                VALUES('$Login','$Password','$Email','$Name','$Location')";
        mysql_query($sql) or die(mysql_error());
        ECHO "Congratulations, you are now a member.";
        }
    }
ELSE
    {
        INCLUDE 'FORM.php';
    }
?>
</BODY>
</HTML>
FORM.php

Code: Select all

<form action="<?php ECHO $Self; ?>" method="POST">
<div>Desired Username:</div><INPUT TYPE="text" name="Login" SIZE="20"><br>
<div>Desired Password:</div><INPUT TYPE="password" name="Password1" SIZE="20"><br>
<div>Verify Password:</div><INPUT TYPE="password" name="Password2" SIZE="20"><br>
<div>Email Address:</div><INPUT TYPE="text" name="Email" SIZE="20"><br>
<div>First Name:</div><INPUT TYPE="text" name="Name" SIZE="20"><br>
<div>State:</div><INPUT TYPE="text" name="Location" SIZE="2"><br>
<input type="hidden" name="Action" value="Submitted">
<INPUT TYPE="submit" action="submit" name="submit" value="Register">
FORMRETRY.php

Code: Select all

<form action="<?php ECHO $Self; ?>" method="post">
<div>Desired Username:</div>
<INPUT TYPE="text" name="Login" SIZE="20" VALUE="<?php ECHO $_POST['Login']; ?>"><br>
<div>Desired Password:</div><INPUT TYPE="password" name="Password1" SIZE="20"><br>
<div>Verify Password:</div><INPUT TYPE="password" name="Password2" SIZE="20"><br>
<div>Email Address:</div><INPUT TYPE="text" name="Email" SIZE="20" VALUE="<?php ECHO $_POST['Email']; ?>"><br>
<div>First Name:</div><INPUT TYPE="text" name="First_Name" SIZE="20" VALUE="<?php ECHO $_POST['Name']; ?>"><br>
<div>State:</div><INPUT TYPE="text" name="Location" SIZE="2" VALUE="<?php ECHO $_POST['Location']; ?>"><br>
<input type="hidden" name="Action" value="Submitted">
<INPUT TYPE="submit" action="submit" name="submit" value="Register">
Once again, the register.php form is online at http://mlowery.t35.com/CMS/register.php.
To see what the problem is, go to the form and type in a "T" for state. (As opposed to TX, the two-letter abbreviation). As you will see, the error message appears and the form is re-displayed with the previous information - except for "Name." This problem does not occur if you type in two-different passwords. In that case, the error message is displayed and all of the previous information typed into the form (including Name) is displayed as it is supposed to be.

Thanks,
Mitchell
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Same situation: you've used $_POST['Name'] but one of the forms uses $_POST['First_Name']
mlowery
Forum Newbie
Posts: 4
Joined: Tue Aug 31, 2004 12:30 am
Location: Texas

Post by mlowery »

lol, How could I miss that? I must have read my script 20 times. Oh well, so goes programming. . .
Once again, I appreciate your help, feyd. Everything works the way it should now.

Here is the new FORMRETRY.php script

Code: Select all

<form action="<?php ECHO $Self; ?>" method="post">
<div>Desired Username:</div>
<INPUT TYPE="text" name="Login" SIZE="20" VALUE="<?php ECHO $_POST['Login']; ?>"><br>
<div>Desired Password:</div><INPUT TYPE="password" name="Password1" SIZE="20"><br>
<div>Verify Password:</div><INPUT TYPE="password" name="Password2" SIZE="20"><br>
<div>Email Address:</div><INPUT TYPE="text" name="Email" SIZE="20" VALUE="<?php ECHO $_POST['Email']; ?>"><br>
<div>First Name:</div><INPUT TYPE="text" name="Name" SIZE="20" VALUE="<?php ECHO $_POST['Name']; ?>"><br>
<div>State:</div><INPUT TYPE="text" name="Location" SIZE="2" VALUE="<?php ECHO $_POST['Location']; ?>"><br>
<input type="hidden" name="Action" value="Submitted">
<INPUT TYPE="submit" action="submit" name="submit" value="Register">
Thanks,
Mitchell
Post Reply