newb debug issues.
Posted: Thu Aug 10, 2006 10:31 am
sorry about the last post my last post btw...i had been writing php code all week and still in the process of trying to get my login application to work. much thanx to feyd and others for the extra set of eyes i needed to debug the issue....however im finished the project and i get another parse error from the default: line
and when i take the default line out i get a mysqli error and it tells me that it couldnot reach the server or database.....is there an easier way to create a login page. All im wanting is to create a program that a user can enter go to a page that has his specific information...i know i have to create user cookies and sessions but obviously it seems as though the programs im creating are not the kind im looking for. Also is there another way like through php code that i can create the database from scratch and if so can someone show me a small example, and perhaps if anyone know of a place online that i can go to for a tutorial on creating user sessions like the login page that will possibly show me step by step so a terrible newb like me can follow along...it would be very much apprieciated
Code: Select all
<?php
session_start();
include("functions_main.php");
$table_name = "Customer";
$next_program = "SecretPage.php";
switch(@$_POST['Button'])
{
case "Login":
$cxn = Connect_to_db("Vars.php");
$sql = "SELECT user_name FROM $table_name
WHERE user_name='$_POST[fusername]'";
$result = mysqli_query($cxn,$sql)
or die("Coulden't execute query 1");
$num = mysqli_num_rows($result);
if($num == 1)
{
$sql = "SELECT user_name FROM $table_name
WHERE user_name='$_POST[fusername]'
AND password=md5('$_POST[fpassword]')";
$result2 = mysqli_query($cxn,$sql)
or die("Coulden't execute query 2");
$row = mysqli_fetch_assoc($result2);
if($row)
{
$_SESSION['auth']="yes";
$_SESSION['logname']=$_POST['fusername'];
header("Location: $next_program");
}
else
{
$message_1="The Login Name, '$_POST[fusername]'
exist, but you have not entered the
correct password! Please try again.<br>";
extract($_POST);
include("fields_login.php");
include("double_form.php");
}
}
elseif($num == 0) //login name not found
{
$message_1 = "The User Name you entered does not
exist! Pease try again.<br>";
include("fields_login.php");
include("double_form.php");
}
break;
case "Register":
/* Check for blanks */
foreach($_POST as $field => $value)
{
if($field != "fax")
{
if($value == "")
{
$blanks[] = $field;
}
}
}
if(isset($blanks))
{
$message_2 = "The Following fields are blank.
Please enter the required information: ";
foreach($blanks as $value)
{
$message_2 .="$value, ";
}
extract($_POST);
include("fields_login.php");
include("double_form.php");
exit();
}
/* validate data */
foreach($_POST as $field => $value)
{
if(!empty($value))
{
if(eregi("name",$field) and
!eregi("user",$field) and !eregi("log",$field))
{
if(!ereg("^[A-Za-z' -]{1,50}$",$value))
{
$errors[] = "$value is not a valid name.";
}
}
if(eregi("street",$field) or eregi("addr",$field) or
eregi("city",$field))
{
if(!ereg("^[A-Za-z0-9.,' -]{1,50}$",$value))
{
$errors[] = "$value is not a valid address or city.";
}
}
if(eregi("state",$field))
{
if(!ereg("[A-Za-z]",$value))
{
$errors[] = "$value is not a valid state.";
}
}
if(eregi("email",$field))
{
if(!ereg("^.+@.+\\..+$",$value))
{
$errors[] = "$value is not a valid email address.";
}
}
if(eregi("zip",$field))
{
if(!ereg("^[0-9]{5,5}(\-[0-9]{4,4})?$",$value))
{
$errors[] = "$value is not a valid zipcode.";
}
}
if(eregi("phone",$field) or eregi("fax",$field))
{
if(!ereg("^[0-9)(xX -]{7,20}$",$value))
{
$errors[] = "$value is not a valid phone number.";
}
}
}
}
foreach($_POST as $field => $value)
{
if(field != "password")
{
$password = strip_tags(trim($value));
}
else
{
$fields[]=$field;
$value = strip_tags(trim($value));
$values[] = addslashes($value);
$$field = $value;
}
}
}
if(@is_array($errors))
{
$message_2 = "";
foreach($errors as $value)
{
$message_2 .= $value." Please try again<br />";
}
include("fields_login.php");
include("double_form.php");
exit();
}
$user_name = $_POST['user_name'];
/* check to see if user name already exist */
$cxn = Connect_to_db("Vars.php");
$sql = "SELECT user_name FROM $table_name WHERE user_name='$user_name'";
$result = mysqli_query($cxn,$sql)
or die("Coulden't execute query.");
$num = mysqli_num_rows($result);
if($num > 0)
{
$message_2 = "$user_name already used. Select another
User Name.";
include("fields_login.php");
include("double_form.php");
exit();
}
else
{
$today = date("Y-m-d");
$fields_str = implode(",",$fields);
$values_str = implode('","',$values);
$fields_str .=",create_date";
$values_str .='"'.",".'"'.$today;
$fields_str .=",password";
$values_str .= '"'.","."md5"."('".$password."')";
$sql = "INSERT INTO $table_name ";
$sql .= "(".$fields_str.")";
$sql .= " VALUES ";
$sql .= "(".'"'.$values_str.")";
mysqli_query($cxn,$sql) or die(mysqli_error($cxn));
$_SESSION['auth']="yes";
$_SESSION['logname']=$user_name;
/* send email to new Customer */
$emess = "You have successfully registered.";
$emess .= "Your new user name and password are:";
$emess .= "\n\n\t$user_name\n\t";
$emess .= "password\n\n";
$emess .= "We apprieciate your interest. \n\n";
$emess .= "If you have any questions or problems,";
$emess .= " email obadiah_00@hotmil.com";
$subj .= "Your new customer registration";
$mailsend=mail("$email","$subj","$emess");
header("Location: $next_program");
}
break
default:
include("fields_login.php");
include("double_form.php");
}
?>