Page 1 of 1

Form and PHP not functioning as intended

Posted: Fri Aug 11, 2006 9:27 pm
by waradmin
I have a form, its supposed to check to see if an IP is in the database, if it is it sends an email with the information, if it isnt it inputs the data and sends the data via email. However the IP adds to the database every time and it doesnt return the page to index.php?action=registered.

Code: Select all

<form method="post" action="index.php?action=check"><input type="text" name="email"><input type="submit" value="Go"></form>
					<?php
					include("config.php");
					if($_GET['action'] == 'check')
					{
						//check that the email address is filled in
						if($_POST['email'] == '')
						{
							//if email is empty
							echo error("blank");
							exit;
						}
						else
						{
						// check to see if the email addy exists
						//first define the IP
						$ip = $_SERVER['REMOTE_ADDR'];
						$conn=@mysql_connect("$DBHOST", "$DBUSER", "$DBPASS")
		 					or die("Err:Conn");
						#select the specified database
						$rs = @mysql_select_db("$DBNAME", $conn) 
							or die("Err:Db");
						$result = mysql_query("SELECT * FROM verify
						WHERE ip='{$_SERVER['REMOTE_ADDR']}'") or die(mysql_error());
                                                           $row = mysql_fetch_array( $result );

						//if row for email = blank create account
						if($row['ip'] == '')
							{
							//////////////////////////////////////
							// GENERATE THE ARK
							//////////////////////////////////////
							$totalChar = 16;
							$salt = "abcdefghijklmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ123456789"; 
							srand((double)microtime()*1000000);
							$password="";
							for ($i=0;$i<$totalChar;$i++)
            				$password = $password . substr ($salt, rand() % strlen($salt), 1);
							//create the entry
							mysql_query("INSERT into verify(ip, email, ark) VALUES('$ip', '{$_POST['email']}', '$password') ") or die(mysql_error());
							
							//send the email to the user
							$msg = "<p>Welcome to the Bloodfin EMU. Your ARK (Account Registration Key) is:</p>";
							$msg .= "<p><b>$password</b></p>";
							$recipient = $_POST['email'];
							$subject = "Bloodfin EMU Account Registration Key";
							$mailheaders = "MIME-Version: 1.0\r\n";
							$mailheaders .= "Content-type: text/html; charset=ISO-8859-1\r\n";
							$mailheaders .= "From: SWGEMU ADMIN <uberamd@gmail.com> \n";
							$mailheaders .= "Reply-To: $_POST[email]";
							mail($recipient, $subject, $msg, $mailheaders);
							
							//redirect to success page
							header("Location: index.php?action=registered");
							exit();
							}
						    else
						    {
							//send the email to the user
							$msg = "<p>We noticed you attempted to register for another account with an existing IP address. 
							We ASSUME this was because of a lost ARK key, so for reference your ARK key is:</p>";
							$msg .= "<p><b>$password</b></p>";
							$recipient = $_POST['email'];
							$subject = "Bloodfin EMU Account Registration Key";
							$mailheaders = "MIME-Version: 1.0\r\n";
							$mailheaders .= "Content-type: text/html; charset=ISO-8859-1\r\n";
							$mailheaders .= "From: SWGEMU ADMIN <uberamd@gmail.com> \n";
							$mailheaders .= "Reply-To: $_POST[email]";
							mail($recipient, $subject, $msg, $mailheaders);
							}
						}
					}
					
function error($error)
{
   //if error is equal to blank than write "fill in all the fields"
   if($error == 'blank')
      {
      echo "<b>Please fill in all the fields</b>";
      }
}
?>
Whats wrong with my code.

Thanks in advance.

-Kalvaris

Posted: Fri Aug 11, 2006 10:00 pm
by Ollie Saunders

Code: Select all

//redirect to success page
header("Location: index.php?action=registered");
Headers already sent. Redirect won't work

Code: Select all

$result = mysql_query("SELECT * FROM verify WHERE ip='{$_SERVER['REMOTE_ADDR']}'") or die(mysql_error());

//if row for email = blank create account
if($row['ip'] == '')
Where is $row being created? Because it looks like you are performing a query and never fetching any data.

Posted: Fri Aug 11, 2006 10:05 pm
by waradmin
I copied it wrong,

Code: Select all

$row = mysql_fetch_array( $result );
goes after

Code: Select all

$result = mysql_query("SELECT * FROM verify
						WHERE ip='{$_SERVER['REMOTE_ADDR']}'") or die(mysql_error());
on the top.

And the headers issue makes sense.

-Steve

Posted: Sat Aug 12, 2006 7:55 am
by Ollie Saunders
Consider this

Code: Select all

if (!mysql_num_rows($result))
instead of

Code: Select all

if($row['ip'] == '')