The script is for registering users, not unlike this forum. The register pages has 6 fields. Three are empty for the user to fill out(name-password-email), the other 3 are autofilled(IP-chkbox-timedate). When the user fills the 3fields then hits the Join! button the 6 fields all properly register to the mysql database, but, after it is registered the screen to the user does not indicate to the user that he is now registered...i.e. "Registered! Thank you..." the program just seems to jump over that part.. the screen puts up the original 'Register' screen again with the 3 fields emptied.
IB stumpted .... any help would be very much appreciated.
Here is the code. Thanks in advance for any help.
Code: Select all
<?php
session_start();
include ("database.php");
/**
* Returns true if the username has been taken
* by another user, false otherwise.
*/
function usernameTaken($username)
{
global $conn;
if (!get_magic_quotes_gpc())
{
$username = addslashes($username);
}
$q = "select username from users where username = '$username'";
$result = mysql_query($q, $conn);
$num = mysql_numrows($result);
return $num;
}
/**
* Inserts the given (username, password) pair
* into the database. Returns true on success,
* false otherwise.
*/
function addNewUser($username, $password, $pcidip, $datetime, $email, $emailchk)
{
global $conn;
$q = "INSERT INTO users VALUES ('$username', '$password', '$pcidip', '$datetime', '$email', '$emailchk')";
$query = mysql_query($q, $conn);
return $query;
}
////////This is where my problem is <I think> ...
////////When I press Join! button, the routine adds the new user to db OK but
/////// instead of going to the "Registered! Thank you.." below it empties the 3 fields(user,pass,email) and starts again
/////// asking you to register<again>. The user gets no indication that he was registered.
/**
* Displays the appropriate message to the user
* after the registration attempt. It displays a
* success or failure status depending on a
* session variable set during registration.
*/
function displayStatus()
{
$uname = $_SESSION['reguname'];
if ($_SESSION['regresult'])
{
?>
<h1>Registered!</h1>
<p>Thank you.. <br>
Your information has been added to the database, you may now <a href="index.php" title="Login">log in</a></p>
<?php
}
else
{
?>
<h1>Registration Failed</h1>
<p>We're sorry, but an error has occurred and your registration for the username <b><?php echo
$uname; ?></b>, could not be completed.<br>
Please try again at a later time.</p>
<?php
}
$_SESSION['reguname'] = NULL;
$_SESSION['registered'] = NULL;
$_SESSION['regresult'] = NULL;
}
if (isset($_SESSION['registered']))
{
/**
* This is the page that will be displayed after the
* registration has been attempted.
*/
?>
<html>
<title>Registration Page</title>
<body>
<?php displayStatus(); ?>
</body>
</html>
<?php
return;
}
/**
* Determines whether or not to show to sign-up form
* based on whether the form has been submitted, if it
* has, check the database for consistency and create
* the new account.
*/
if (isset($_POST['subjoin']))
{
/* Make sure all fields were entered */
if (!$_POST['user'] || !$_POST['pass'])
{
die('You didn\'t fill in a required field.');
}
/* FKadded this -- checks that email field has characters */
if (!$_POST['email'])
{
die('You didn\'t fill in the email field, silly');
}
/* Spruce up username, check length */
$_POST['user'] = trim($_POST['user']);
if (strlen($_POST['user']) > 30)
{
die("Sorry, the username is longer than 30 characters, please shorten it.");
}
/* Check if username is already in use */
if (usernameTaken($_POST['user']))
{
$use = $_POST['user'];
die("Sorry, the username: <strong>$use</strong> is already taken, please pick another one.");
}
/* Add the new account to the database */
$password = ($_POST['pass']);//FK removed md5.. was... $md5pass = md5($_POST['pass']);
$_SESSION['reguname'] = $_POST['user'];
$_SESSION['regresult'] = addNewUser($_POST['user'], $password, $pcidip, $datetime, $email, $emailchk);//FK-added $pcidip...$emailchk
$_SESSION['registered'] = true;
echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}
else
{
/**
* This is the page with the sign-up form, the names
* of the input fields are important and should not
* be changed.
*/
?>
<html>
<title>Registration Page</title>
<body>
<h1>Register</h1>
<form action="<?php echo $HTTP_SERVER_VARS['PHP_SELF']; ?>" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td>Email Addr:</td><td><input type="text" name="email" maxlength="50"></td></tr>
<tr><td>Send Email Alerts:</td><td> <input type="checkbox" name="emailchk" value="1" checked></td></tr><br />
<!-- FKinsert begins here -->
<tr><td>Your IP for this visit:</td><td> <input name="pcidip" type="text" value="
<?php echo $_SERVER['REMOTE_ADDR']; ?>" size="20"></td></tr><br />
<tr><td>Date-Time for this visit:</td><td> <input name="datetime" type="text" value="
<?php echo date("Y.m.d - h:i:s"); ?>" size="20"></td></tr><br>
<!-- FK insert ends here -->
<tr><td colspan="2" align="right"><input type="submit" name="subjoin" value="Join!"></td></tr>
</table>
</form>
</body>
</html>
<?php
}
?>
Floyd