Page 1 of 1

PHP Logic Problem

Posted: Wed Apr 09, 2008 11:41 am
by NeonZ
Hello, I've been stuck on my logic forever, I don't quite see what's wrong It's a register script, I'm trying to check if username is taken, passwords match, and none of the fields are empty. Here's the code:

Code: Select all

<?php
 
require("includes/Connect.php");
mysql_select_db("divnx5_web");
 
$username = $_POST['user'];
$password = sha1($_POST['pass']);
$password2 = sha1($_POST['pass2']);
$email = $_POST['email'];
 
function error($result, $query)
{
   if(!$result)
   {
      echo "Query Failed: $query<br />" . mysql_errno() . '<br />' . mysql_error();
    }
}
 
function check($username)
{
      $query = "SELECT `username` FROM `users` WHERE `username` = '$username'";
      $result = mysql_query($query) or die("Problem with the query: $query<br />" . mysql_error());
     
      if (mysql_num_rows($result) > 0)
         echo "The username " . $username . ' is already taken!<br /><br />';
}
 
if(!$con)
{
   echo "Registering is disabled right now, please check back later";
}
else
{
  if(!$_POST['register'])
  {
   echo "<br /><br />Use the following form to register a new account with us.
              <form action='register.php' method='post'><br /><br />
              <font size='2'>Username:</font><br />
              <input type='text' id='user' name='user' size='20' style='background-color: #FFFFFF; font-size: 8pt; border: 1 solid #003399' /><br />
   <font size='2'>Password:</font><br />
   <input type='password' id='pass' name='pass' size='20' style='background-color: #FFFFFF; font-size: 8pt; border: 1 solid #003399' /><br />
   <font size='2'>Confirm Password:</font><br />
   <input type='password' id='pass2' name='pass2' size='20' style='background-color: #FFFFFF; font-size: 8pt; border: 1 solid #003399' /><br />
   <font size='2'>E-mail Address:</font><br />
   <input type='text' id='email' name='email' size='20' style='background-color: #FFFFFF; font-size: 8pt; border: 1 solid #003399' /><br /><br />
   <input type='submit' name='register' id='register' value='Register' style='background-color: #FFFFFF; color: #000000; font-size: 8pt; border: 1 solid #003399' />
   <input type='reset' value='Clear' style='background-color: #FFFFFF; color: #000000; font-size: 8pt; border: 1 solid #003399' />
   </form>";
  }
  else
  {
     if(!isset($username) || empty($username))
     {
       echo "The username you entered encountered a problem<br />";
       check($username);
     }
 
     if(!$password || !$password2 || !isset($password) || !isset($password2) || empty($password) || empty($password2))
     {
       echo "The password field(s) cannot be left empty.<br />";
     }
 
     if(!$email || !isset($email) || empty($email))
     {
       echo "The email you entered encountered a problem<br />";
     }
 
     if($password != $password2)
     {
        echo "The passwords you entered do not match<br />";
     }
     else
     {
        if(isset($username) && $password == $password2 && isset($email))
        {
           $query = "INSERT INTO users(username, password, email, rank) VALUES('$username', '$password', '$email', '1')";
           $result = mysql_query($query);
           error($result, $query);
           mysql_close($con);
           echo "Thank You for registering with us " . $username . '! Before you can login and start using the features of the site, please check the email you provided (' . $email . ') for a confirmation link.';
        }
     }
   }
}
 
?>
The problem is, if the username is taken, or the email field is left empty, it still adds you to the database. If you leave all fields empty, it will print out some errors that I put in echo but it still adds a blank space to the db.

I checked it over and over as I mentioned before. Help would be greatly appreciated.

Thank You. :)

Re: PHP Logic Problem

Posted: Wed Apr 09, 2008 11:55 am
by Christopher
You should check to see exactly what is in $username and $email. Also you should probably hash the passwords after you check if they have been entered...

Re: PHP Logic Problem

Posted: Wed Apr 09, 2008 11:57 am
by NeonZ
How would I check what's in $username or $email. I'm already trying to check if username is taken, but that isn't working well either. And I don't really know what you mean by hash. 8O

Thanks

Re: PHP Logic Problem

Posted: Wed Apr 09, 2008 12:44 pm
by bovermyer
NeonZ wrote:How would I check what's in $username or $email. I'm already trying to check if username is taken, but that isn't working well either. And I don't really know what you mean by hash. 8O

Thanks
Just echo out $username and $email after you've done your checking.

Hashing means one-way encrypting. The MD5() function in MySQL and PHP does this.