Page 1 of 1

Account database problem

Posted: Sat Jan 31, 2009 1:31 pm
by Wavedude
Hello. I am new to php, of course. And I need help with connecting to a MySQL database.

On my page the pages for login and logout work fine. But my registering page has some type of error in it. A parse error on line 226. Line 226 is the line where the code ends. So I don't know where that error is in the code.
The MySQL database and table for the users has been created. These PHP page use a data.php page for logging into the database. And all the code should right for that, too. Its just for these registering pages.

Heres the register.php:

Code: Select all

 
<?php
 
session_start(); //lets start the session so we could use them!
 
// session_start() must always be used if you want to use session variables on the page.
 
 
require_once("data.php"); //include..
 
 
 
if(empty($_SESSION['username'])){
 
//check if user is not logged in
 
 
 
$act = htmlspecialchars(mysql_real_escape_string($_GET['act']));
 
// security hoo-haa
 
 
 
if($act == 'reg'){
 
// if we've attempted to start the registration process...
 
// lets set the variables
 
$username = htmlspecialchars(mysql_real_escape_string($_POST['username'])); // username...
 
$username = strtolower($username); // lets make it lower cased so username like fRIiKs would be transformed to friiks
 
$password = htmlspecialchars(mysql_real_escape_string($_POST['password'])); // password(s)
 
$passwordCheck = htmlspecialchars(mysql_real_escape_string($_POST['passwordCheck']));
 
$email = htmlspecialchars(mysql_real_escape_string($_POST['email'])); // E-mail
 
 
 
$checkUsername = mysql_num_rows(mysql_query("SELECT `id` FROM `users` WHERE `username`='".$username."' LIMIT 1"));
 
// check if username not taken
 
$emailCheck = mysql_num_rows(mysql_query("SELECT `id` FROM `users` WHERE `email`='".$email."' LIMIT 1"));
 
// check if E-mail not taken
 
 
 
if($checkUsername < 1 && $emailCheck < 1 && !empty($password) && !empty($username) && $password == $passwordCheck && strlen($username) < 18 && strlen($password) < 32){
 
// if everything's fine lets continue with the registration process
 
 
 
$hash = substr(md5(mt_rand(0000000,999999)."somethingForNothingRawr!"),0,25);
 
// create random, 25 character long hash
 
$password = sha1($password.$hash);
 
// create password
 
 
 
$lastId = mysql_fetch_array(mysql_query("SELECT `userId` FROM `users` ORDER BY `id` DESC LIMIT 1"));
 
$myId = $lastId['userId']+1;
 
// Get the last user id in the database and create the current users id
 
 
 
if(mysql_query("INSERT INTO `users` (`id`, `userId`, `userLevel`, `username`, `password`, `email`, `registered`, `avatar`, `randString`) VALUES ('NULL','".$myId."','1','".$username."','".$password."','".$email."','".time()."','','".$hash."')")){
 
// If the user data is inserted into the DB return success!
 
header("Location:register.php?act=success");
 
}else{
 
// if not, return error...
 
header("Location:register.php?act=err7");
 
}
 
 
 
}else{
 
// if something's wrong above let's check out what IS wrong and return an error!
 
if($checkUsername > 0){
 
header("Location:register.php?act=err0");
 
}
 
if($emailCheck > 0){
 
header("Location:register.php?act=err1");
 
}
 
if(empty($password)){
 
header("Location:register.php?act=err2");
 
}
 
if(empty($username)){
 
header("Location:register.php?act=err3");
 
}
 
if($password != $passwordCheck){
 
header("Location:register.php?act=err4");
 
}
 
if(strlen($username) > 18){
 
header("Location:register.php?act=err5");
 
}
 
if(strlen($password) > 32){
 
header("Location:register.php?act=err6");
 
}
 
}
 
 
 
}
 
 
 
 
 
$errors = array(
 
"0" => "Username already taken!",
 
"1" => "This E-mail is already used!",
 
"2" => "Password field must be filled!",
 
"3" => "Username field must be filled!",
 
"4" => "Passwords you entered didn't match!",
 
"5" => "Username is longer than 18 characters",
 
"6" => "Password is longer than 32 characters",
 
"7" => "There was an error while inserting data into database!<br />Please try again later!"
 
);
 
// lets create error reports...
 
 
 
if($act == "success"){
 
?>
 
<span style="color:green;font-weight:bold">Registration was successful, you may log in <a href="index.php">here</a></span>
 
<?
 
}else if(ereg('err',$act) > 0){
 
// if $act variable contains "err" then lets get the number of error and output the error!
 
?>
 
<span style="color:red;font-weight:bold"><?php echo $errors[substr($act,3)]; ?></span>
 
<?php
 
}
 
 
 
?>
 
<form action="register.php?act=reg" method="post" >
 
<table>
 
<tr><td>Username:</td><td><input type='text' name='username' maxlength='18' /></td></tr>
 
<tr><td>Password:</td><td><input type='password' name='password' maxlength='32' /></td></tr>
 
<tr><td>Password Again:</td><td><input type='password' name='passwordCheck' maxlength='32' /></td></tr>
 
<tr><td>E-Mail:</td><td><input type='text' name='email' /></td></tr>
 
<tr><td><input type='submit' value='Register' /></td></tr>
 
</table>
 
</form>
 
 
 
<?
 
}else{
 
// if user's logged in return the user to index
 
header("Location:index.php");
 
}
 
 
 
?>
Please help. And thank you. ^_^

Re: Account database problem

Posted: Sat Jan 31, 2009 2:08 pm
by jaoudestudios
What is the error? And which line is 226?

If you are getting a header already sent error, check you are not sending white space to the screen then trying to redirect the user.

Re: Account database problem

Posted: Sat Jan 31, 2009 7:34 pm
by Wavedude
Ok, the errors gone.

Now there's a different problem. When I try to create an account, it just refreshes the page. Whys it doing this?

Re: Account database problem

Posted: Sun Feb 01, 2009 2:50 am
by jaoudestudios
When it refreshes the page, is it appending to the url?