Code Check
Posted: Thu Oct 09, 2003 8:24 am
For the life of me, I cannot figure out what is wrong with this code:
The error reads:
Here is the register code:
ANY IDEAS????
Code: Select all
<?php
session_start();
if ($_SESSION['email_address'] != "" ) {
echo "<b>You do not have the appropriate permissions to enter new distributors.</b><br><br><br>";
if ( empty( $first_name ) ) {
print "Please login below!";
include 'index.htm';
}
} else { print "
<html>
<head>
<title>Join Form</title>
</head>
<body>
<form name=form1 method=post action=register.php>
<table width=100% border=0 cellpadding=4 cellspacing=0>
<tr>
<td width=24% align=left valign=top>First Name</td>
<td width=76%><input name=first_name type=text id=first_name2></td>
</tr>
<tr>
<td align=left valign=top>Last Name</td>
<td><input name=last_name type=text id=last_name></td>
</tr>
<tr>
<td align=left valign=top>Email Address</td>
<td><input name=email_address type=text id=email_address></td>
</tr>
<tr>
<td align=left valign=top>Username</td>
<td><input name=username type=text id=username></td>
</tr>
</tr>
<tr>
<td align=left valign=top>Password</td>
<td><input name=password type=password id=password></td>
</tr>
</tr>
<tr>
<td align=left valign=top>Address</td>
<td><input name=address type=text id=address></td>
</tr>
</tr></tr></tr></tr></tr></tr></tr></tr></tr></tr></tr></tr></tr></tr></tr></tr>
<tr>
<td align=left valign=top> </td>
<td><input type=submit name=Submit value=Join Now!></td>
</tr>
</table>
</form>
</body>
</html>
"; } ?>Code: Select all
You have an error in your SQL syntax near ''', 'abcdefg'' at line 2Code: Select all
<?
include 'db.php';
// Define post fields into simple variables
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$email_address = $_POST['email_address'];
$username = $_POST['username'];
$password = $_POST['password'];
$password_encrypt = md5($password);
$user_address = $_POST['user_address'];
/* Lets strip some slashes in case the user entered
any escaped characters. */
$first_name = stripslashes($first_name);
$last_name = stripslashes($last_name);
$email_address = stripslashes($email_address);
$username = stripslashes($username);
$address = stripslashes($address);
/* Do some error checking on the form posted fields */
if((!$first_name) || (!$last_name) || (!$email_address) || (!$username)){
echo 'You did not submit the following required information! <br />';
if(!$first_name){
echo "First Name is a required field. Please enter it below.<br />";
}
if(!$last_name){
echo "Last Name is a required field. Please enter it below.<br />";
}
if(!$email_address){
echo "Email Address is a required field. Please enter it below.<br />";
}
if(!$username){
echo "Username is a required field. Please enter it below.<br />";
}
if(!$password){
echo "Password is a required field. Please enter it below.<br />";
}
if(!$address){
echo "Address is a required field. Please enter it below.<br />";
}
include 'join_form.php'; // Show the form again!
/* End the error checking and if everything is ok, we'll move on to
creating the user account */
exit(); // if the error checking has failed, we'll exit the script!
}
/* Let's do some checking and ensure that the user's email address or username
does not exist in the database */
$sql_email_check = mysql_query("SELECT email_address FROM users WHERE email_address='$email_address'");
$sql_username_check = mysql_query("SELECT username FROM users WHERE username='$username'");
$email_check = mysql_num_rows($sql_email_check);
$username_check = mysql_num_rows($sql_username_check);
if(($email_check > 0) || ($username_check > 0)){
echo "Please fix the following errors: <br />";
if($email_check > 0){
echo "<strong>Your email address has already been registered by another member in our database. Please submit a different Email address!<br />";
unset($email_address);
}
if($username_check > 0){
echo "The username you have selected has already been registered by another member in our database. Please choose a different Username!<br />";
unset($username);
}
include 'index.htm'; // Show the form again!
exit(); // exit the script so that we do not create this account!
}
/* Everything has passed both error checks that we have done.
It's time to create the account! */
// Enter info into the Database.
$sql = mysql_query("INSERT INTO users (first_name, last_name, email_address, username, password, signup_date, decrypted_password, birth, address)
VALUES('$first_name', '$last_name', '$email_address', '$username', '$password_encrypt', now(), '$password'), '$birth', '$address'") or die (mysql_error());
if(!$sql){
echo 'There has been an error creating your account. Please contact the webmaster.';
} else {
$userid = mysql_insert_id();
$activatepath = "includes/activate.php?id=$userid&code=$password_encrypt";
// Let's mail the user!
$subject = "Membership request at $sitename";
$message = "Dear $first_name $last_name,
You are now registered at our website, $sitepath !
To activate your membership, please login here: $sitepath$activatepath
Once you activate your membership, you will be able to login with the following information:
Username: $username
Password: $password
Please keep this username and password in a location that is easily accessible by you.
Thanks!
$sitename
This is an automated response, please do not reply!";
mail($email_address, $subject, $message, "From: $sitename <$adminemail>\nX-Mailer: PHP/" . phpversion());
echo 'Your membership information has been mailed to your email address! Please check it and follow the directions!';
}
?>ANY IDEAS????