Mangos help | creating custom registration script and sha1 hash for password

[demonlord1]

index.php

Spoiler

<form name="reg" action="register.php" method="post">
<table width="274" border="0" align="center" cellpadding="2" cellspacing="0">
<tr>
<td colspan="2">
<div align="center">
<?php
$remarks=$_GET['remarks'];
if ($remarks==null and $remarks=="")
{
echo 'Register Here';
}
if ($remarks=='success')
{
echo 'Registration Success';
}
?>
</div></td>
</tr>
<tr>
<td width="95"><div align="right">UserName:</div></td>
<td width="171"><input type="text" name="fname" /></td>
</tr>
<tr>
<td><div align="right">password:</div></td>
<td><input type="text" name="lname" /></td>
</tr>
<tr>
<td><div align="right">gmlvl:</div></td>
<td><input type="text" name="mname" /></td>
</tr>
<tr>
<td><div align="right">expansion:</div></td>
<td><input type="text" name="address" /></td>
</tr>
<tr>
<td><div align="right"></div></td>
<td><input name="submit" type="submit" value="Submit" /></td>
</tr>
</table>
</form>

register.php

Spoiler

<?php
include('config.php');
$username=$_POST['username'];
$sha_pass_hash= sha1(($username) . ":" . ($password));
$GMLVL=$_POST['GMLVL'];
$Expansion=$_POST['Expansion'];
mysql_query("INSERT INTO account(id, username, sha_pass_hash, GMLVL, sessionkey, v, s, email, joindate, last_ip, failed_logins, locked, last_login, active_realm_id, Expansion, mutetime, locale)
VALUES('8', '$username', '$password', '$GMLVL', '', '0', '0', 'test@test.com', '0000-00-00 00:00:00', '0.0.0.0', '0', '0', ''0000-00-00 00:00:00', '0', '$Expansion', '0', '0',)");
header("location: index.php?remarks=success");
echo "Thanks ".$username.", your account has been created!";
mysql_close($con);
?>

config.php

Spoiler

<?php
$mysql_hostname = "localhost:3306";
$mysql_user = "root";
$mysql_password = "ascent";
$mysql_database = "realmd";
$bd = mysql_connect($mysql_hostname, $mysql_user, $mysql_password) or die("could not connect to MYSQL");
mysql_select_db($mysql_database, $bd) or die("could not connect to database");
?>

made this myself its no throwing any errors or anything but it isnt inserting anything into the account tbl in realmd database and also wondering if sumone can help me with how to add in the
sha1///hash stuff required for the registration

ive found this for the password but im having trouble figuring out how to add this into my script bear with me please first time ever making my own php scripts

//sha1(strtoupper($username).':'.strtoupper($this -> password));

this is newest register.php

Spoiler

<?php
require('config.php');
$bd or die("config.php setup error");
$username=$_POST['Username'];
$password=$_POST['password'];
$GMLVL=$_POST['GMLVL'];
$Expansion=$_POST['Expansion'];
$email=$_POST['Email'];
$sha_pass_hash = sha1(strtoupper($_POST['username'] . ":" . $_POST['password']));

//Old not working
//mysql_query("INSERT INTO account(id, username, sha_pass_hash, GMLVL, sessionkey, v, s, email, joindate, last_ip, failed_logins, locked, last_login, active_realm_id, Expansion, mutetime, locale)
//VALUES('$username', '$passkey', '$GMLVL', '$email', '$Expansion')");
//header("location: index.php?remarks=success");
//echo "Thanks ".$username.", your account has been created!";
//mysql_close($con);

mysql_query("Insert INTO account(username, sha_pass_hash, gmlevel, email, expansion)
VALUES('$username', '$Sha_pass_hash', '$GMLVL', '$email')");
header("location: index.php?remarks=success");
echo "thanks".$username.", your account has be created!";
mysql_close($con);

but it dont seem to insert anything into the table still and from the looks of it it should be working

 

[munk]

I am not that good with web related stuff, but why dont you check one thats only created such as

You must be registered to see links

and see if you can read it and maybe find out yourself how you can fix it?

Greetings, Lou

 

[demonlord1]

yea ive looked at that already not any help all that much mine is a more simple version that should work it is connecting to the database and such other wise i would be getting errors but for sum reason it wont insert it into the database tbl

i have also tried this register.php

Spoiler

<?php

$sha_pass_hash = sha1(strtoupper($_POST['username'] . ":" . $_POST['password']));


$conn = new mysqli('localhost', 'root', 'ascent', 'realmd');
//mysql connection check
if (mysqli_connect_error()) {
exit('connection failed: ' .mysqli_connect_error()
);
}

////empty array that will contain the errors
$errors = array();
$regexp_mail = '/^([a-zA-Z0-9]+[a-zA-Z0-9._%-]*@([a-zA-Z0-9-]+\.)+[a-zA-Z]{2,4})$/';
if (isset($_POST['username']) && isset($_POST['password'])
&& isset($_POST['gmlevel']) && isset ($_POST['email'])
&& isset($_POST['expansion'])) {
///remove tags and whitespace from start and end of form data
$_POST = array_map("strip_tags", $_POST);
$_POST = array_map("trim", $_POST);

//check to see if all registration filed are file correctly
// (email addes and the min max for username,password,gmlevel,expansion)
if (!preg_match($regexp_mail, $_POST ['email']))
$errors[] = 'invalid e-mail address';
if (strlen($_POST['username'])<6)
$errors[] = 'username must contain minimum 6 characters';
if (strlen($_POST['password'])<6)
$errors[] = 'password must contain minimum 6 characters';
if (strlen($_POST['gmlevel'])>1)
$errors[] = 'gmlevel can only contain 1 number from 0-3';
if (strlen($_POST['expansion'])>1)
$errors[] = 'expansion must be set to 2';

//ifno errors ($error array empty)
if(count($errors)<1) {
////connection to the database
$conn = new mysqli('localhost', 'root', 'ascent', 'realmd');
////connection check
if (mysqli_connect_error()) {
exit('connection to datbase failed: '.mysqli_connect_error());
}

///store vailes in an array, escaping special character for use in sql statement
$adds['username'] = $conn->real_escape_string(
$_POST['username']);
$adds['sha_pass_hash'] = $conn->real_escape_string(
$_POST['password']);
$adds['gmlevel'] = $conn->real_escape_string(
$_POST['gmlevel']);
$adds['email'] = $conn->real_escape_string(
$_POST['email']);
$adds['expansion'] = $conn->real_escape_string(
$_POST['expansion']);

///sql query insert into account
$sql = "INSERT INTO 'account' ('username', 'sha_pass_hash', 'gmlevel', 'email', 'expansion')
VALUES ('". $adds['username']. "', '". $adds['sha_pass_hash']. "', '". $adds['gmlevel']. "', '". $adds['email']. "', '". $adds['expansion']. "')";


//preforms the sql query insert
if ($conn->query($sql) === TRUE)
{
echo 'account has been added to database successfully';
}
else {
echo 'error; '.$conn->error;
}
$conn->close();
}
else {
///else,if errors, it adds them in string format and prints it
echo implode('<br />', $errors);
}
}
else {
echo 'no data from form';
}
?>

index.php

Spoiler

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>HTML form for insert users</title>
</head>
<body>

<form action="register.php" method="post">
username: <input type="text" name="username" /><br />
Password: <input type="text" name="password" /><br />
gmlevel: <input type="text" name="gmlevel" /><br />
E-mail: <input type="text" name="email" /><br />
expansion: <input type="text" name="expansion" /><br />
<input type="submit" value="Send" />
</form>

</body>
</html>

but it throws this error
error; You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''account' ('username', 'sha_pass_hash', 'gmlevel', 'email', 'expansion') VALUE' at line 1
i am also wondering if i did the sha1 correctly never worked on php so really confused

 

[munk]

Isnt it "accounts"?