[Help] Need Help with Registration PHP File
Hey guys. i been messing with these codes for a good hour and i got pretty much everything working but i cant get it to where when a user presses submit it checks that the fields are all filled and checks if the username he/she chose is being used or not and if the email he/she is using is being used.
Register.php
File that adds users into the database
(i just call it regcheck.php in my files)
Re: [Help] Need Help with Registration PHP File
Re: [Help] Need Help with Registration PHP File
testing now
-EDIT
Tested wouldn't work.
Changed about 20 lines of code and finally got to check username/password
Now i get the error:
PHP Code:
Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\regcheck.php on line 73
And this is line 72-73:
PHP Code:
$q = SQL::Query("SELECT username FROM 'members'");
$check_names = mysql_num_rows($q);
Re: [Help] Need Help with Registration PHP File
Re: [Help] Need Help with Registration PHP File
still get same error when pressing submit
Re: [Help] Need Help with Registration PHP File
Quote:
Originally Posted by
sexychicken
still get same error when pressing submit
Out of interest:
1. Why do you use -
PHP Code:
$q = mysql_query("SELECT username FROM 'members'");
You are selecting every username from the members table..? Why? Surely you should be checking if the username already exists ->
PHP Code:
$q = mysql_query("SELECT COUNT(*) FROM `members` WHERE `username` = $username");
// The output of $q should be pre-counted so you can scrap mysql_num_rows();
2. The SQL class WizCoder used is completely wrong in my eyes; e.g.
PHP Code:
$check_names = mysql_num_rows($q);
if ( $check_names == true ) {
echo 'Username is already taken.';
} else if ( $check_names == false )
{
mysql_num_rows does not return as a boolean (although technically it is if you consider 1 = true, 0 = false. But using == in the if statement makes this void)
PHP Code:
if( $check_names > 0 ) {
echo 'Username is already taken.';
return;
}
The else is not required, using WizCoder's class even though the username is taken the code will continue as there is nothing stopping it.
All in all the class WizCoder has provided is basically useless for it's purpose (Sorry Wiz!)
If I get a moment on my lunch break today I will rewrite his class for you (Unless someone else beats me too it)
EDIT - IMPORTANT PART:
PHP Code:
<?php
class SQL
{
/*MySQL Connection */
static function Connect()
{
$host = 'hostnamehere';
$user = 'username';
$pass = 'password';
$database = 'databasename';
$con = mysql_connect($host,$user,$pass) or die ( mysql_error() );
$db = mysql_select_db($database,$con) or die ( mysql_error() );
return $con;
}
static function Query($query)
{
$con = SQL::Connect();
$q = mysql_query($query);
return $q;
}
public static function Validation()
{
$username = $_POST['username'];
$email = $_POST['email'];
$pass1 = $_POST['pass1'];
$pass_check = $_POST['pass2'];
if( isset( $username, $pass1, $pass_check, $email ) ) {
if( !empty( $username) && !empty( $pass1 ) && !empty( $pass_check ) && !empty( $email ) ) {
if( $pass1 != $pass_check ){
echo 'Passwords do not match.';
return;
}
$q = SQL::Query("SELECT COUNT(*) FROM `members` WHERE `username` = '$username'");
if( $q > 0 ) {
echo 'Username is already taken.';
return;
}
$check_account = SQL::Query("INSERT INTO `members` (`username`, `password`, `email`) VALUES ('$username', '$password', '$email')");
}
} else {
echo 'A value is not set'; // One of the variables was not set - somehow
}
}
}
SQL::Connect();
SQL::Validation();
?>
NOTE: This script includes NO database protection, add that yourself but this script can easily be exploited. - One fix would be not to use mysql_ but use PDO or MySQLi
There is your new class.
I noticed something majorly wrong with the code WizCoder gave you too, it wasn't for registration it was partly registration partly login (By fact it didn't insert any data into the database, just checked if the user existed to log you in...)
All the best,
Richard Komakech.
Re: [Help] Need Help with Registration PHP File
sorry I somehow mis-read the title lol wow.
You're doing registration , i'm going to delete my previous post I thought you were working with logging in the user lol.
When I get home later I Will re-write it and test it out for you unless someone does this before me.
My bad.
Re: [Help] Need Help with Registration PHP File
no i got it to login correctly. checks if password and username matches if not gives user message and so on. login is fine. i just can't seem to get the registration correct.
@Komakech
trying your method now. will post results
EDIT:
was getting "Username Already Exist" on every name i tried. Fixed
im getting mysql errors on passwords. Fixed
Just getting a blank page now and i know it isn't adding them into the database as i can see the database.
Re: [Help] Need Help with Registration PHP File
Quote:
Originally Posted by
sexychicken
no i got it to login correctly. checks if password and username matches if not gives user message and so on. login is fine. i just can't seem to get the registration correct.
@Komakech
trying your method now. will post results
EDIT:
was getting "Username Already Exist" on every name i tried. Fixed
im getting mysql errors on passwords. Fixed
Just getting a blank page now and i know it isn't adding them into the database as i can see the database.
Glad I was able to do the login part for you so that won't be a problem, a blank page? that's strange check if its being redirected to a blank file.
Hope you get this resolved!
Re: [Help] Need Help with Registration PHP File
no i did the login yesterday by myself lol but no its not being redirected its on the page it's supposed to be but it doesn't give me any errors or it doesn't do any of the echos for wrong password or username being used or anything
Re: [Help] Need Help with Registration PHP File
PHP Code:
static function Query($query)
{
$con = SQL::Connect();
$q = mysql_query($query) or die(mysql_error());
return $q;
}
Replace the query function with that, see if anything flags up?
All the best,
Richard Komakech.
Re: [Help] Need Help with Registration PHP File
now i get this and i looked at the files and that doesn't make sense as the column name is what its supposed to be called
PHP Code:
Unknown column 'name' in 'where clause'
Re: [Help] Need Help with Registration PHP File
Quote:
Originally Posted by
sexychicken
now i get this and i looked at the files and that doesn't make sense as the column name is what its supposed to be called
PHP Code:
Unknown column 'name' in 'where clause'
Post all the queries you have in your script for the registration part.
All the best,
Richard Komakech.
Re: [Help] Need Help with Registration PHP File
I am pretty new to PHP, but someone told me that $_POST isn't quite secure. You shouldn't insert a $_POST right into your database. If you do, people can inject your databse. You should use something like
PHP Code:
mysql_real_escape_string
Correct me if I am wrong. ;)
Re: [Help] Need Help with Registration PHP File
Quote:
Originally Posted by
Galago
I am pretty new to PHP, but someone told me that $_POST isn't quite secure. You shouldn't insert a $_POST right into your database. If you do, people can inject your databse. You should use something like
PHP Code:
mysql_real_escape_string
Correct me if I am wrong. ;)
It's not worth constantly having to clean all your passed data, the easiest method is never to use mysql_ syntax. Always use PDO or MySQLi.
Their prepare functions clean up passed variables for you. It is just as easy as mysql_, if not easier.
Look up PDO (It's what I use - never really tried MySQLi but it's quite similar) and convert something into it to get used to it, then make sure to use it in all your projects and you will be protected from SQL Injections from then on.
All the best,
Richard Komakech.