Problems with php mysql insert values to database

  slimof1812 16:54 PM 11 Jun 09
Locked

Can someone please help a newb. I have this going this far and i need more... plz help

here is the php code for the registration page

?
session_start();
include("database.php");

/**
* Returns true if the username has been taken
* by another user, false otherwise.
*/
function usernameTaken($username){
global $conn;
if(!get_magic_quotes_gpc()){
$username = addslashes($username);
}
$q = "select username from users where username = '$username'";
$result = mysql_query($q,$conn);
return (mysql_numrows($result) > 0);
}

/**
* Inserts the given (username, password) pair
* into the database. Returns true on success,
* false otherwise.
*/
function addNewUser($username, $password){
global $conn;
$q = "INSERT INTO users VALUES ('$username', '$password')";
return mysql_query($q,$conn);
}

/**
* Displays the appropriate message to the user
* after the registration attempt. It displays a
* success or failure status depending on a
* session variable set during registration.
*/
function displayStatus(){
$uname = $_SESSION['reguname'];
if($_SESSION['regresult']){
?>

h1>Registered! /h1>
p>Thank you b> ? echo $uname; ?> /b>, your information has been added to the database, you may now a href="main.php" title="Login">log in /a>. /p>

?
}
else{
?>

h1>Registration Failed /h1>
p>We're sorry, but an error has occurred and your registration for the username b> ? echo $uname; ?> /b>, could not be completed. br>
Please try again at a later time. /p>

?
}
unset($_SESSION['reguname']);
unset($_SESSION['registered']);
unset($_SESSION['regresult']);
}

if(isset($_SESSION['registered'])){
/**
* This is the page that will be displayed after the
* registration has been attempted.
*/
?>

html>
title>Registration Page /title>
body>

? displayStatus(); ?>

/body>
/html>

?
return;
}

/**
* Determines whether or not to show to sign-up form
* based on whether the form has been submitted, if it
* has, check the database for consistency and create
* the new account.
*/
if(isset($_POST['subjoin'])){
/* Make sure all fields were entered */
if(!$_POST['user'] || !$_POST['pass']){
die('You didn\'t fill in a required field.');
}

/* Spruce up username, check length */
$_POST['user'] = trim($_POST['user']);
if(strlen($_POST['user']) > 30){
die("Sorry, the username is longer than 30 characters, please shorten it.");
}

/* Check if username is already in use */
if(usernameTaken($_POST['user'])){
$use = $_POST['user'];
die("Sorry, the username: strong>$use /strong> is already taken, please pick another one.");
}

/* Add the new account to the database */
$md5pass = md5($_POST['pass']);
$_SESSION['reguname'] = $_POST['user'];
$_SESSION['regresult'] = addNewUser($_POST['user'], $md5pass);
$_SESSION['registered'] = true;
echo " meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}
else{
/**
* This is the page with the sign-up form, the names
* of the input fields are important and should not
* be changed.
*/
?>

here is the html code for the register form
*****************


html>
title>Registration Page /title>
body>
h1 align="center">Register /h1>
form action=" ? echo $HTTP_SERVER_VARS['PHP_SELF']; ?>" method="post">
table align="center" border="2" cellspacing="0" cellpadding="0">
tr> td>Username: /td> td> input type="text" name="user" maxlength="30"> /td> /tr>
tr> td>Password: /td> td> input type="password" name="pass" maxlength="30"> /td> /tr>
tr> td colspan="2" align="right"> input type="submit" name="subjoin" value="Register!"> /td> /tr>
/table>







What i want to happen is it to put an email into the database too... plz help me lol

  tobyb121 22:56 PM 11 Jun 09

first of all, alot of the functions you have used are old or deprecated. You will want to fix these before uploading as your script is susceptible to script injection.
I am assuming you have already set up your database with an email field.
You need to make two changes to the php:
1)
function addNewUser($username, $password, $email){
global $conn;
$q = "INSERT INTO users VALUES ('$username', '$password', '$email')";
return mysql_query($q,$conn);
}
2)
/* Add the new account to the database */
$md5pass = md5($_POST['pass']);
$_SESSION['reguname'] = $_POST['user'];
$_SESSION['regresult'] = addNewUser($_POST['user'], $md5pass,$_POST['email']);
$_SESSION['registered'] = true;
echo " meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}
and you will also need to add the input to html:
<input type="text" name="email" maxlength="30">

  slimof1812 20:02 PM 12 Jun 09

that was easy lol thanks

Advertisement

This thread is now locked and can not be replied to.

How to get Windows 10 now: how to download and install Windows 10 even if GWX.exe is missing

1995-2015: How technology has changed the world in 20 years

Nokia rolls out spherical camera for virtual reality apps

7 best iPhone web browser apps: Why Safari for iOS is still a better option than Chrome, Dolphin,…