Problems with php mysql insert values to database

  slimof1812 16:54 PM 11 Jun 09
Locked

Can someone please help a newb. I have this going this far and i need more... plz help

here is the php code for the registration page

?
session_start();
include("database.php");

/**
* Returns true if the username has been taken
* by another user, false otherwise.
*/
function usernameTaken($username){
global $conn;
if(!get_magic_quotes_gpc()){
$username = addslashes($username);
}
$q = "select username from users where username = '$username'";
$result = mysql_query($q,$conn);
return (mysql_numrows($result) > 0);
}

/**
* Inserts the given (username, password) pair
* into the database. Returns true on success,
* false otherwise.
*/
function addNewUser($username, $password){
global $conn;
$q = "INSERT INTO users VALUES ('$username', '$password')";
return mysql_query($q,$conn);
}

/**
* Displays the appropriate message to the user
* after the registration attempt. It displays a
* success or failure status depending on a
* session variable set during registration.
*/
function displayStatus(){
$uname = $_SESSION['reguname'];
if($_SESSION['regresult']){
?>

h1>Registered! /h1>
p>Thank you b> ? echo $uname; ?> /b>, your information has been added to the database, you may now a href="main.php" title="Login">log in /a>. /p>

?
}
else{
?>

h1>Registration Failed /h1>
p>We're sorry, but an error has occurred and your registration for the username b> ? echo $uname; ?> /b>, could not be completed. br>
Please try again at a later time. /p>

?
}
unset($_SESSION['reguname']);
unset($_SESSION['registered']);
unset($_SESSION['regresult']);
}

if(isset($_SESSION['registered'])){
/**
* This is the page that will be displayed after the
* registration has been attempted.
*/
?>

html>
title>Registration Page /title>
body>

? displayStatus(); ?>

/body>
/html>

?
return;
}

/**
* Determines whether or not to show to sign-up form
* based on whether the form has been submitted, if it
* has, check the database for consistency and create
* the new account.
*/
if(isset($_POST['subjoin'])){
/* Make sure all fields were entered */
if(!$_POST['user'] || !$_POST['pass']){
die('You didn\'t fill in a required field.');
}

/* Spruce up username, check length */
$_POST['user'] = trim($_POST['user']);
if(strlen($_POST['user']) > 30){
die("Sorry, the username is longer than 30 characters, please shorten it.");
}

/* Check if username is already in use */
if(usernameTaken($_POST['user'])){
$use = $_POST['user'];
die("Sorry, the username: strong>$use /strong> is already taken, please pick another one.");
}

/* Add the new account to the database */
$md5pass = md5($_POST['pass']);
$_SESSION['reguname'] = $_POST['user'];
$_SESSION['regresult'] = addNewUser($_POST['user'], $md5pass);
$_SESSION['registered'] = true;
echo " meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}
else{
/**
* This is the page with the sign-up form, the names
* of the input fields are important and should not
* be changed.
*/
?>

here is the html code for the register form
*****************


html>
title>Registration Page /title>
body>
h1 align="center">Register /h1>
form action=" ? echo $HTTP_SERVER_VARS['PHP_SELF']; ?>" method="post">
table align="center" border="2" cellspacing="0" cellpadding="0">
tr> td>Username: /td> td> input type="text" name="user" maxlength="30"> /td> /tr>
tr> td>Password: /td> td> input type="password" name="pass" maxlength="30"> /td> /tr>
tr> td colspan="2" align="right"> input type="submit" name="subjoin" value="Register!"> /td> /tr>
/table>







What i want to happen is it to put an email into the database too... plz help me lol

  tobyb121 22:56 PM 11 Jun 09

first of all, alot of the functions you have used are old or deprecated. You will want to fix these before uploading as your script is susceptible to script injection.
I am assuming you have already set up your database with an email field.
You need to make two changes to the php:
1)
function addNewUser($username, $password, $email){
global $conn;
$q = "INSERT INTO users VALUES ('$username', '$password', '$email')";
return mysql_query($q,$conn);
}
2)
/* Add the new account to the database */
$md5pass = md5($_POST['pass']);
$_SESSION['reguname'] = $_POST['user'];
$_SESSION['regresult'] = addNewUser($_POST['user'], $md5pass,$_POST['email']);
$_SESSION['registered'] = true;
echo " meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}
and you will also need to add the input to html:
<input type="text" name="email" maxlength="30">

  slimof1812 20:02 PM 12 Jun 09

that was easy lol thanks

Advertisement

This thread is now locked and can not be replied to.

How to watch EA Gamescom 2015 Press Conference live: EA Gamescom live stream - watch EA talk Star…

1995-2015: How technology has changed the world in 20 years

Play the retro 8-bit dating naked adventure game by The Uprising Creative

From Antennagate to Yellowgate: The 10 worst Apple scandals (and why they were blown out of proport)…