Equaling in php

2

2K8 Group

New Member
Messages
90
Reaction score
0
Points
0
I am trying to make sure that when people enter a password and re-type it, it is the same password.

Here is the code:

PHP: 
<html>
<head>
</head>
<body>
<table>
<tr>
<td>Username:</td><td><input name=user></td>
</tr>
<tr>
<td>Password:</td><td><input type="password" name=pass1></td>
</tr>
<tr>
<td>Re-type Password:</td><td><input type="password" name=pass2></td>
</tr>
<tr>
<td></td><td><input type="submit" value="Register"></td>
</tr>
</table>
<?
$pass1=$_GET['pass1'];
$pass2=$_GET['pass2'];
if ($pass1==$pass2){
header("location:validate.php");
}
else{
echo ('The passwords you have entered do not match, please re-type them again');
}
?>
</body>
</html>

When I test it and put different passwords in it sends me to validate.php
 
Last edited:
marshian

marshian

New Member
Messages
526
Reaction score
9
Points
0
That is because you don't send anything, and nothing is always equal to nothing...
You need to use form tags:
PHP: 
<html>
<head>
</head>
<body>
<form method="post" action="thispage.php">
<table>
<tr>
<td>Username:</td><td><input name=user></td>
</tr>
<tr>
<td>Password:</td><td><input type="password" name=pass1></td>
</tr>
<tr>
<td>Re-type Password:</td><td><input type="password" name=pass2></td>
</tr>
<tr>
<td></td><td><input type="submit" value="Register"></td>
</tr>
</table>
</form>
<?
$pass1=$_POST['pass1'];
$pass2=$_POST['pass2'];
if ($pass1==$pass2){
header("location:validate.php");
}
else{
echo ('The passwords you have entered do not match, please re-type them again');
}
?>
</body>
</html>
(change thispage.php to the name of the page you're using)

Note:
Don't send passwords with GET, always use POST if you're sending a password!
 
2

2K8 Group

New Member
Messages
90
Reaction score
0
Points
0
I now get this warning:

Warning: Cannot modify header information - headers already sent by (output started at /home/group2k8/public_html/*****/register.php:5) in /home/group2k8/public_html/****/register.php on line 13
 
W

woiwky

New Member
Messages
390
Reaction score
0
Points
0
You need to move the php code to the top of the file and make sure that there's no output before you send the header. But this also means that you can't echo that message in the same way unless you want it to appear at the top of the page. Try it like this:

PHP: 
<?
$msg = '';
$pass1=$_POST['pass1'];
$pass2=$_POST['pass2'];
if ($pass1==$pass2){
header("location:validate.php");
}
else{
$msg = 'The passwords you have entered do not match, please re-type them again';
}
?>
<html>
<head>
</head>
<body>
<form method="post" action="thispage.php">
<table>
<tr>
<td>Username:</td><td><input name=user></td>
</tr>
<tr>
<td>Password:</td><td><input type="password" name=pass1></td>
</tr>
<tr>
<td>Re-type Password:</td><td><input type="password" name=pass2></td>
</tr>
<tr>
<td></td><td><input type="submit" value="Register"></td>
</tr>
</table>
</form>
<?php echo $msg; ?>
</body>
</html>
 
2

2K8 Group

New Member
Messages
90
Reaction score
0
Points
0
I decided to move the code into a different file and made this code:

PHP: 
<?php

include("config.php");

$table="members";

$user=$_POST['user'];
$pass1=$_POST['pass1'];
$pass2=$_POST['pass2'];
$email1=$_POST['email1'];
$email2=$_POST['email2'];

if ($pass1==$pass2){
$pass3=md5($pass1);
}
else{
echo "<strong>The passwords you have entered do not match, please re-type them again.</strong>";
exit;
}

if ($email1==$email2){
}
else{
echo "<strong>The emails you have entered do not match, please re-type them again.</strong>";
exit;
}

$sql="INSERT INTO $table(email, user, password)VALUES('$email1, $user, $pass3')";
$result=mysql_query($sql);

mysql_close();
?>

Yet when I input the same email it says that the emails are not the same. =S Also how would I check that a user name is not already on the database?
 
leafypiggy

leafypiggy

Manager of Pens and Office Supplies
Staff member
Messages
3,819
Reaction score
163
Points
63
w3schools.com/php/ scroll down to PHP & SQL
 
tnl2k7

tnl2k7

Banned
Messages
3,131
Reaction score
0
Points
0
Example of testing two variables against each other in PHP that came from a form:

Code: 
$var1 = $_POST['var1'];
$var2 = $_POST['var2'];
if($var1 == $var2) {
 do logged in stuff();
} else {
 echo("You're not logged in!");
}

It's only basic, but it should work. Just set $var1 and $var2 to whatever they're called in the form. And as a tip, I find it helps if forms are processed by another PHP page, rather than mixing code and HTML into one file. It's easier to keep track of it all.

-Luke.
 
Last edited:
2

2K8 Group

New Member
Messages
90
Reaction score
0
Points
0
My php problems go on and on! LOL!

PHP: 
<html>
<head>
</head>
<body>
<?php
include ('config.php'); 

if (isset($_POST['submitted'])) {
$errors = array();

if (eregi('^[[:alnum:]\.\'\-]{4,30}$', stripslashes(trim($_POST['username']))) ) {
$username = $_POST['username'];
$username = stripslashes($username);
$username = mysql_real_escape_string($username);
$query = "SELECT username FROM users WHERE username = '$username'";
$result = mysql_query($query);
}
else  {
$errors[] = '<font color="red">The username you have entered is not on our database.</font>';
}

if (isset($_POST['password'])){
$password = $_POST['password'];
$password = stripslashes($password);
$password = mysql_real_escape_string($password);
$query = "SELECT password FROM users WHERE username= '$username' AND password = '$password'";
$result = mysql_query($query);	
}
else {
$errors[] = '<font color="red">The password you have entered does not match the password on our database.</font>';
}

if (empty($errors)) {
session_register("username");
session_register("password"); 
header ("location:index.php");
}
else {  
echo "The following error(s) occured:<br />";
        
foreach ($errors as $msg) {
echo " - <font color=\"red\">$msg</font><br />\n";
}
?>
<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">
<table>
<tr>
<td>Username:</td><td><input type="text" name="username" value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>" size="30" maxlength="30"></td>
</tr>
<tr>
<td>Password:<td><input type="password" name="password"></td>
</tr>
<tr>
<td></td><td><input type="submit" value="Login"><input type="hidden" name="submitted" value="TRUE"></td>
</tr>
</table>
</form>
</body>
</html>

But I get this error:

Parse error: syntax error, unexpected $end in /home/group2k8/public_html/****/login.php on line 59
Click to expand...

Any help?
 
Last edited:
G

gamerdude

New Member
Messages
101
Reaction score
0
Points
0
2K8 Group said:
I decided to move the code into a different file and made this code:

PHP: 
<?php

include("config.php");

$table="members";

$user=$_POST['user'];
$pass1=$_POST['pass1'];
$pass2=$_POST['pass2'];
$email1=$_POST['email1'];
$email2=$_POST['email2'];

if ($pass1==$pass2){
$pass3=md5($pass1);
}
else{
echo "<strong>The passwords you have entered do not match, please re-type them again.</strong>";
exit;
}

if ($email1==$email2){
}
else{
echo "<strong>The emails you have entered do not match, please re-type them again.</strong>";
exit;
}

$sql="INSERT INTO $table(email, user, password)VALUES('$email1, $user, $pass3')";
$result=mysql_query($sql);

mysql_close();
?>
Yet when I input the same email it says that the emails are not the same. =S Also how would I check that a user name is not already on the database?
Click to expand...

That query is very unsafe, escape the data first. Look here. Injection attacks should be taken seriously, as should all user input.
 
2

2K8 Group

New Member
Messages
90
Reaction score
0
Points
0
I have found a new code now I need to match the login system to it. I can if poeple want set up a .zip with all the codes and sql.
 
You must log in or register to reply here.
Top