[PHP] Using it in forms!

W

War of the Lands

New Member
Messages
11
Reaction score
0
Points
0
Well... Im trying to get my registration/login form to work and as you can guess im not having much luck thats why im here! I use very simple php I know but I want it to work before using the more advance php. What is going wrong is on my active.php it is echoing the error varriable when it should not have been set. So please someone help me! Here is the source code:

PHP: 
<?php
require_once "config.inc.php";
$error="";
$submit=$_POST['submit'];
if($submit) {
     $user=$_POST['user'];
     $code=$_POST['code'];
     $check=mysql_query("SELECT count(*) FROM 'login' WHERE (username = '$user', active = '$code')");
     }
if($check= 1) {
     $result=mysql_query("UPDATE login SET active= '1' WHERE (username = '$user')");
     $error="You account has now been activated, you may now login!<br>";
     }
else {
     $error="You have entered incorrect information. Try again!<br>";  
     } 
?>
<html>
<head>
<title>War of the Lands</title>
<link type="text/css" href="style.css" rel="stylesheet">
</head>
<body>
<script type="text/javascript" src="http://x10hosting.com/adserve.js?corporate"></script>
<h1>Activation:</h1>
<?php echo $error; ?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table>
<tr>
<td>Username :</td><td><input type="text" name="user"></td>
</tr>
<tr>
<td>Activation Code :</td><td><input type="text" name="code"></td>
</tr>
<tr>
<td></td><td><input type="submit" name="submit" value="Activate"></td>
</tr>
</table>
</form>
<br />
Copyright 2008 - War of the Lands
</body>
</html>
 
quantum1

quantum1

New Member
Messages
68
Reaction score
0
Points
0
Your code above will always show "activated" or "incorrect" because you are always setting the $error variable to one or the other. You are checking variable $check and either setting variable $error to one or the other because of the if / else condition. Is this the problem you are seeing?
 
W

War of the Lands

New Member
Messages
11
Reaction score
0
Points
0
Yes... you got it in one so what would be the best way to sort this out. As you can tell I'm pretty new to php. So any help would really be very helpful thanks!
 
dickey

dickey

New Member
Messages
128
Reaction score
0
Points
0
Try this code.
PHP: 
<?php
require_once "config.inc.php";
$error="";
$submit=$_POST['submit'];
if($submit) {
     $user=$_POST['user'];
     $code=$_POST['code'];
     $result=mysql_query("SELECT count(*) FROM 'login' WHERE (username = '$user', active = '$code')");
     }
     $check=mysql_num_rows($result);
     mysql_free_result($result);
if($check= 1) {
     $result=mysql_query("UPDATE login SET active= '1' WHERE (username = '$user')");
     $error="You account has now been activated, you may now login!<br>";
     }
else {
     $error="You have entered incorrect information. Try again!<br>";  
     } 
?>
 
W

War of the Lands

New Member
Messages
11
Reaction score
0
Points
0
That doesnt solve the issue. It still brings up the error varriable. And it is bringing up these mysql warnings:

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/warland/public_html/V1/active.php on line 13

Warning: mysql_free_result(): supplied argument is not a valid MySQL result resource in /home/warland/public_html/V1/active.php on line 14
 
natsuki

natsuki

New Member
Messages
112
Reaction score
0
Points
0
add to it the error check... if you have the $link it would be better though..
PHP: 
<?php
require_once 'config.inc.php';
$error = '';
$submit = $_POST['submit'];
if ($submit) {
     $user = $_POST['user'];
     $code = $_POST['code'];
     $result = mysql_query("SELECT count(*) FROM 'login' WHERE username = '$user' AND active = '$code';");
     if (mysql_errno())
     {
        die('Query failed: ' . mysql_error());
     }
     $check = mysql_num_rows($result);
     mysql_free_result($result);
}
if ($check == 1) {
     $result = mysql_query("UPDATE login SET active = '1' WHERE username = '$user';");
     $error = 'You account has now been activated, you may now login!<br>';
}
else {
     $error = 'You have entered incorrect information. Try again!<br>';  
} 
?>
and it's easier to read code with aligned braces "{"
 
Last edited:
W

War of the Lands

New Member
Messages
11
Reaction score
0
Points
0
OK I still have problems with that but I did some changes to my register.php page to make it more advanced but in trying to do that I have screwed it up! :dunno: Well here is the code and after that I shall explain what is wrong!

PHP: 
<?php

require_once "config.inc.php";

$error="";
$submit=$_POST['submit'];

if(isset($submit)){

if (!$_POST['user'] | !$_POST['pass'] | !$_POST['email'] ) {
     $error="You did not complete all of the required fields";
     }
else {
     $user=$_POST['user'];
     $pass=$_POST['pass'];
     $email=$_POST['email'];
     $result=mysql_query("SELECT username FROM 'login' WHERE username = '$user'")or mysql_error();
     $check = mysql_num_rows($result);
     }
if ($check != 0) {
     $error="'$user' has already been taken please try another username!";
     }
else {
     $pass2=md5($pass);
     $active=rand(); 
     $result= mysql_query("INSERT INTO login (username, password, email, active) VALUES('$user', '$pass2', '$email', '$active')") or mysql_error();  
     
     $to=$email;
     $subject="Activation - War of the Lands";
     $message="Your username: $user \r\n";
     $message.="Your activation code: $active \r\n";
     $message.="Copy this code into the input box on this page: \r\n";
     $message.="http://www.warofthelands.x10hosting.com/V1/active.php";
     $header="From: no-reply@warofthelands.x10hosting.com";
  
     mail($to, $subject, $message, $header);
     header('location:regConfirm.php');
     exit;
     }
     }
?>
<html>
<head>
<title>War of the Lands</title>
<link type="text/css" href="style.css" rel="stylesheet">
</head>
<body>
<script type="text/javascript" src="http://x10hosting.com/adserve.js?corporate"></script>
<h1>Register:</h1><br />
<?php echo $error; ?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table>
<tr>
<td>Username :</td><td><input type="text" name="user"></td>
</tr>
<tr>
<td>Password :</td><td><input type="password" name="pass"></td>
</tr>
<tr>
<td>Email :</td><td><input type="text" name="email"></td>
</tr>
<tr>
<td></td><td><input type="submit" name="submit" value="Register"></td>
</tr>
</table>
</form>
<br />
Copyright 2008 - War of the Lands
</body>
</html>

Well my first problem is that if I click register without filling the input boxes in it is ment to bring up an error but it doesn't. When I do enter a name and it is checked to see if it exists I get this Warning:

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/warland/public_html/V1/register.php on line 18

Then it says that the output has already been started to I cannot exicute the header:

Warning: Cannot modify header information - headers already sent by (output started at /home/warland/public_html/V1/register.php:18) in /home/warland/public_html/V1/register.php on line 38

This is really starting to annoy me now but I shall keep going if you people are willing to help. I am learning from my mistakes!
 
xmakina

xmakina

New Member
Messages
264
Reaction score
0
Points
0
Okay. Your problem is *somewhere* in your SQL statement. That means we're pretty much unable to help you because we'd need to know the layout of your database.

So; make your app echo your SQL statement before processing. Look in the echod string for any obvious SQL errors. If you can see one, drop it into phpMyAdmin's SQL block and see what error it returns.
 
quantum1

quantum1

New Member
Messages
68
Reaction score
0
Points
0
Well...this may be an issue...

In your SQL statement you have:

SELECT username FROM 'login'

Should the 'login' be in quotes? Quotes are needed for the values in the where clause and so forth, but I don't know about the table name itself. Try removing the quotes around 'login' so that it reads:

SELECT username FROM login
 
dickey

dickey

New Member
Messages
128
Reaction score
0
Points
0
PHP: 
if ((!isset($_POST['user'])) || 
    (!isset($_POST['pass'])) || 
    (!isset($_POST['email'])) ) {
    
     $error="You did not complete all of the required fields";
     }
else {
     $user=$_POST['user'];
     $pass=$_POST['pass'];
     $email=$_POST['email'];
     //as the posts above this is suggesting I also suggest that
     //you put your queries in a string to make it manageable.
     $qstring = "SELECT username FROM login //login shouldn't have quotes
                    WHERE username = '$user'"
     echo $qstring;  //to let you have the ability to check your mysql syntax
     $result = mysql_query($qstring) or mysql_error();
     //because you use quotes mysql_errors returns an error number
     $check = mysql_num_rows($result);
     //so mysql_num_rows fires a warning that 
     //$result is not a valid result object
     }

I suggest you try this tips it might solve your problem. I am not sure though.

http://sg2.php.net/manual/en/language.operators.logical.php

this site contains a manual on logical operators.
 
Last edited:
You must log in or register to reply here.
Top