hulp bij register.php formulier
http://www.evolt.org/article/comment/17/60265/index.html
Dit voorbeeld heeft een mysql table genaamd users met:
username varchar(30),
password varchar(32));
Ik heb het script register.php van dit voorbeeld uitgeprobeerd en dit scriptje werkt perfect. Nu dacht ik de simpelste mannier om verder te gaan mijn tabel users (bijvoorbeeld een extra kolom university varchar(100)) aanpassen en de extra methoden in register.php voor de nieuwe tabel vars toevoegen aan de code in register.php. helaas zie ik iets over het hoofd waardoor register.php niet wil werken. Kan iemand mij hierbij helpen ik zie niet wat ik telkens fout doe waardoor register.php mij de foutmelding geeft
Nu dacht ik als ik extra velden wil en. Dit is wat ik van register.php heb proberen te maken
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
<?
session_start();
include("database.php");
/**
* Returns true if the username has been taken
* by another user, false otherwise.
*/
function usernameTaken($username){
global $conn;
if(!get_magic_quotes_gpc()){
$username = addslashes($username);
}
$q = "select username from users where username = '$username'";
$result = mysql_query($q,$conn);
return (mysql_numrows($result) > 0);
}
/**
* Inserts the given (username, password) pair
* into the database. Returns true on success,
* false otherwise.
*/
//function addNewUser($username, $password, $university, $company, $group, $customer_ID, $internal_order_ID, $title, $last_name, $first_name, $street, $city, $country, $email , $phone, $fax){
function addNewUser($username, $password, $university){
global $conn;
//$q = "INSERT INTO users VALUES ('$username', '$password', '$university', '$company', '$group', '$customer_ID', '$internal_order_ID', '$title', '$last_name', '$first_name', '$street', '$city', '$country', '$email' , '$phone', '$fax')";
$q = "INSERT INTO users VALUES ('$username', '$password', '$university')";
return mysql_query($q,$conn);
}
/**
* Displays the appropriate message to the user
* after the registration attempt. It displays a
* success or failure status depending on a
* session variable set during registration.
*/
function displayStatus(){
$uname = $_SESSION['reguname'];
$uniname = $_SESSION['reguniversity'];
if($_SESSION['regresult']){
?>
session_start();
include("database.php");
/**
* Returns true if the username has been taken
* by another user, false otherwise.
*/
function usernameTaken($username){
global $conn;
if(!get_magic_quotes_gpc()){
$username = addslashes($username);
}
$q = "select username from users where username = '$username'";
$result = mysql_query($q,$conn);
return (mysql_numrows($result) > 0);
}
/**
* Inserts the given (username, password) pair
* into the database. Returns true on success,
* false otherwise.
*/
//function addNewUser($username, $password, $university, $company, $group, $customer_ID, $internal_order_ID, $title, $last_name, $first_name, $street, $city, $country, $email , $phone, $fax){
function addNewUser($username, $password, $university){
global $conn;
//$q = "INSERT INTO users VALUES ('$username', '$password', '$university', '$company', '$group', '$customer_ID', '$internal_order_ID', '$title', '$last_name', '$first_name', '$street', '$city', '$country', '$email' , '$phone', '$fax')";
$q = "INSERT INTO users VALUES ('$username', '$password', '$university')";
return mysql_query($q,$conn);
}
/**
* Displays the appropriate message to the user
* after the registration attempt. It displays a
* success or failure status depending on a
* session variable set during registration.
*/
function displayStatus(){
$uname = $_SESSION['reguname'];
$uniname = $_SESSION['reguniversity'];
if($_SESSION['regresult']){
?>
<h1>Registered!</h1>
<p>Thank you <b></b>,From <b></b> your information has been added to the database, you may now <a href="main.php" title="Login">log in</a>.</p>
<h1>Registration Failed</h1>
<p>We're sorry, but an error has occurred and your registration for the username <b></b> from university <b></b>,, could not be completed.<br>
Please try again at a later time.</p>
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
<?
}
unset($_SESSION['reguname']);
unset($_SESSION['reguniversity']) ;
/*
*
unset($_SESSION['regcompany']);
unset($_SESSION['reggroup_building']);
unset($_SESSION['regcustomer_id']);
unset($_SESSION['reginternal_order_number']);
unset($_SESSION['regtitle']);
unset($_SESSION['reglast_name']);
unset($_SESSION['regfirst_name']);
unset($_SESSION['regstreet']);
unset($_SESSION['regzip_code']);
unset($_SESSION['regcity']);
unset($_SESSION['regcountry']);
unset($_SESSION['regemail']);
unset($_SESSION['regphone']);
unset($_SESSION['regfax']);
*/
unset($_SESSION['registered']);
unset($_SESSION['regresult']);
}
if(isset($_SESSION['registered'])){
/**
* This is the page that will be displayed after the
* registration has been attempted.
*/
?>
}
unset($_SESSION['reguname']);
unset($_SESSION['reguniversity']) ;
/*
*
unset($_SESSION['regcompany']);
unset($_SESSION['reggroup_building']);
unset($_SESSION['regcustomer_id']);
unset($_SESSION['reginternal_order_number']);
unset($_SESSION['regtitle']);
unset($_SESSION['reglast_name']);
unset($_SESSION['regfirst_name']);
unset($_SESSION['regstreet']);
unset($_SESSION['regzip_code']);
unset($_SESSION['regcity']);
unset($_SESSION['regcountry']);
unset($_SESSION['regemail']);
unset($_SESSION['regphone']);
unset($_SESSION['regfax']);
*/
unset($_SESSION['registered']);
unset($_SESSION['regresult']);
}
if(isset($_SESSION['registered'])){
/**
* This is the page that will be displayed after the
* registration has been attempted.
*/
?>
<html>
<title>Registration Page</title>
<body>
</body>
</html>
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
<?
return;
}
/**
* Determines whether or not to show to sign-up form
* based on whether the form has been submitted, if it
* has, check the database for consistency and create
* the new account.
*/
if(isset($_POST['subjoin'])){
/* Make sure all fields were entered */
//if(!$_POST['user'] || !$_POST['pass'] ||!$_POST['last_name'] ||!$_POST['first_name'] ||!$_POST['street'] ||!$_POST['zip_code'] ||!$_POST['city'] ||!$_POST['country'] ||!$_POST['email'] ||!$_POST['phone']){
if(!$_POST['user'] || !$_POST['pass'] || !$_POST['uni'] ){
die('You didn\'t fill in a required field.');
}
/* Spruce up username, check length */
$_POST['user'] = trim($_POST['user']);
if(strlen($_POST['user']) > 30){
die("Sorry, the username is longer than 30 characters, please shorten it.");
}
/* Check if username is already in use */
if(usernameTaken($_POST['user'])){
$use = $_POST['user'];
die("Sorry, the username: <strong>$use</strong> is already taken, please pick another one.");
}
/* Add the new account to the database */
$md5pass = md5($_POST['pass']);
$_SESSION['reguname'] = $_POST['user'];
$_SESSION['reguniversity'] = $_POST['uni'];
/*
$_SESSION['regcompany'] = $_POST['company'];
$_SESSION['reggroup_building'] = $_POST['group_building'];
$_SESSION['regcustomer_id'] = $_POST['customer_id'];
$_SESSION['reginternal_order_number'] = $_POST['internal_order_number'];
$_SESSION['regtitle'] = $_POST['title'];
$_SESSION['reglast_name'] = $_POST['last_name'];
$_SESSION['regfirst_name'] = $_POST['first_name'];
$_SESSION['regstreet'] = $_POST['street'];
$_SESSION['regzip_code'] = $_POST['zip_code'];
$_SESSION['regcity'] = $_POST['city'];
$_SESSION['regcountry'] = $_POST['country'];
$_SESSION['regemail'] = $_POST['email'];
$_SESSION['regphone'] = $_POST['phone'];
$_SESSION['regfax'] = $_POST['fax'];
*/
//$_SESSION['regresult'] = addNewUser($_POST['user'], $md5pass);
//$_SESSION['regresult'] = addNewUser($_POST['user'], $md5pass, $_POST['university'],$_POST['company'], $_POST['group_building'],$_POST['customer_id'],$_POST['internal_order_number'],$_POST['title'],$_POST['last_name'],$_POST['first_name'],$_POST['street'],$_POST['zip_code'],$_POST['city'],$_POST['country'],$_POST['city'],$_POST['country'],$_POST['email'],$_POST['phone'],$_POST['fax']);
$_SESSION['regresult'] = addNewUser($_POST['user'], $md5pass, $_POST['uni']);
$_SESSION['registered'] = true;
echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}
else{
/**
* This is the page with the sign-up form, the names
* of the input fields are important and should not
* be changed.
*/
?>
return;
}
/**
* Determines whether or not to show to sign-up form
* based on whether the form has been submitted, if it
* has, check the database for consistency and create
* the new account.
*/
if(isset($_POST['subjoin'])){
/* Make sure all fields were entered */
//if(!$_POST['user'] || !$_POST['pass'] ||!$_POST['last_name'] ||!$_POST['first_name'] ||!$_POST['street'] ||!$_POST['zip_code'] ||!$_POST['city'] ||!$_POST['country'] ||!$_POST['email'] ||!$_POST['phone']){
if(!$_POST['user'] || !$_POST['pass'] || !$_POST['uni'] ){
die('You didn\'t fill in a required field.');
}
/* Spruce up username, check length */
$_POST['user'] = trim($_POST['user']);
if(strlen($_POST['user']) > 30){
die("Sorry, the username is longer than 30 characters, please shorten it.");
}
/* Check if username is already in use */
if(usernameTaken($_POST['user'])){
$use = $_POST['user'];
die("Sorry, the username: <strong>$use</strong> is already taken, please pick another one.");
}
/* Add the new account to the database */
$md5pass = md5($_POST['pass']);
$_SESSION['reguname'] = $_POST['user'];
$_SESSION['reguniversity'] = $_POST['uni'];
/*
$_SESSION['regcompany'] = $_POST['company'];
$_SESSION['reggroup_building'] = $_POST['group_building'];
$_SESSION['regcustomer_id'] = $_POST['customer_id'];
$_SESSION['reginternal_order_number'] = $_POST['internal_order_number'];
$_SESSION['regtitle'] = $_POST['title'];
$_SESSION['reglast_name'] = $_POST['last_name'];
$_SESSION['regfirst_name'] = $_POST['first_name'];
$_SESSION['regstreet'] = $_POST['street'];
$_SESSION['regzip_code'] = $_POST['zip_code'];
$_SESSION['regcity'] = $_POST['city'];
$_SESSION['regcountry'] = $_POST['country'];
$_SESSION['regemail'] = $_POST['email'];
$_SESSION['regphone'] = $_POST['phone'];
$_SESSION['regfax'] = $_POST['fax'];
*/
//$_SESSION['regresult'] = addNewUser($_POST['user'], $md5pass);
//$_SESSION['regresult'] = addNewUser($_POST['user'], $md5pass, $_POST['university'],$_POST['company'], $_POST['group_building'],$_POST['customer_id'],$_POST['internal_order_number'],$_POST['title'],$_POST['last_name'],$_POST['first_name'],$_POST['street'],$_POST['zip_code'],$_POST['city'],$_POST['country'],$_POST['city'],$_POST['country'],$_POST['email'],$_POST['phone'],$_POST['fax']);
$_SESSION['regresult'] = addNewUser($_POST['user'], $md5pass, $_POST['uni']);
$_SESSION['registered'] = true;
echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}
else{
/**
* This is the page with the sign-up form, the names
* of the input fields are important and should not
* be changed.
*/
?>
<html>
<title>Registration Page</title>
<body>
<h1>Register</h1>
<form action="" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username: *</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password: *</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td>University:</td><td><input type="text" name="uni" maxlength="100"></td></tr>
<!--
<tr><td>Company:</td><td><input type="text" name="company" maxlength="100"></td></tr>
<tr><td>Group/Building:</td><td><input type="text" name="group_building" maxlength="100"></td></tr>
<tr><td>Customer-ID:</td><td><input type="text" name="customer_id" maxlength="100"></td></tr>
<tr><td>Internal Order Number:</td><td><input type="text" name="internal_order_number" maxlength="100"></td></tr>
<tr><td>Title:</td><td>Mrs.<input type="radio" name="title" value="Mrs."></td><td>Mr.<input type="radio" name="title" value="Mr."></td></tr>
<tr><td>Last name: *</td><td><input type="text" name="last_name" maxlength="50"></td></tr>
<tr><td>First name: *</td><td><input type="text" name="first_name" maxlength="50"></td></tr>
<tr><td>Street: *</td><td><input type="text" name="street" maxlength="100"></td></tr>
<tr><td>Zip code: *</td><td><input type="text" name="zip_code" maxlength="10"></td></tr>
<tr><td>City: *</td><td><input type="text" name="city" maxlength="10"></td></tr>
<tr><td>Country: *</td><td>
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
<?php
/*
echo '<select name="country" style="background-color: rgb(248, 237, 238);">
<option value=""></option>';
//$conn = mysql_connect("localhost","","")
//$conn = mysql_connect("localhost","_prod","")
$conn = mysql_connect("","","")
or die("Could not connect to the database server: ".mysql_error());
//mysql_select_db("",$conn)
mysql_select_db("bioconnect_products",$conn)
or die("Could not select the database: " . mysql_error());
$res = mysql_query("SELECT printable_name FROM country order by printable_name")
or die("Invalid query: " . mysql_error());
while ($row = mysql_fetch_assoc($res)) {
$coun = $row['printable_name'];
echo "<option value=\"$coun\" name=\"country\">$coun</option>";
}
echo '</select>';
*/
?>
/*
echo '<select name="country" style="background-color: rgb(248, 237, 238);">
<option value=""></option>';
//$conn = mysql_connect("localhost","","")
//$conn = mysql_connect("localhost","_prod","")
$conn = mysql_connect("","","")
or die("Could not connect to the database server: ".mysql_error());
//mysql_select_db("",$conn)
mysql_select_db("bioconnect_products",$conn)
or die("Could not select the database: " . mysql_error());
$res = mysql_query("SELECT printable_name FROM country order by printable_name")
or die("Invalid query: " . mysql_error());
while ($row = mysql_fetch_assoc($res)) {
$coun = $row['printable_name'];
echo "<option value=\"$coun\" name=\"country\">$coun</option>";
}
echo '</select>';
*/
?>
</td></tr>
<tr><td>Email: *</td><td><input type="text" name="email" maxlength="100"></td></tr>
<tr><td>Phone: *</td><td><input type="text" name="phone" maxlength="30"></td></tr>
<tr><td>Fax:</td><td><input type="text" name="fax" maxlength="30"></td></tr>
-->
<tr><td colspan="2" align="right"><input type="submit" name="subjoin" value="Join!"></td></tr>
</table>
</form>
</body>
</html>
Gewijzigd op 01/01/1970 01:00:00 door Malick heuvel
Tip: Ga zelf e.e.a. schrijven en beschouw bovenstaande als een voorbeeld hoe het niet moet.
addslashes() nooit meer gebruiken, gebruik PDO of mysql_real_escape_string() om te escapen. addslashes() verneuken jouw data.
$HTTP_SERVER_VARS bestaat niet, dat mag worden $_SERVER en html in een functie is sterk af te raden, dat is niet te onderhouden.