BarryG
-
Posts
4 -
Joined
-
Last visited
Posts posted by BarryG
-
-
I've managed to fix this by changing:
if (preg_match ('/^[A-Z \'.-]{2,20}$/i', $trimmed['first_name'])) {
to:
if ($trimmed['first_name']) {
(And the same to the last name, email and password sections) . But why does the 'preg_match...' stop the script from running correctly? I'm running PHP 5.2.17 if that makes a difference?
Any ideas?
Thanks,
Barry.
-
Yes, here it is...
<?php # Script 16.6 - register.php
// This is the registration page for the site.
require_once ('includes/config.inc.php');
$page_title = 'Register';
include ('includes/header.html');
if (isset($_POST['submitted'])) { // Handle the form.
require_once (MYSQL);
// Trim all the incoming data:
$trimmed = array_map('trim', $_POST);
// Assume invalid values:
$fn = $ln = $e = $p = FALSE;
// Check for a first name:
if (preg_match ('/^[A-Z \'.-]{2,20}$/i', $trimmed['first_name'])) {
$fn = mysqli_real_escape_string ($dbc, $trimmed['first_name']);
} else {
echo '<p class="error">Please enter your first name!</p>';
}
// Check for a last name:
if (preg_match ('/^[A-Z \'.-]{2,40}$/i', $trimmed['last_name'])) {
$ln = mysqli_real_escape_string ($dbc, $trimmed['last_name']);
} else {
echo '<p class="error">Please enter your last name!</p>';
}
// Check for an email address:
if (preg_match ('/^[\w.-]+@[\w.-]+\.[A-Za-z]{2,6}$/', $trimmed['email'])) {
$e = mysqli_real_escape_string ($dbc, $trimmed['email']);
} else {
echo '<p class="error">Please enter a valid email address!</p>';
}
// Check for a password and match against the confirmed password:
if (preg_match ('/^\w{4,20}$/', $trimmed['password1']) ) {
if ($trimmed['password1'] == $trimmed['password2']) {
$p = mysqli_real_escape_string ($dbc, $trimmed['password1']);
} else {
echo '<p class="error">Your password did not match the confirmed password!</p>';
}
} else {
echo '<p class="error">Please enter a valid password!</p>';
}
if ($fn && $ln && $e && $p) { // If everything's OK...
// Make sure the email address is available:
$q = "SELECT user_id FROM users WHERE email='$e'";
$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
if (mysqli_num_rows($r) == 0) { // Available.
// Create the activation code:
$a = md5(uniqid(rand(), true));
// Add the user to the database:
$q = "INSERT INTO users (email, pass, first_name, last_name, active, registration_date) VALUES ('$e', SHA1('$p'), '$fn', '$ln', '$a', NOW() )";
$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
if (mysqli_affected_rows($dbc) == 1) { // If it ran OK.
// Send the email:
$body = "Thank you for registering at <whatever site>. To activate your account, please click on this link:\n\n";
$body .= BASE_URL . 'activate.php?x=' . urlencode($e) . "&y=$a";
mail($trimmed['email'], 'Registration Confirmation', $body, 'From: admin@sitename.com');
// Finish the page:
echo '<h3>Thank you for registering! A confirmation email has been sent to your address. Please click on the link in that email in order to activate your account.</h3>';
include ('includes/footer.html'); // Include the HTML footer.
exit(); // Stop the page.
} else { // If it did not run OK.
echo '<p class="error">You could not be registered due to a system error. We apologize for any inconvenience.</p>';
}
} else { // The email address is not available.
echo '<p class="error">That email address has already been registered. If you have forgotten your password, use the link at right to have your password sent to you.</p>';
}
} else { // If one of the data tests failed.
echo '<p class="error">Please re-enter your passwords and try again.</p>';
}
mysqli_close($dbc);
} // End of the main Submit conditional.
?>
<h1>Register</h1>
<form action="register.php" method="post">
<fieldset>
<p><b>First Name:</b> <input type="text" name="first_name" size="20" maxlength="20" value="<?php if (isset($trimmed['first_name'])) echo $trimmed['first_name']; ?>" /></p>
<p><b>Last Name:</b> <input type="text" name="last_name" size="20" maxlength="40" value="<?php if (isset($trimmed['last_name'])) echo $trimmed['last_name']; ?>" /></p>
<p><b>Email Address:</b> <input type="text" name="email" size="30" maxlength="80" value="<?php if (isset($trimmed['email'])) echo $trimmed['email']; ?>" /> </p>
<p><b>Password:</b> <input type="password" name="password1" size="20" maxlength="20" /> <small>Use only letters, numbers, and the underscore. Must be between 4 and 20 characters long.</small></p>
<p><b>Confirm Password:</b> <input type="password" name="password2" size="20" maxlength="20" /></p>
</fieldset>
<div align="center"><input type="submit" name="submit" value="Register" /></div>
<input type="hidden" name="submitted" value="TRUE" />
</form>
<?php // Include the HTML footer.
include ('includes/footer.html');
?>
-
Hello,
I've downloaded the scripts from this website and all seem to work fine - except the registration page in Chapter 16.
I've set up the config.inc.php and the mysqli_connect.php correctly and have put the files downloaded into the correct folder layout. I've set up the database with the supplied SQL and checked it is all there on PHPMyAdmin - and it is fine.
register.php loads with no problem, but when I fill in the fields, I get the error messages:
Please enter your first name!
Please enter your last name!
Please re-enter your passwords and try again.
And the form retains the values for first name, last name and email address that I entered. I have not changed anything in the register.php code from the downloaded source so why isn't it working?
Thanks,
Barry.
Getting Order Details Into Confirmation Email
in PHP 6 and MySQL 5 for Dynamic Web Sites: Visual QuickPro Guide (3rd Edition)
Posted
Hello,
I've created the E-Commerce shopping cart using the Chapter 17 example and all works great! The problem I have is on the confirmation page, I can list the completed order items (code below) by querying the orders table in the database, but how do I repeat this to put into the $body of a confirmation email?
I'm guessing it's creating an array, but how do I assign the output of the array (all 'item name and price' results) into one variable to go into the email $body?
Thanks,
Barry.
The section of code is:
// Message to the customer:
echo '<h1>Order Complete</h1>
Thank you, you\'ll shortly receive an email receipt confirming your purchase.
<br><br>
***************************************************************<br>
<b>Order Details:</b><br>
***************************************************************<br><br>
Order Reference: <b>';
echo $orderref;
echo "</b>
<br><br>
<table width=\"600\" align=\"left\">";
$query = "SELECT item_name, price FROM orders";
$result = mysqli_query($dbc, $query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysqli_error($dbc));
while($row = mysqli_fetch_assoc($result)) {
echo "<tr>
<td style=\"border: none\" width=\"250\">{$row['item_name']}</td>
<td align=\"right\" style=\"border: none\" width=\"50\">£{$row['price']}</td>
<td style=\"border: none\" width=\"300\"></td>
</tr>";
$subtotal = array($row['price']);
$total += array_sum($subtotal);
}
echo "
<tr><td colspan=\"3\" style=\"border: none\" width=\"600\"></td></tr>
<tr>
<td style=\"border: none\" width=\"250\"><b>Total</b></td>
<td align=\"right\" style=\"border: none\" width=\"50\"><b>£$total</b></td>
<td style=\"border: none\" width=\"300\"></td>
</tr>
<tr><td colspan=\"3\" style=\"border: none\" width=\"600\"></td></tr>
</table>
***************************************************************<br><br>