Jump to content
Forums are read-only ×
Larry Ullman's Book Forums

john.woolley

Members
 View Profile  See their activity

  • Posts

    12

  • Joined

  • Last visited

 Content Type 

Posts posted by john.woolley

    Struggling A Little With Ifs

    in PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (4th Edition)

    Posted

    Update: I fixed it with this line of code (thanks for your help again HartleySAN.

    require ('../includes/mysqli_connect_dating.php'); // connect to the DB
	$errors = array(); // Initialize an error array.
	$ua = $_POST['useralias'];
	$q = "SELECT useralias from USERS where useralias='$ua'";
	$r = mysqli_query($dbc, $q);
	$rowcount = mysqli_num_rows($r);
	
	if ($rowcount == 1) {
		$errors[] = 'That screen name has already been taken';
	}
	
	$em = $_POST['email'];
	$q = "SELECT email from USERS where email='$em'";
	$r = mysqli_query($dbc, $q);
	$rowcount = mysqli_num_rows($r);
	
	if ($rowcount == 1) {
		$errors[] = 'That email address is already in use';
	}

    I basically took the line that if I didn't need to nest the IF statement then I shouldn't, so the script checks to see if the password and screen name are unique. If not then it puts it into errors. 

     

    How does the code look? Is there a more concise way of writing it?

    Struggling A Little With Ifs

    in PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (4th Edition)

    Posted 

    <?

// Check for form submission:
if ($_SERVER['REQUEST_METHOD'] == 'POST') {

	require ('../includes/mysqli_connect_dating.php'); // connect to the DB
	$errors = array(); // Initialize an error array.
	
	/* Check for a useralias name:
	if (empty($_POST['useralias'])) {
		$errors[] = 'You forgot to enter your Screen Name.';
	} elseif {
	
		$ua = $_POST['useralias'];
		$q = "SELECT useralias from USERS where email='$ua'";
		$r = mysqli_query($dbc, $q);
		$row = mysqli_fetch_array($r, MYSQLI_ASSOC);
		    
	 	if ($row) {$errors[] = 'That user alias has already been taken.';}
		
	} else {	    
		$ua = mysqli_real_escape_string($dbc, trim($_POST['useralias']));
	}
	*/
	
	
	if (!empty($_POST['useralias'])) {
			$ua = $_POST['useralias'];
			$q = "SELECT useralias from USERS where email='$ua'";
			$r = mysqli_query($dbc, $q);
			$rowcount=mysqli_num_rows($r);
			
			if ($rowcount > 1) {
				$errors[] = 'That user alias has already been taken.';
			} else {
				$ua = mysqli_real_escape_string($dbc, trim($_POST['useralias']));
			}
	} else {
			$errors[] = 'You forgot to enter your Screen Name.';
	}	
	

	
	
	
	
	
	
	// Check for a first name:
	if (empty($_POST['firstname'])) {
		$errors[] = 'You forgot to enter your first name.';
	} else {
		$fn = mysqli_real_escape_string($dbc, trim($_POST['firstname']));
	}
	// Check for a last name:
	if (empty($_POST['lastname'])) {
		$errors[] = 'You forgot to enter your last name.';
	} else {
		$ln = mysqli_real_escape_string($dbc,trim($_POST['lastname']));
	}
	// Check for an email address:
	if (empty($_POST['email'])) {
		$errors[] = 'You forgot to enter your email address.';
	} else {
		$e = mysqli_real_escape_string($dbc, trim($_POST['email']));
	} 
	// Check for an GENDER:
	if (empty($_POST['gender'])) {
		$errors[] = 'You forgot to enter your Gender.';
	} else {
		$g = mysqli_real_escape_string($dbc, trim($_POST['gender']));
	} 
	//TRY IT THIS WASY
	if ($_POST['udobdate'] == '' && $_POST['udobmonth'] == '' && $_POST['udobyear'] == '') {
		$errors[] = 'You forgot to enter your Date of Birth.';
	} else {
		$udob = $_POST['udobyear'] . '/' . $_POST['udobmonth'] . '/' . $_POST['udobdate'];
		$dob = mysqli_real_escape_string($dbc, $udob);
	}

	// Check for a password and match against the confirmed password:
	if (!empty($_POST['pass1'])) {
		if ($_POST['pass1'] != $_POST['pass2']) {
			$errors[] = 'Your password did not match the confirmed password.';
		} else {
			$p = mysqli_real_escape_string($dbc, trim($_POST['pass1'])); //USE THE ESCAPE PIECE TO SECURE THE USER INPUT
		}
	} else {
		$errors[] = 'You forgot to enter your password.';
	}
	if (empty($errors)) { // If everything's OK.
	
		// Register the user in the database...
		require ('../includes/mysqli_connect_dating.php'); // Connect to the db.
				
		// Make the query:
		$q = "INSERT INTO users (useralias, firstname, lastname, email, gender, dob, password, registration_date) VALUES ('$ua', '$fn', '$ln', '$e', '$g', '$dob', SHA1('$p'), NOW() )";		
		$r = @mysqli_query ($dbc, $q); // Run the query.
		if ($r) { // If it ran OK.

			// Declare the session variable ready for register 2 session and go to the next page ? - Print a message:
			$_SESSION['user'] = $_POST['email'];
			echo '	<h1>Thank you! ' . $_SESSION['user'] . '</h1>
					<p>You are now registered. In Chapter 12 you will actually be able to log in!</p><p><br /></p>';	 
		} else { // If it did not run OK.
	
			// Public message:
			echo '<h1>System Error</h1>
			<p class="error">You could not be registered due to a system error. We apologize for any inconvenience.</p>'; 
	
			// Debugging message:
			echo '<p>' . mysqli_error($dbc) . '<br /><br />Query: ' . $q . '</p>';
				
		} // End of if ($r) IF. 
		mysqli_close($dbc); // Close the database connection.
		// Include the footer and quit the script: 
		exit();
		
	} else { // Report the errors.
		echo '<h1>Error!</h1>
		<p class="error">The following error(s) occurred:<br />';
		foreach ($errors as $msg) { // Print each error.
			echo " - $msg<br />\n";
		}
		echo '</p><p>Please try again.</p><p><br /></p>';
		
	} // End of if (empty($errors)) IF.

} // End of the main Submit conditional.
?>


<h1>Register</h1>
<form action="register.php" method="post">
<fieldset>
<legend>Enter Your Details</legend>
	<p>Screen Name: <input type="text" name="useralias" size="15" maxlength="20" value="<?php if (isset($_POST['useralias'])) echo $_POST['useralias']; ?>" /></p>
	<p>First Name: <input type="text" name="firstname" size="15" maxlength="20" value="<?php if (isset($_POST['firstname'])) echo $_POST['firstname']; ?>" /></p>
	<p>Last Name: <input type="text" name="lastname" size="15" maxlength="40" value="<?php if (isset($_POST['lastname'])) echo $_POST['lastname']; ?>" /></p>
	<p>Email Address: <input type="text" name="email" size="20" maxlength="60" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>"  /> </p>
	<p>Gender: (<input type="radio" name="gender" value="<?php if (isset($_POST['gender'])) echo $_POST['gender']; ?>Male"> Male) (<input type="radio" name="gender" value="<?php if (isset($_POST['gender'])) echo $_POST['gender']; ?>Female"> Female)</p>
	<!--<p>Date of Birth: (DD/MM/YY)<input type="date" name="udob" value="<?php if (isset($_POST['dob'])) echo $_POST['udob']; ?>"/></p> -->
	<p>Date of Birth: (Date) <select name="udobdate"><?php for ($day = 1; $day <=31; $day++) { echo "<option value=\"$day\">$day</option>\n"; } echo '</select>'; ?> (Month) <select name="udobmonth"><option value="01">January</option><option value="02">February</option><option value="03">March</option><option value="04">April</option><option value="05">May</option><option value="06">June</option><option value="07">July</option><option value="08">August</option><option value="09">September</option><option value="10">October</option><option value="11">November</option><option value="12">December</option></select> Year <select name="udobyear"><?php date_default_timezone_set('GMT'); for ($year = DATE(Y); $year >= 1900; $year--) { echo "<option value=\"$year\">$year</option>\n"; } echo '</select>'; ?>
	<p>Password: <input type="password" name="pass1" size="10" maxlength="20" value="<?php if (isset($_POST['pass1'])) echo $_POST['pass1']; ?>"  /></p>
	<p>Confirm Password: <input type="password" name="pass2" size="10" maxlength="20" value="<?php if (isset($_POST['pass2'])) echo $_POST['pass2']; ?>"  /></p>
	<p><input type="reset" name"clear" action"clear" value="clear"/> <input type="submit" name="submit" value="Register" /></p>
</fieldset>
</form>

</body>
</html>

    Here's the whole script for reference. I'm 99.99999% sure I'm doing something wrong with the IF..

    Struggling A Little With Ifs

    in PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (4th Edition)

    Posted 

    if (!empty($_POST['useralias'])) {
		$ua = $_POST['useralias'];
		$q = "SELECT useralias from USERS where email='$ua'";
		$r = mysqli_query($dbc, $q);
		$rowcount=mysqli_num_rows($r);
		
		if ($rowcount > 1) {
			$errors[] = 'That user alias has already been taken.';
		} else {
			$ua = mysqli_real_escape_string($dbc, trim($_POST['useralias']));
		}
} else {
		$errors[] = 'You forgot to enter your Screen Name.';
}

    Like this?

     

    I think the problem is more that the IF function isn't catching it to create the error before the SQL Query tries to write it and then I get the SQL to the screen rather than the output of the $errors[ ] array...

    Struggling A Little With Ifs

    in PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (4th Edition)

    Posted

    Hi guys

     

    So here's what I'm trying to do.

     

    1. Validate a user alias isn't already in use in the database - if it is - add it to errors

    2. Validate if it's empty - if it is add it to errors

    3. If not chuck it write into the database.

    if (!empty($_POST['useralias'])) {
		$ua = $_POST['useralias'];
		$q = "SELECT useralias from USERS where email='$ua'";
		$r = mysqli_query($dbc, $q);
		$row = mysqli_fetch_array($r, MYSQLI_ASSOC);
		
		if ($row) {
			$errors[] = 'That user alias has already been taken.';
		} else {
			$ua = mysqli_real_escape_string($dbc, trim($_POST['useralias']));
		}
} else {
		$errors[] = 'You forgot to enter your Screen Name.';
}

    Does this look about right?

     

    Because when I run the script the error doesn't show if it's a duplicate - but I do get the SQL error telling me it needs to be unique.

    Getting My Head Around Sessions & Cookies - And That Darned Error..

    in PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (4th Edition)

    Posted 


    
<!DOCTYPE html>
    
<html lang="en">
    
<head>
    
	<meta charset="utf-8">
    
	<title></title>
    
	<!--[if lt IE 9]>
    
	<script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
    
	<![endif]-->
    
</head>
    
<body>
    
<?

    
// Check for form submission:
    
session_start();

    
if ($_SERVER['REQUEST_METHOD'] == 'POST') {

    
	require ('../includes/mysqli_connect_dating.php'); // connect to the DB
    
	$errors = array(); // Initialize an error array.

    
	// Check for a useralias name:
    
	if (empty($_POST['useralias'])) {
    
		$errors[] = 'You forgot to enter your Screen Name.';
    
	} else {
    
		$ua = mysqli_real_escape_string($dbc, trim($_POST['useralias']));
    
	}
    
	// Check for a first name:
    
	if (empty($_POST['firstname'])) {
    
		$errors[] = 'You forgot to enter your first name.';
    
	} else {
    
		$fn = mysqli_real_escape_string($dbc, trim($_POST['firstname']));
    
	}
    
	// Check for a last name:
    
	if (empty($_POST['lastname'])) {
    
		$errors[] = 'You forgot to enter your last name.';
    
	} else {
    
		$ln = mysqli_real_escape_string($dbc,trim($_POST['lastname']));
    
	}
    
	// Check for an email address:
    
	if (empty($_POST['email'])) {
    
		$errors[] = 'You forgot to enter your email address.';
    
	} else {
    
		$e = mysqli_real_escape_string($dbc, trim($_POST['email']));
    
	} 
    
	// Check for an GENDER:
    
	if (empty($_POST['gender'])) {
    
		$errors[] = 'You forgot to enter your Gender.';
    
	} else {
    
		$g = mysqli_real_escape_string($dbc, trim($_POST['gender']));
    
	} 
    
	//TRY IT THIS WASY
    
	if ($_POST['udobdate'] == '' && $_POST['udobmonth'] == '' && $_POST['udobyear'] == '') {
    
		$errors[] = 'You forgot to enter your Date of Birth.';
    
	} else {
    
		$udob = $_POST['udobyear'] . '/' . $_POST['udobmonth'] . '/' . $_POST['udobdate'];
    
		$dob = mysqli_real_escape_string($dbc, $udob);
    
	}

    
	// Check for a password and match against the confirmed password:
    
	if (!empty($_POST['pass1'])) {
    
		if ($_POST['pass1'] != $_POST['pass2']) {
    
			$errors[] = 'Your password did not match the confirmed password.';
    
		} else {
    
			$p = mysqli_real_escape_string($dbc, trim($_POST['pass1'])); //USE THE ESCAPE PIECE TO SECURE THE USER INPUT
    
		}
    
	} else {
    
		$errors[] = 'You forgot to enter your password.';
    
	}
    
	if (empty($errors)) { // If everything's OK.

    
		// Register the user in the database...



    
		require ('../includes/mysqli_connect_dating.php'); // Connect to the db.

    
		// Make the query:
    
		$_SESSION['useremail'] = $_POST['email'];
    
		$q = "INSERT INTO users (useralias, firstname, lastname, email, gender, dob, password, registration_date) VALUES ('$ua', '$fn', '$ln', '$e', '$g', '$dob', SHA1('$p'), NOW() )";		
    
		$r = @mysqli_query ($dbc, $q); // Run the query.
    
		if ($r) { // If it ran OK.

    
			// Start a session and go to the next page ? - Print a message:
    
			echo '<h1>Thank you! ' . $_SESSION['user_email'] . '</h1>
    
		//<p>You are now registered. In Chapter 12 you will actually be able to log in!</p><p><br /></p>';	

    
		} else { // If it did not run OK.

    
			// Public message:
    
			echo '<h1>System Error</h1>
    
			<p class="error">You could not be registered due to a system error. We apologize for any inconvenience.</p>'; 

    
			// Debugging message:
    
			echo '<p>' . mysqli_error($dbc) . '<br /><br />Query: ' . $q . '</p>';

    
		} // End of if ($r) IF.

    
		mysqli_close($dbc); // Close the database connection.

    
		// Include the footer and quit the script: 
    
		exit();

    
	} else { // Report the errors.

    
		echo '<h1>Error!</h1>
    
		<p class="error">The following error(s) occurred:<br />';
    
		foreach ($errors as $msg) { // Print each error.
    
			echo " - $msg<br />\n";
    
		}
    
		echo '</p><p>Please try again.</p><p><br /></p>';

    
	} // End of if (empty($errors)) IF.

    
} // End of the main Submit conditional.
    
?>


    
<h1>Register</h1>
    
<form action="register.php" method="post">
    
<fieldset>
    
<legend>Enter Your Details</legend>
    
	<p>Screen Name: <input type="text" name="useralias" size="15" maxlength="20" value="<?php if (isset($_POST['useralias'])) echo $_POST['useralias']; ?>" /></p>
    
	<p>First Name: <input type="text" name="firstname" size="15" maxlength="20" value="<?php if (isset($_POST['firstname'])) echo $_POST['firstname']; ?>" /></p>
    
	<p>Last Name: <input type="text" name="lastname" size="15" maxlength="40" value="<?php if (isset($_POST['lastname'])) echo $_POST['lastname']; ?>" /></p>
    
	<p>Email Address: <input type="text" name="email" size="20" maxlength="60" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>"  /> </p>
    
	<p>Gender: (<input type="radio" name="gender" value="<?php if (isset($_POST['gender'])) echo $_POST['gender']; ?>Male"> Male) (<input type="radio" name="gender" value="<?php if (isset($_POST['gender'])) echo $_POST['gender']; ?>Female"> Female)</p>
    
	<!--<p>Date of Birth: (DD/MM/YY)<input type="date" name="udob" value="<?php if (isset($_POST['dob'])) echo $_POST['udob']; ?>"/></p> -->
    
	<p>Date of Birth: (Date) <select name="udobdate"><?php for ($day = 1; $day <=31; $day++) { echo "<option value=\"$day\">$day</option>\n"; } echo '</select>'; ?> (Month) <select name="udobmonth"><option value="01">January</option><option value="02">February</option><option value="03">March</option><option value="04">April</option><option value="05">May</option><option value="06">June</option><option value="07">July</option><option value="08">August</option><option value="09">September</option><option value="10">October</option><option value="11">November</option><option value="12">December</option></select> Year <select name="udobyear"><?php date_default_timezone_set('GMT'); for ($year = DATE(Y); $year >= 1900; $year--) { echo "<option value=\"$year\">$year</option>\n"; } echo '</select>'; ?>
    
	<p>Password: <input type="password" name="pass1" size="10" maxlength="20" value="<?php if (isset($_POST['pass1'])) echo $_POST['pass1']; ?>"  /></p>
    
	<p>Confirm Password: <input type="password" name="pass2" size="10" maxlength="20" value="<?php if (isset($_POST['pass2'])) echo $_POST['pass2']; ?>"  /></p>
    
	<p><input type="reset" name"clear" action"clear" value="clear"/> <input type="submit" name="submit" value="Register" /></p>
    
</fieldset>
    
</form>

    
</body>
    
</html>

    Getting My Head Around Sessions & Cookies - And That Darned Error..

    in PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (4th Edition)

    Posted

    Warning: Cannot modify header information - headers already sent by (output started at ... etc 

    -------

     

    Hi everyone

     

    I think I'm being thick, or not understanding this properly; but I'm modifying the registration script to have a couple of phases. So firstly username, password, email address, then if that's all ok a second page for more information.

     

    Once registration has passed (and the fields are put into the mySQL database) then the second page continues with more info that I can link into the other tables.

     

    Problem is I'm trying to pass the unique email address or the user_ID (don't care at this stage which until I can get it working). I'd like to open a session ideally once the user has submitted the form and the data has been written to the database.

     

    That's when the WARNING comes.

     

    Note - it even does it if it's line 1 of the code.

     

    I am being thick aren't I?

     

    Can someone explain a little further please?

     

    Thanks

     

    Working With Dates Form (Html) To Mysql

    in PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (4th Edition)

    Posted

    Yes thanks I did. I managed to get the code working in the end; but then I figured it was also open to a number of problems. So I created 3 select fields. Date / Month / Year.

     

    Then made this code

    if ($_POST['udobdate'] == '' && $_POST['udobmonth'] == '' && $_POST['udobyear'] == '') {
    $errors[] = 'You forgot to enter your Date of Birth.';
    } else {
    $udob = $_POST['udobyear'] . '/' . $_POST['udobmonth'] . '/' . $_POST['udobdate'];
    $dob = mysqli_real_escape_string($dbc, $udob);
    }
     
     
    That's done the trick. I'll probably refine it a little more but in terms of functionality - works a treat.
     
    Now I'm trying to figure out cookies and sessions that lovely
     
    Warning: Cannot modify header information.
     
    problem.
     
    Even when the cookie is at the top of the page - before any code. Unless of course I'm misunderstanding the book.

    Working With Dates Form (Html) To Mysql

    in PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (4th Edition)

    Posted

    update to this.

     

    I've tried using the php function date_format($STRING IM USING, YY/MM/DD). I get the SQL error that there's also a time stamp expected. 

     

    I've thought about creating three fields on the form. Year, Month, Date - then concatenating the results into a single string to put into the database. That seems to have a long code base though. Firstly, validating that each of those fields isn't empty; is numeric and then finally bundling them all together. 

     

    Would welcome ideas :D

    Working With Dates Form (Html) To Mysql

    in PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (4th Edition)

    Posted

    Hi all

     

    Please excuse the newbie question, but am struggling a little. I'm reading the book and I'm also trying to put the practical lessons into play chapter by chapter into my own project. Hence the question.

     

    I've a form with a 'Date of Birth Field' - now I'm in the UK and the format is DD/MM/YY. In MySQl it's YY/MM/DD right? How do I get it to reverse the date?

     

    Thanks in advance..

×
×
  • Create New...