Search the Community

Hi Larray and all, I have edited this script to fit my project, which I cut off the first name and last name. I added the username field which looks like this: <form action="" method="post"> <fieldset> <legend>Sign Up </legend> <label>Choose a username</label> <input type="text" name="username" size="20" maxlength="20" value=" <?php if (isset($trimmed['username'])) echo $trimmed['username']; ?>" /> <label>Email</label> <input type = "text" name="email" size="30" maxlength="60" value ="<?php if(isset($trimmed['email'])) echo $trimmed['email']; ?>" /> <label>Select a password</label> <input type="password" name="password1" size="20" maxlength="20" value="<?php if(isset($trimmed['password1'])) echo $trimmed['password1']; ?>" /> <label>Confirm password</label> <input type="password" name="password2" size="20" maxlength="20" value="<?php if(isset($trimmed['password2'])) echo $trimmed['password2']; ?>" /> <input type = "submit" name="submit" value="Sign Up "/> </fieldset> </form> I followed the script 18.6 strickly, plus do the username validation like this (of course, I also initiate the $errors = array(); too: //validate the username if (preg_match('/^\w\S{2,20}$/', $trimmed['username']) ) { $u = mysqli_escape_string($dbc, $trimmed['username']); } else { $errors[] = 'Please enter a username'; } Assume that other variable validations are okay. I code like this: if($u && $e && $p){//OK // Check for unique username and email $q = "SELECT user_id from users where username='$u' AND email='$e'"; $r = mysqli_query($dbc, $q) or die("MySQL error: " . mysqli_error($dbc) . "<hr>\nQuery: $q"); if(mysqli_num_rows($r) == 0 ){ // Create the activation code $a = md5(uniqid(rand(), TRUE)); //Defined variable for language ID $l = $_SESSION['lid']; //retrieved already in the header //Insert into database, table users $q = " INSERT INTO users (lang_id, username, pass, email, active, registration_date) VALUES ('$l','$u', SHA1('$p'), '$e', '$a', NOW() ) "; $r = mysqli_query($dbc, $q) or die("MySQL error: " . mysqli_error($dbc) . "<hr>\nQuery: $q"); if (mysqli_affected_rows($dbc) == 1) { // everything's ok //Send the email: $body = "Thank you for your registration at askpro.com. To activate your account, please click on the link below \n\n"; $body .= BASE_URL. 'activate.php?e='.urlencode($e). "&a=$a"; mail($trimmed['email'], 'Registration Confirmation', $body, 'From: info@website.com'); //Finish the page echo '<h3>Thank you for registering! A confirmation email has been sent to your address. Please click on the link in that email in order to activate your account.</h3>'; include ('includes/footer.html'); // Include the HTML footer. exit(); // Stop the page. } else { $errors[]='You could not be registered due to a system error. We apologize for any inconvenience.'; } }else{ $errors[] = 'either the username or email has already been registered. If you have forgotten your password, use the link above to have your password sent to you.</'; } }else { // If one of the data tests failed. echo 'Error:<br />'; foreach ($errors as $msg) { // Print each error. echo "- $msg <br />"; } $error[] = 'Please try again'; } } The question is that: -/ When I enter value and click the 'sign up' button with the intention that I enter a duplicate email, i.e., email@website.com, it returned error like this: MySQL error: Duplicate entry 'email@website.com ' for key 3 --------------------------------------------------------- Query: SELECT user_id FROM users WHERE (username = 'dsfdsf' AND email = 'e') -/ Then I change the query to: $q = "SELECT user_id from users where username='$u' OR email='$e'"; It returns NO error, but it does not insert anything into the database, and no 'thank you message' is printed. Can you help me to figure this out? Am I doing anything wrong? Thank you. P/S: This is my users table: