Jump to content
Larry Ullman's Book Forums

Recommended Posts

Hello,

 

I've downloaded the scripts from this website and all seem to work fine - except the registration page in Chapter 16.

 

I've set up the config.inc.php and the mysqli_connect.php correctly and have put the files downloaded into the correct folder layout. I've set up the database with the supplied SQL and checked it is all there on PHPMyAdmin - and it is fine.

 

register.php loads with no problem, but when I fill in the fields, I get the error messages:

 

 

Please enter your first name!

Please enter your last name!

Please re-enter your passwords and try again.

 

And the form retains the values for first name, last name and email address that I entered. I have not changed anything in the register.php code from the downloaded source so why isn't it working?

 

Thanks,

 

Barry.

Link to comment
Share on other sites

Yes, here it is...

 

<?php # Script 16.6 - register.php

// This is the registration page for the site.

 

require_once ('includes/config.inc.php');

$page_title = 'Register';

include ('includes/header.html');

 

if (isset($_POST['submitted'])) { // Handle the form.

 

require_once (MYSQL);

 

// Trim all the incoming data:

$trimmed = array_map('trim', $_POST);

 

// Assume invalid values:

$fn = $ln = $e = $p = FALSE;

 

// Check for a first name:

if (preg_match ('/^[A-Z \'.-]{2,20}$/i', $trimmed['first_name'])) {

$fn = mysqli_real_escape_string ($dbc, $trimmed['first_name']);

} else {

echo '<p class="error">Please enter your first name!</p>';

}

 

// Check for a last name:

if (preg_match ('/^[A-Z \'.-]{2,40}$/i', $trimmed['last_name'])) {

$ln = mysqli_real_escape_string ($dbc, $trimmed['last_name']);

} else {

echo '<p class="error">Please enter your last name!</p>';

}

 

// Check for an email address:

if (preg_match ('/^[\w.-]+@[\w.-]+\.[A-Za-z]{2,6}$/', $trimmed['email'])) {

$e = mysqli_real_escape_string ($dbc, $trimmed['email']);

} else {

echo '<p class="error">Please enter a valid email address!</p>';

}

 

// Check for a password and match against the confirmed password:

if (preg_match ('/^\w{4,20}$/', $trimmed['password1']) ) {

if ($trimmed['password1'] == $trimmed['password2']) {

$p = mysqli_real_escape_string ($dbc, $trimmed['password1']);

} else {

echo '<p class="error">Your password did not match the confirmed password!</p>';

}

} else {

echo '<p class="error">Please enter a valid password!</p>';

}

 

if ($fn && $ln && $e && $p) { // If everything's OK...

 

// Make sure the email address is available:

$q = "SELECT user_id FROM users WHERE email='$e'";

$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));

 

if (mysqli_num_rows($r) == 0) { // Available.

 

// Create the activation code:

$a = md5(uniqid(rand(), true));

 

// Add the user to the database:

$q = "INSERT INTO users (email, pass, first_name, last_name, active, registration_date) VALUES ('$e', SHA1('$p'), '$fn', '$ln', '$a', NOW() )";

$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));

 

if (mysqli_affected_rows($dbc) == 1) { // If it ran OK.

 

// Send the email:

$body = "Thank you for registering at <whatever site>. To activate your account, please click on this link:\n\n";

$body .= BASE_URL . 'activate.php?x=' . urlencode($e) . "&y=$a";

mail($trimmed['email'], 'Registration Confirmation', $body, 'From: admin@sitename.com');

 

// Finish the page:

echo '<h3>Thank you for registering! A confirmation email has been sent to your address. Please click on the link in that email in order to activate your account.</h3>';

include ('includes/footer.html'); // Include the HTML footer.

exit(); // Stop the page.

 

} else { // If it did not run OK.

echo '<p class="error">You could not be registered due to a system error. We apologize for any inconvenience.</p>';

}

 

} else { // The email address is not available.

echo '<p class="error">That email address has already been registered. If you have forgotten your password, use the link at right to have your password sent to you.</p>';

}

 

} else { // If one of the data tests failed.

echo '<p class="error">Please re-enter your passwords and try again.</p>';

}

 

mysqli_close($dbc);

 

} // End of the main Submit conditional.

?>

 

<h1>Register</h1>

<form action="register.php" method="post">

<fieldset>

 

<p><b>First Name:</b> <input type="text" name="first_name" size="20" maxlength="20" value="<?php if (isset($trimmed['first_name'])) echo $trimmed['first_name']; ?>" /></p>

 

<p><b>Last Name:</b> <input type="text" name="last_name" size="20" maxlength="40" value="<?php if (isset($trimmed['last_name'])) echo $trimmed['last_name']; ?>" /></p>

 

<p><b>Email Address:</b> <input type="text" name="email" size="30" maxlength="80" value="<?php if (isset($trimmed['email'])) echo $trimmed['email']; ?>" /> </p>

 

<p><b>Password:</b> <input type="password" name="password1" size="20" maxlength="20" /> <small>Use only letters, numbers, and the underscore. Must be between 4 and 20 characters long.</small></p>

 

<p><b>Confirm Password:</b> <input type="password" name="password2" size="20" maxlength="20" /></p>

</fieldset>

 

<div align="center"><input type="submit" name="submit" value="Register" /></div>

<input type="hidden" name="submitted" value="TRUE" />

 

</form>

 

<?php // Include the HTML footer.

include ('includes/footer.html');

?>

Link to comment
Share on other sites

I've managed to fix this by changing:

 

if (preg_match ('/^[A-Z \'.-]{2,20}$/i', $trimmed['first_name'])) {

 

to:

 

if ($trimmed['first_name']) {

 

(And the same to the last name, email and password sections) . But why does the 'preg_match...' stop the script from running correctly? I'm running PHP 5.2.17 if that makes a difference?

 

Any ideas?

 

Thanks,

Barry.

Link to comment
Share on other sites

 Share

×
×
  • Create New...