Coding forum help

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Coding forum help

    hey guys am new here am currently trying to code my own forum but am stuck on the register page....am gonna post the pages and please see if you can help me ok...

    this is the register form page
    ///////////////////////////////////
    PHP Code:
    <?php

    require("con.php");

    echo 
    "<?xml version=\"1.0\" encoding=\"utf-8\"?>";

    echo 
    "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">";

    echo 
    "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">";

    echo 
    "<head>";
        
    echo 
    "<title>Wapmasters World &amp; Portal</title>";
        
    echo 
    "<meta http-equiv=\"content-type\" content=\"text/html;charset=utf-8\" />";
        
    echo
    "<link rel=\"stylesheet\" type=\"text/css\" href=\"style.css\"/>";

    echo 
    "</head>";

    echo 
    "<body>";

    echo 
    "<div align=\"center\" style=\"border:dotted 1px blue\">";

    echo 
    "<br/><small>".date("D, m d Y")."</small>";

    echo 
    "<br/>---<br/>Registration Form - Please Fill out all fields";

    echo 
    "</div>";


    echo 
    "<div>";

    echo 
    "<form method=\"post\" action=\"reg.php\">";

    echo 
    "<br/><br/>Wapmaster name:<br/> <input type=\"text\" name=\"username\" maxlength=\"14\"/><br/>";

    echo 
    "Password:<br/> <input type=\"password\" name=\"password\" maxlength=\"14\"/><br/>";

    echo 
    "Email(valid email): <br/> <input type=\"text\" name=\"email\" maxlenght=\"30\"/><br/>";

    echo 
    "<input type=\"submit\" value=\"Register\">";

    echo 
    "</form>";

    echo 
    "</div>";

    echo 
    "<div align=\"center\">";

    echo 
    "<img src=\"icons/home.gif\" alt\"+\"/> <a href=\"index.php\">[^Home^]</a>";

    echo 
    "</div>";

    echo 
    "<div align=\"center\" style=\"background-color:blue\">";

    echo 
    "© Wapmasters World &amp; Portal 2010 - 2011 All Rigths Reserved";

    echo 
    "</div>";

    echo 
    "</body>";

    ?>
    this is the other page after you have click register
    ///////////////////////////////////////////////////
    PHP Code:
    <?php

    $username 
    $_POST["username"];

    $password $_POST["password"];

    $email $_POST["email"];

    require(
    "con.php");

    echo 
    "<?xml version=\"1.0\" encoding=\"utf-8\"?>";

    echo 
    "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">";

    echo 
    "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">";

    echo 
    "<head>";
        
    echo 
    "<title>Wapmasters World &amp; Portal</title>";
        
    echo 
    "<meta http-equiv=\"content-type\" content=\"text/html;charset=utf-8\" />";
        
    echo
    "<link rel=\"stylesheet\" type=\"text/css\" href=\"style.css\"/>";

    echo 
    "</head>";

    echo 
    "<body>";

    echo 
    "<div align=\"center\" style=\"border:dotted 1px blue\">";

    echo 
    "<br/><small>".date("D, m d Y")."</small><br/>---<br/>";




    $exist mysql_num_rows(mysql_query("SELECT (*) FROM users where username='".$username."'"));


    if (
    $exist 0) {
     print 
    "Username already exist please try again!";

     exit;
    }


    if(empty(
    $username)){

     
    $error "Username Cannot be left empty!<br/>";
    }
    if(
    strlen($username) <4) {

    $error "Username should be 4 - 14 characters<br/>";
    }
    if(
    strlen($password) <4) {

    $error "Password should be 4 - 14 characters<br/>";
    }
    if(
    $error)
    {
      
    echo 
    "<img src=\"icons/notok.gif\"> $error";

    }else{

    echo 
    "<img src=\"icons/ok.gif\"> Registerd Successfully<br/>---<br/>";

    mysql_query("INSERT INTO SET users username = '".$username."', password = '".password."', email = '".$email."'");

    echo 
    "<a href=\"enter.php\" method=\"get\">[^Enter^]</a><br/>";

    echo 
    "</div>";

    echo 
    "<div align=\"center\" style=\"border:dotted 1px blue\">";

    echo 
    "© Wapmasters World & Portal 2010 - 2011 All Rights Reserved";

    echo 
    "</div>";

    }
    echo 
    "</body>";

    ?>
    ////

    Those are the pages first problem its not INSERTING in the sql thats the problem and the codes to show the password and username errors i dont know if they are coded properly please help me thanx!
    Last edited by metulj; 31.12.09, 14:41.

    #2
    PHP Code:
    mysql_query("INSERT INTO SET users username = '".$username."', password = '".password."', email = '".$email."'"); 
    i didnt look at entire code..
    but this part above is surely wrong...
    you just cant use INSERT INTO and SET
    in same query like that...

    use just "INSERT INTO....... table_name....

    and another thing,
    a short advice...

    don't use
    PHP Code:
    $_POST 
    like this
    PHP Code:
    $username $_POST["username"]; 
    as it's totaly unsecure...
    ---------------------------------
    try like this...
    PHP Code:
    @$username mysql_real_escape_string(strip_tags(htmlspecialchars($_POST['username']))); 
    Last edited by metulj; 31.12.09, 14:54.
    It's better to keep your mouth shut and give the impression that you're stupid, than to open it and remove all doubt.
    ⓣⓗⓔ ⓠⓤⓘⓔⓣⓔⓡ ⓨⓞⓤ ⓑⓔ©ⓞⓜⓔ, ⓣⓗⓔ ⓜⓞⓡⓔ ⓨⓞⓤ ⓐⓡⓔ ⓐⓑⓛⓔ ⓣⓞ ⓗⓔⓐⓡ !
    ιη тнєσяу, тнє ρяα¢тι¢є ιѕ α яєѕυℓт σƒ тнє тнєσяу, вυт ιη ρяα¢тι¢є ιѕ тнє σρρσѕιтє.
    キノgんイノ刀g 4 ア乇ムc乇 ノ丂 レノズ乇 キucズノ刀g 4 √ノ尺gノ刀ノイリ!

    Comment


      #3
      so wat must i do with this?

      ////////////////////////////

      mysql_query("INSERT INTO SET users username = '".$username."', password = '".password."', email = '".$email."'");

      Comment


        #4
        mysql_query("INSERT INTO SET users username = '".mysql_real_escape_string(strip_tags($username)) )."', password = '".mysql_real_escape_string(strip_tags(password))) ."', email = '".mysql_real_escape_string(strip_tags($email)))." '");

        $reg = mysql_query("INSERT INTO users SET username='".mysql_escape_string($name)."', pass='".mysql_escape_string($pass)."', birthday='".$year.$month.$day."', sex='".$usex."', location='".mysql_escape_string($uloc)."', email='".mysql_escape_string($email)."', signature='".mysql_escape_string($info)."', regdate='".time()."', ipadd='".getip()."', lastact='".time()."', lastvst='".time()."', onlinetime='0', resetime='".time()."', browserm='".$ubr."'");



        i only add mysql_escape_string

        it muzt be INSERT INTO users SET username blabla . cuz u used insert into set. Thats wrong
        Last edited by metulj; 01.01.10, 08:58.

        Comment


          #5
          still not inserting now its saying password is too short even when its not!

          Comment


            #6
            Originally posted by WereWolveZ View Post
            mysql_query("INSERT INTO SET users username = '".mysql_real_escape_string(strip_tags($username)) )."', password = '".mysql_real_escape_string(strip_tags(password))) ."', email = '".mysql_real_escape_string(strip_tags($email)))." '");

            $reg = mysql_query("INSERT INTO users SET username='".mysql_escape_string($name)."', pass='".mysql_escape_string($pass)."', birthday='".$year.$month.$day."', sex='".$usex."', location='".mysql_escape_string($uloc)."', email='".mysql_escape_string($email)."', signature='".mysql_escape_string($info)."', regdate='".time()."', ipadd='".getip()."', lastact='".time()."', lastvst='".time()."', onlinetime='0', resetime='".time()."', browserm='".$ubr."'");

            i only add mysql_escape_string

            it muzt be INSERT INTO users SET username blabla . cuz u used insert into set. Thats wrong
            WTF you smartassing about ??

            it is just INSERT INTO !
            for example
            PHP Code:
            mysql_query("INSERT INTO table_name (username, passwrod,dateofbirth, ip, browser, etc)
            VALUES ('
            $username', '$password', '$dateofbirth', '$ip', '$browser', '$etc')") or die(mysql_error()); 
            It's better to keep your mouth shut and give the impression that you're stupid, than to open it and remove all doubt.
            ⓣⓗⓔ ⓠⓤⓘⓔⓣⓔⓡ ⓨⓞⓤ ⓑⓔ©ⓞⓜⓔ, ⓣⓗⓔ ⓜⓞⓡⓔ ⓨⓞⓤ ⓐⓡⓔ ⓐⓑⓛⓔ ⓣⓞ ⓗⓔⓐⓡ !
            ιη тнєσяу, тнє ρяα¢тι¢є ιѕ α яєѕυℓт σƒ тнє тнєσяу, вυт ιη ρяα¢тι¢є ιѕ тнє σρρσѕιтє.
            キノgんイノ刀g 4 ア乇ムc乇 ノ丂 レノズ乇 キucズノ刀g 4 √ノ尺gノ刀ノイリ!

            Comment


              #7
              haha critic! metuji! i dont care what u says! d0nt judge me lol! u dont have rights to wr0ng me. if u thnk that all of ur post are working! You are n0t perfect. Just post and teach! n0t to critizice s0meone if u had m0ral. btw! my last post was InSERT into table Set . blabla . ..that he need try lol

              Comment


                #8
                lol well well i figured it out my self so u guys dnt need 2 fight

                Comment


                  #9
                  @$username = mysql_real_escape_string(strip_tags(htmlspecialcha rs($_POST['username'])));
                  Yes thanks metulj I used that when making my chat script.
                  Visit my site

                  Comment

                  Working...
                  X