Jump to content
Killersites Forums

Simple Login Non Oob


devdeepto
 Share

Recommended Posts

Hello Ben,

 

I was using your simple login non OOB version. I tried to add first name and last name in the memmber table. The form valodation works fine. But data is not inserted in the table. Here is the code:

 

HTML:

 

<form action="" method="post">

<div>

<?php if ($error['alert'] != '') {

echo "<div class='alert'>".$error['alert']."</div>"; } ?>

 

<label for="username">Username: *</label>

<input type="text" name="username" value="<?php echo $input['user']; ?>"><div class="error"><?php echo $error['user']; ?></div>

 

<label for="firstname">First Name: *</label>

<input type="text" name="firstname" value="<?php echo $input['first']; ?>"><div class="error"><?php echo $error['first']; ?></div>

 

 

 

PHP: Register.php

<?php

 

/*

* REGISTER.PHP

* Register New Members

*/

 

// start session / load configs

session_start();

include('includes/config.php');

include('includes/db.php');

 

/*

* This section below checking if user is logged in/checking for inactivity

* may be best put in a reusable function so it is easily reused/updated

*/

 

// check that the user is logged in

if (!isset($_SESSION['username']))

{

header("Location: login.php?unauthorized");

}

// check that the user is an admin

else if (!is_admin())

{

header("Location: customers.php");

}

 

// check for inactivity

if (time() > $_SESSION['last_active'] + $config['session_timeout'])

{

// log out user

session_destroy();

header("Location: login.php?timeout");

}

else

{

// update the session variable

$_SESSION['last_active'] = time();

}

 

// form defaults

$error['alert'] = '';

$error['user'] = '';

$error['first'] = '';

$error['email'] = '';

$error['type'] = '';

$error['pass'] = '';

$error['pass2'] = '';

 

$input['user'] = '';

$input['first'] = '';

$input['email'] = '';

$input['type'] = '';

$input['pass'] = '';

$input['pass2'] = '';

 

if (isset($_POST['submit']))

{

$input['user'] = htmlentities($_POST['username'], ENT_QUOTES);

$input['first'] = htmlentities($_POST['firstname'], ENT_QUOTES);

$input['email'] = htmlentities($_POST['email'], ENT_QUOTES);

$input['type'] = htmlentities($_POST['type'], ENT_QUOTES);

$input['pass'] = htmlentities($_POST['password'], ENT_QUOTES);

$input['pass2'] = htmlentities($_POST['password2'], ENT_QUOTES);

 

// create select options

$select = '<option value="">Select an option</option>';

$stmt = $mysqli->prepare("SELECT id, name FROM customerstype");

$stmt->execute();

$stmt->bind_result($id, $name); // for more information, see http://www.php.net/manual/en/mysqli-stmt.bind-result.php

while ($stmt->fetch())

{

$select .= "<option value='" . $id . "'";

if ($input['type'] == $id) { $select .= "selected='selected'"; }

$select .= ">" . $name . "</option>";

}

$stmt->close();

 

// process form

if ($_POST['username'] == '' || $_POST['firstname'] == '' || $_POST['password'] == '' || $_POST['password2'] == '' || $_POST['email'] == '' || $_POST['type'] == '')

{

// both fields need to be filled in

if ($_POST['username'] == '') { $error['user'] = 'required!'; }

if ($_POST['fisrtname'] == '') { $error['first'] = 'required!'; }

if ($_POST['email'] == '') { $error['email'] = 'required!'; }

if ($_POST['type'] == '') { $error['type'] = 'required!'; }

if ($_POST['password'] == '') { $error['pass'] = 'required!'; }

if ($_POST['password2'] == '') { $error['pass2'] = 'required!'; }

$error['alert'] = 'Please fill in required fields!';

 

// show form

include('views/v_register.php');

}

else if ($_POST['password'] != $_POST['password2'])

{

// both password fields need to match

$error['alert'] = 'Password fields must match!';

 

// show form

include('views/v_register.php');

}

else if (!preg_match('/^([0-9a-zA-Z]([-.\w]*[0-9a-zA-Z])*@([0-9a-zA-Z][-\w]*[0-9a-zA-Z]\.)+[a-zA-Z]{2,9})$/', $input['email']))

{

// email is invalid

$error['email'] = "Please enter a valid email!";

 

// display form

include('views/v_register.php');

}

else

{

// check if the email is taken

$check = $mysqli->prepare("SELECT email FROM customers WHERE email = ?");

$check->bind_param("s", $input['email']);

$check->execute();

$check->store_result();

if ($check->num_rows != 0)

{

// email is already in use

$error['alert'] = "This email is already in use. Please choose a different email address.";

$error['email'] = "Please choose a different email address.";

 

// show form

include('views/v_register.php');

exit;

}

 

// check if the username is taken

$check = $mysqli->prepare("SELECT username FROM customers WHERE username = ?");

$check->bind_param("s", $input['user']);

$check->execute();

$check->store_result();

if ($check->num_rows != 0)

{

// username is already in use

$error['alert'] = "This username is already in use. Please choose a different username.";

$error['user'] = "Please choose a different username.";

 

// show form

include('views/v_register.php');

exit;

}

 

// insert into database

if ($stmt = $mysqli->prepare("INSERT customers (username, firstname, email, type, password) VALUES (?,?,?,?,?)"))

{

$stmt->bind_param("ssss", $input['user'], $input['firstname'], $input['email'], $input['type'], md5($input['pass'] . $config['salt']));

$stmt->execute();

$stmt->close();

 

// add alert and clear form values

$error['alert'] = 'Member added successfully!';

$input['user'] = '';

$input['first'] = '';

$input['email'] = '';

$input['type'] = '';

$input['pass'] = '';

$input['pass2'] = '';

 

// show form

include('views/v_register.php');

}

else

{

echo "ERROR: Could not prepare MySQLi statement. in customer insert";

}

}

}

else

{

// create select options

$select = '<option value="">Select an option</option';

$stmt = $mysqli->prepare("SELECT id, name FROM customerstype");

$stmt->execute();

$stmt->bind_result($id, $name);

while ($stmt->fetch())

{

$select .= "<option value='" . $id . "'>" . $name . "</option>";

}

$stmt->close();

 

// show form

include('views/v_register.php');

}

 

// close db connection

$mysqli->close();

 

?>

 

I modified the database by adding another field for first name. I can manually insert the first name but it cannot insert the firstname from the form. Any idea. I am with fatcow.com for webhosting.

 

Thanks,

Mahfuz

Link to comment
Share on other sites

I do notice that in this line:

 

$stmt->bind_param("ssss", $input['user'], $input['firstname'], $input['email'], $input['type'], md5($input['pass'] . $config['salt']));

 

You should have 5 "s"'s as the first parameter, since each "s" (representing the type, in this case a string) must match up with the rest of the parameters used in the function. Since you have five inputs, you need to have the same number of "s"'s.

 

Are you running into any errors?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...