PHP RSS PHP RSS

php user registration

Thread Solved

Join Date: Mar 2008
Posts: 76
Reputation: Lensva has a little shameless behaviour in the past 
Solved Threads: 3
Lensva Lensva is offline Offline
Junior Poster in Training

php user registration

 
0
  #1
Jan 12th, 2009
hello gents,
i have two pages: page1.php takes user input, page2.php should process it and then return page1 either error or success messages.
there seem to be an error(s) i cant figure out:
when you fill the form with correct data you get:
PHP Syntax (Toggle Plain Text) 
  1. Warning: Invalid argument supplied for foreach() in C:\Users\admin\Desktop\xampp\xampp\htdocs\examples\user registration\page1.php on line 31
page2 is made of functions to hopefully increase readability;
me being new to php, will probably make a lot of flawed logical decisions, so tips on what to change would be even better than the solution itself;
page1:
php Syntax (Toggle Plain Text) 
  1. <?php session_start();
  2. 		$_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
  3. ?>
  4. <html>
  5. <head>
  6. <title>Untitled Document</title>
  7. 	<style type="text/css">
  8. 	#registration div { 
  9. 		width:150px;
  10. 		height:30px;
  11. 		float:left;}
  12. 	#registration span { 
  13. 		font-size:12px;}
  14. 	br {
  15. 		clear:both;}
  16. 	</style>
  17. </head>
  18. <body>
  19. <form id="registration" action="page2.php" method="post">
  20. <div>Username:</div> <input type="text" maxlength="15" name="username"> <span> 3-15 characters </span> <br>
  21. <div>Password:</div> <input type="password" maxlength="15" name="password"> <span>5-20 characters</span> <br>
  22. <div>Verify password:</div> <input type="password" maxlength="20" name="password_verify"> <br>
  23. <div>E-mail:</div> <input type="text" maxlength="30" name="email"> <span>40 characters max</span> <br>
  24. <input type="reset"> 
  25. <input type="submit" name="submit" value="Register">
  26. <input type="submit" name="delete_session" value="delete session">
  27. </form>
  28. <br>
  29. <?php
  30. 	if( !empty($_SESSION['error_list']) )
  31. 	foreach($_SESSION['error_list'] as $key => $value)
  32. 	echo $value;
  33. ?>
  34. </body>
  35. </html>
page2:
php Syntax (Toggle Plain Text) 
  1. <?php 
  2. 	session_start(); 
  3. 	$error_list = array();
  4. //delete session==========================================================================================	
  5. 	if( isset($_POST['delete_session']) ) 
  6. 	{
  7. 		session_destroy();
  8. 		header('Location:page1.php');
  9. 	}
  10. //validation start===============================================================================	
  11. 	if( parameter_check(&$error_list) )
  12. 	{
  13. 		non_db_username_check(&$error_list);
  14. 		password_check(&$error_list);
  15. 		non_db_email_check(&$error_list);
  16. 		mysql_data_check(&$error_list);
  17. 		$_SESSION['error_list'] = $error_data;
  18. 		header('Location:page1.php');
  19. 	}
  20. 	else 
  21. 	{
  22. 		$_SESSION['error_list'] = $error_list;
  23. 		header('Location:page1.php');
  24. 	}
  25.  
  26. //functions================================================================================================
  27. function parameter_check(&$error_list)
  28. {
  29. 	if( (isset($_POST['submit']) ) &&
  30. 		(!empty($_POST['username']) ) &&
  31. 		(!empty($_POST['password']) ) &&
  32. 		(!empty($_POST['password_verify']) ) &&
  33. 		(!empty($_POST['email']) ) );
  34. 	else 
  35. 	{
  36. 		array_push(&$error_list, "<li>fill in all fields</li>");
  37. 		return false;
  38. 	}
  39. 	return true;
  40. }
  41. //functions================================================================================================
  42. function non_db_username_check(&$error_list)
  43. {
  44. 	$username = $_POST['username'];
  45. //----------------------------------------
  46. 	if( (strlen($username) >= 3) && (strlen($username) <= 15));
  47. 	else 
  48. 		{
  49. 			array_push(&$error_list, "<li>enter 3 - 15 characters username</li>");
  50. 			 return false;
  51. 		}
  52. //----------------------------------------	
  53. 	if( !ereg("^[A-Za-z0-9.-_]$",$username)) 
  54. 		{ 
  55. 			array_push(&$error_list, "<li>invalid characters in username</li>");
  56. 			return false;
  57. 		}
  58. //----------------------------------------
  59. 	return true;
  60. }
  61. //===========================================================================================================
  62. function password_check(&$error_list)
  63. {
  64. 	$password1 = $_POST['password'];
  65. 	$password2 = $_POST['password_verify'];
  66. //----------------------------------------	
  67. 	if( strcmp($password1,$password2) != 0)
  68. 	{
  69. 		array_push(&$error_list, "<li>passwords dont match</li>");
  70. 		return false;
  71. 	}
  72. //----------------------------------------	
  73. 	if( (strlen($password1) >= 5) && (strlen($password1) <= 20));
  74. 	else 
  75. 	{
  76. 		array_push(&$error_list, "<li>enter 3 - 20 characters password</li>");
  77. 		return false;
  78. 	}			
  79. //----------------------------------------
  80. 	return true;
  81. }
  82. //===========================================================================================================
  83. function non_db_email_check(&$error_list)
  84. {
  85. 	$email = $_POST['email'];
  86. //----------------------------------------
  87. 	if( ereg("^[^.] [A-Za-z0-9.-_]{1,20} @ [^@.][A-Za-z0-9.-_]{1,40}$",$email) );
  88. 	else	
  89. 	{
  90. 		array_push(&$error_list, "<li>email is invalid</li>");
  91. 		return false;
  92. 	}
  93. //----------------------------------------
  94. 	return true;
  95. }
  96. //===========================================================================================================
  97. function mysql_data_check(&$error_list)
  98. {
  99. 	if( strlen(&$error_list)>0 )
  100. 	{
  101. 		$_SESSION['error_list'] = &$error_list;
  102. 		header('Location:page1.php');
  103. 		return false;
  104. 	}
  105. //----------------------------------------
  106. 	mysql_connect('localhost','root','root') or die(mysql_error());
  107. 	mysql_select_db('users') or die(mysql_error());
  108.  
  109. 	$safe_username = mysql_real_escape_string($_POST['username']);
  110. 	$safe_email = mysql_real_escape_string($_POST['email']);	
  111.  
  112. 	$query_username = mysql_query("SELECT username WHERE username=\"$safe_username\"");
  113. 	$query_email = mysql_query("SELECT email WHERE email=\"$safe_email\"");
  114. //----------------------------------------		
  115. 	if( mysql_num_rows($query_username) != 0 )
  116. 		array_push(&$error_list, "<li>username already exists</li>");
  117.  
  118. 	if( mysql_num_rows($query_email) !=0 )
  119. 		array_push(&$error_list, "<li>email already exists</li>");
  120.  
  121. 	if( (mysql_num_rows($query_username) || mysql_num_rows($query_email)) !=0 ) return false;
  122. //----------------------------------------	
  123. 	array_push(&$error_data, "registration data correct");
  124. 	return true;		
  125. }		   
  126. //===========================================================================================================	  
  127. ?>
mysql:
php Syntax (Toggle Plain Text) 
  1. <?php
  2. 	mysql_connect('localhost','root','root') or die(mysql_error());
  3. 	mysql_query("CREATE DATABASE users") or die(mysql_error());
  4. 	mysql_select_db('users') or die(mysql_error());
  5.  
  6. 	$user_info = "CREATE TABLE user_info (  user_id INT(5) NOT NULL AUTO_INCREMENT,
  7. 			username VARCHAR(15) NOT NULL UNIQUE,
  8. 			password VARCHAR(20) NOT NULL,
  9. 			mail VARCHAR(40) NOT NULL UNIQUE,
  10. 			ip VARCHAR(15) NOT NULL,
  11. 			activated VARCHAR(1) NOT NULL DEFAULT 0,
  12. 			session_id VARCHAR(32) NOT NULL,
  13. 			PRIMARY KEY(user_id)
  14. 			)";
  15. 	mysql_query($user_info) or die(mysql_error());
  16. ?>
Last edited by Lensva; Jan 12th, 2009 at 8:49 am.
Reply With Quote Quick reply to this message  
Join Date: Jul 2008
Posts: 148
Reputation: mschroeder is on a distinguished road 
Solved Threads: 25
mschroeder mschroeder is offline Offline
Junior Poster

Re: php user registration

 
0
  #2
Jan 12th, 2009
in you functions you add string data to $_SESSION['error_list'] instead of actually making $_SESSION['error_list'] an array of multiple errors.

Then when you call foreach it is not finding an array because one does not exist.

Try adding [] after each place where you add error data to the error_list session value. This will create a numerically indexed array of multiple errors. $_SESSION['error_list'][] = $error_data;
Last edited by mschroeder; Jan 12th, 2009 at 10:10 am.
Reply With Quote Quick reply to this message  
Join Date: Mar 2008
Posts: 76
Reputation: Lensva has a little shameless behaviour in the past 
Solved Threads: 3
Lensva Lensva is offline Offline
Junior Poster in Training

Re: php user registration

 
0
  #3
Jan 12th, 2009
mschroeder,
added the [ ] tags on lines 17 and 101, however now when all data is entered, no matter valid or not, the output on page1 is
PHP Syntax (Toggle Plain Text) 
  1. Array
Reply With Quote Quick reply to this message  
Join Date: Jul 2008
Posts: 148
Reputation: mschroeder is on a distinguished road 
Solved Threads: 25
mschroeder mschroeder is offline Offline
Junior Poster

Re: php user registration

 
0
  #4
Jan 12th, 2009
I wasn't sure what you were doing on line 101 I assumed you were basically looking to see if there was an error and if so you were redirecting to page1 to handle the errors.

In which case you would want to do something like if (!empty( $_SESSION['error_list'] )){ //redirect code }

if you do a print_r($_SESSION['error_list']); what is the structure that is being returned.
Reply With Quote Quick reply to this message  
Join Date: Mar 2008
Posts: 76
Reputation: Lensva has a little shameless behaviour in the past 
Solved Threads: 3
Lensva Lensva is offline Offline
Junior Poster in Training

Re: php user registration

 
0
  #5
Jan 12th, 2009
to make it more clear to you and others,
lines 99-104 check if there are errors in functions
non_db_username_check(&$error_list);
password_check(&$error_list);
non_db_email_check(&$error_list);
so that if there are, there wouldnt be connection to mysql, else it conects;
changed it to
PHP Syntax (Toggle Plain Text) 
  1. function mysql_data_check(&$error_list)
  2. {
  3. 	if( !empty($_SESSION['error_list']) )
  4. 	{
  5. 		$_SESSION['error_list'][] = &$error_list;
  6. 		header('Location:page1.php');
  7. 		return false;
  8. 	}
like you suggested, however the output on page1 is the same

EDIT: ok the output in fact changed, but not for the better, more errors, all coming from the function mysql_data_check(&$error_list)

EDIT EDIT: sample data filled after changed were made:
username: user1; password:user1; password_verify:user2; email: user1
output on page2
PHP Syntax (Toggle Plain Text) 
  1.  
  2. Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\Users\admin\Desktop\xampp\xampp\htdocs\examples\user registration\page2.php on line 115
  3.  
  4. Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\Users\admin\Desktop\xampp\xampp\htdocs\examples\user registration\page2.php on line 118
  5.  
  6. Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\Users\admin\Desktop\xampp\xampp\htdocs\examples\user registration\page2.php on line 121
  7.  
  8. Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\Users\admin\Desktop\xampp\xampp\htdocs\examples\user registration\page2.php on line 121
  9.  
  10. Warning: array_push() [function.array-push]: First argument should be an array in C:\Users\admin\Desktop\xampp\xampp\htdocs\examples\user registration\page2.php on line 123
  11.  
  12. Warning: Cannot modify header information - headers already sent by (output started at C:\Users\admin\Desktop\xampp\xampp\htdocs\examples\user registration\page2.php:115) in C:\Users\admin\Desktop\xampp\xampp\htdocs\examples\user registration\page2.php on line 18
Last edited by Lensva; Jan 12th, 2009 at 11:26 am.
Reply With Quote Quick reply to this message  
Join Date: Mar 2008
Posts: 76
Reputation: Lensva has a little shameless behaviour in the past 
Solved Threads: 3
Lensva Lensva is offline Offline
Junior Poster in Training

Re: php user registration

 
0
  #6
Jan 12th, 2009
===major update===
after fixing a few bugs the situation seems for the much better;
updated version:
php Syntax (Toggle Plain Text) 
  1. <?php 
  2. 	session_start(); 
  3. 	$error_list = array();
  4. //delete session==========================================================================================	
  5. 	if( isset($_POST['delete_session']) ) 
  6. 	{
  7. 		session_destroy();
  8. 		header('Location:page1.php');
  9. 	}
  10. //validation start===============================================================================	
  11. 	if( parameter_check(&$error_list) )
  12. 	{
  13. 		non_db_username_check(&$error_list);
  14. 		password_check(&$error_list);
  15. 		non_db_email_check(&$error_list);
  16. 		mysql_data_check(&$error_list);
  17. 		$_SESSION['error_list'][] = $error_list;
  18. 		header('Location:page1.php');
  19. 	}
  20. 	else 
  21. 	{
  22. 		$_SESSION['error_list'] = $error_list;
  23. 		header('Location:page1.php');
  24. 	}
  25.  
  26. //functions================================================================================================
  27. function parameter_check(&$error_list)
  28. {
  29. 	if( (isset($_POST['submit']) ) &&
  30. 		(!empty($_POST['username']) ) &&
  31. 		(!empty($_POST['password']) ) &&
  32. 		(!empty($_POST['password_verify']) ) &&
  33. 		(!empty($_POST['email']) ) );
  34. 	else 
  35. 	{
  36. 		array_push(&$error_list, "<li>fill in all fields</li>");
  37. 		return false;
  38. 	}
  39. 	return true;
  40. }
  41. //===========================================================================================================
  42. function non_db_username_check(&$error_list)
  43. {
  44. 	$username = $_POST['username'];
  45. //----------------------------------------
  46. 	if( (strlen($username) >= 3) && (strlen($username) <= 15));
  47. 	else 
  48. 		{
  49. 			array_push(&$error_list, "<li>enter 3 - 15 characters username</li>");
  50. 			 return false;
  51. 		}
  52. //----------------------------------------	
  53. 	if( !ereg("^[A-Za-z0-9.-_]$",$username)) 
  54. 		{ 
  55. 			array_push(&$error_list, "<li>invalid characters in username</li>");
  56. 			return false;
  57. 		}
  58. //----------------------------------------
  59. 	return true;
  60. }
  61. //===========================================================================================================
  62. function password_check(&$error_list)
  63. {
  64. 	$password1 = $_POST['password'];
  65. 	$password2 = $_POST['password_verify'];
  66. //----------------------------------------	
  67. 	if( strcmp($password1,$password2) != 0)
  68. 	{
  69. 		array_push(&$error_list, "<li>passwords dont match</li>");
  70. 		return false;
  71. 	}
  72. //----------------------------------------	
  73. 	if( (strlen($password1) >= 5) && (strlen($password1) <= 20));
  74. 	else 
  75. 	{
  76. 		array_push(&$error_list, "<li>enter 3 - 20 characters password</li>");
  77. 		return false;
  78. 	}			
  79. //----------------------------------------
  80. 	return true;
  81. }
  82. //===========================================================================================================
  83. function non_db_email_check(&$error_list)
  84. {
  85. 	$email = $_POST['email'];
  86. //----------------------------------------
  87. 	if( ereg("^[^.] [A-Za-z0-9.-_]{1,20} @ [^@.][A-Za-z0-9.-_]{1,40}$",$email) );
  88. 	else	
  89. 	{
  90. 		array_push(&$error_list, "<li>email is invalid</li>");
  91. 		return false;
  92. 	}
  93. //----------------------------------------
  94. 	return true;
  95. }
  96. //===========================================================================================================
  97. function mysql_data_check(&$error_list)
  98. {
  99. 	if( !empty($_SESSION['error_list']) )
  100. 	{
  101. 		$_SESSION['error_list'][] = &$error_list;
  102. 		header('Location:page1.php');
  103. 		return false;
  104. 	}
  105. //----------------------------------------
  106. 	mysql_connect('localhost','root','root') or die(mysql_error());
  107. 	mysql_select_db('users') or die(mysql_error());
  108.  
  109. 	$safe_username = mysql_real_escape_string($_POST['username']);
  110. 	$safe_email = mysql_real_escape_string($_POST['email']);	
  111.  
  112. 	$query_username = mysql_query("SELECT username FROM user_info WHERE username=\"$safe_username\"") or die(mysql_error());
  113. 	$query_email = mysql_query("SELECT email FROM user_info WHERE email=\"$safe_email\"") or die(mysql_error());
  114. //----------------------------------------		
  115. 	if( mysql_num_rows($query_username) != 0 )
  116. 		array_push(&$error_list, "<li>username already exists</li>");
  117.  
  118. 	if( mysql_num_rows($query_email) !=0 )
  119. 		array_push(&$error_list, "<li>email already exists</li>");
  120.  
  121. 	if( (mysql_num_rows($query_username) || mysql_num_rows($query_email)) !=0 ) return false;
  122. //----------------------------------------	
  123.  	array_push(&$error_list, "registration data correct");
  124.  
  125. 	return true;		
  126. }		   
  127. //===========================================================================================================	  
  128. ?>
page2 seems to be working, however on page1 $_SESSION['error_list'] displays
PHP Syntax (Toggle Plain Text) 
  1. ArrayArray
('Array' number varies) instead of the actual messages. unless the form is submited empty, then everything works
Reply With Quote Quick reply to this message  
Join Date: Jul 2008
Posts: 148
Reputation: mschroeder is on a distinguished road 
Solved Threads: 25
mschroeder mschroeder is offline Offline
Junior Poster

Re: php user registration

 
0
  #7
Jan 12th, 2009
that is because in the mysql_data_check function you are doing this:

$_SESSION['error_list'][] = &$error_list;

which i believe is setting and entry of $_SESSION['error_list'] equal to an array. you don't need the []'s there

Produces:

$_SESSION['error_list'] = array(
1 => array (
1=> 'Error #1';
),
2 => array (
1 => 'Error #1',
2 => 'Error #2'
)
);

The only place you need the []'s is when you do $_SESSION['error_list'][] = $error_data; This way you end up with one array that contains each error message.

Produces:
$_SESSION['error_list'] = array (
1 => 'Error #1',
2 => 'Error #2'
);
Reply With Quote Quick reply to this message  
Join Date: Mar 2008
Posts: 76
Reputation: Lensva has a little shameless behaviour in the past 
Solved Threads: 3
Lensva Lensva is offline Offline
Junior Poster in Training

Re: php user registration

 
0
  #8
Jan 12th, 2009
did as you adviced changed
php Syntax (Toggle Plain Text) 
  1. function mysql_data_check(&$error_list)
  2. {
  3. 	if( !empty($_SESSION['error_list']) )
  4. 	{
  5. 		$_SESSION['error_list'] = &$error_list;
  6. 		header('Location:page1.php');
  7. 		return false;
  8. 	}
and
php Syntax (Toggle Plain Text) 
  1. 		$_SESSION['error_list'][] = $error_list;
seems it helped for the most part, but when i enter all data incorectly it displays:
PHP Syntax (Toggle Plain Text) 
  1. <ul><li>invalid characters in username</li>
  2. <li> passwords dont match</li>
  3. <li> email is invalid</li>
  4. </ul>Array
one last piece of error somewhere i think
Last edited by Lensva; Jan 12th, 2009 at 4:52 pm.
Reply With Quote Quick reply to this message  
Join Date: Jul 2008
Posts: 148
Reputation: mschroeder is on a distinguished road 
Solved Threads: 25
mschroeder mschroeder is offline Offline
Junior Poster

Re: php user registration

 
1
  #9
Jan 12th, 2009
in your parameter_check function
$_SESSION['error_list'][] = $error_list;
Reply With Quote Quick reply to this message  
Join Date: Mar 2008
Posts: 76
Reputation: Lensva has a little shameless behaviour in the past 
Solved Threads: 3
Lensva Lensva is offline Offline
Junior Poster in Training

Re: php user registration

 
0
  #10
Jan 13th, 2009
with the major guidance mschroeder provided i was able to cleanse my code of errors;
case solved - thx again
Reply With Quote Quick reply to this message  
Reply

Quick Reply to Thread
This thread has been marked solved.
Perhaps start a new thread instead?
Message:



Similar Threads
Other Threads in the PHP Forum
Thread Tools Search this Thread



ajax apache api array beginner beneath binary broadband broken button cakephp checkbox class cms code countingeverycharactersfromastring crack cron curl database date decode display dynamic echo email error file files folder form forms function functions google href htaccess html image include insert integration ip java javascript joomla limit link login loop mail match md5 menu mlm multiple mysql mysql_real_escape_string oop paypal pdf php problem protocol query radio random recursion regex remote script search server session sessions sms smtp soap source space sql strip_tags survey syntax system table tutorial undefined update upload url validator variable video virus votedown web window.onbeforeunload=closeme; xml youtube
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC