Member Avatar

jtaylor-bye

<?php

	if($_POST){
	$password=$_POST["password"];
	$confirm=$_POST["confirm"];
	if($password != $confirm){ ?>
	
<span style="color:red">Error: Passwords do not match!</span>
<?php   } else {
					$dbhost ="localhost";
					$dbuser ="root";
					$dbpass ="";
					$dbname ="users";
					require_once"/wamp/scripts/config.inc.php";
		$conn =mysql_connect($dbhost,$dbuser,$dbpass)
				or die ("Error connecting to mysql");
				echo mysql_error ();
		mysql_select_db($dbname);
		$query=sprintf("SELECT *FROM users WHERE username ='%s'",
			mysql_real_escape_string($_POST['username']));
		$result=mysql_query($query); 
		if($result){ ?>
<span style="color:red">Error:That username is taken.</span>
<?php		}  else {
				$query= sprintf("INSERT INTO users(username,password) VALUES ('%s','%s');",
					mysql_real_escape_string($_POST["username"]),
					mysql_real_escape_string(md5($password)));
				mysql_query($query); 
				?>
<span style="color:green">Congratulations, you have registered successfully!</span>
<?php
		}
		}
		}
?>
<form method="post" action="Registration.php">
Username: <Input type="text" name="username" /><br />
Password: <Input type="password" name="password" /><br />
Confirm Password: <Input type="Password" name="confirm" /><br />
<Input type="submit" value"Register!" />
</form>

Whenever I run the code I can enter a username and password that don't exist in my database yet it ALWAYS returns the error "Error:That username is taken" and doesn't go any further.

I am teaching myself php and have been following this from a tutorial. It has changed from the tutorial as in the comments the problem I was having before came up many times and he recoded it to the above. I have been doing this for hours now but to no avail. Please help and point out where i'm going wrong in plain english.

Many thanks.

See the problem with this line?

if($result)
Member Avatar

jtaylor-bye

I'm afraid I don't.
If I put a ; after it I get a Parse error a couple of lines down.

Member Avatar

jtaylor-bye

I am really struggling here. I change the line to read

if(!$result) {?>

It then enters the code into the database, yet I can enter the same username and it will still enter it into the database even though its already in. I have read your link above and I think I understand (though probably i'm not).

$result=mysql_query($query); 
if (mysql_num_rows($result) > 0) {

Change as above and also check whether the query is properly defined. To confirm echo all the values ($password, $confirm) to see the value. And more you can do open your phpadmin and run the sql query from your editor and see whether it returning rows.

Member Avatar

jtaylor-bye

Thank you very much.

Why does it always seem so simple when some-one points out the obvious!! (well to you anyway)

Thanks Again.

Why does it always seem so simple when some-one points out the obvious!! (well to you anyway).

More importantly, do you now know WHY you have to do it like that ?

Member Avatar

jtaylor-bye

Is is it this......

$result=mysql_query($query); 
if (mysql_num_rows($result) > 0) {

Line 1 stores the result of the query in $result.
Line 2 counts how many rows are in the query and if there is more than 0 then it cant use the details you entered.

Thats the way i'm thinking anyway.

True, but what I attempting to show you is that mysql_query will return false, only if the query fails with an error. So if the query would not return any results, it still returns a resource, and not false.