0

I have already completed a form registry and works!!.

Well nearly I have an error which displays this

Warning: extract() expects parameter 1 to be array, null given

Heres the code

<?php
/* Program: Login.php
 * Desc:    Login program for the Members Only section of
 *          the pet store. It provides two options:
 *          (1) login using an existing Login Name and
 *          (2) enter a new login name. Login Names and
 *          passwords are stored in a MySQL database.
 */
 session_start();                                      
 include_once "config.php";                             
 switch (@$_POST['do'])                                
 {
   case "login":    
                                      
     
     $sql = "SELECT LoginName FROM user
             WHERE LoginName='$_POST[fusername]'";     
     $result = mysqli_query($cxn,$sql)
               or die("Couldn't execute query.");      
     $num = mysqli_num_rows($result);                  
     if ($num > 0)  // login name was found            
     {
        $sql = "SELECT LoginName FROM user
                WHERE LoginName='$_POST[fusername]'
                AND password=md5('$_POST[fassword]')";
        $result2 = mysqli_query($cxn,$sql)
                   or die("Couldn't execute query 2.");
        $num2 = mysqli_num_rows($result2);
        if ($num2 > 0)  // password is correct        
        {
           $_SESSION['auth']="yes";                    
           $logname=$_POST['fusername'];
           $_SESSION['logname'] = $logname;            
           $today = date("Y-m-d h:i:s");               
           $sql = "INSERT INTO user (LoginName,CreateDate)
                   VALUES ('$logname','$today')";
           $result = mysqli_query($cxn,$sql)
                     or die("Can't execute insert query 1.");
           header("Location: member_page.php");        
        }
        else    // password is not correct            
        {
           $message="The Login Name, '$_POST[fusername]'
                     exists, but you have not entered the
                     correct password! Please try again.<br>";
           include("login_form.php");                  
        }
     }                                                 
     elseif ($num == 0)  // login name not found       
     {
        $message = "The Login Name you entered does not
                    exist! Please try again.<br>";
        include("login_form.php");
     }
   break;                                             

   case "new":
	  /* Check for blanks */                           
     foreach($_POST as $field => $value)               
     {
        if ($field != "fax")                          
        {
           if ($value == "")                           
           {
              $blanks[] = $field;
           }
        }
     }
     if(isset($blanks))                               
     {
        $message_new = "The following fields are blank.
	            Please enter the required information:  ";
        foreach($blanks as $value)
        {
           $message_new .= "$value, ";
        }
        extract($_POST);
        include("login_form.php");
        exit();
     }

    /* Validate data */
     foreach($_POST as $field => $value)               
     {
        if(!empty($value))                             
        {
           if(eregi("name",$field) and
              !eregi("login",$field))
           {
              if (!ereg("^[A-Za-z' -]{1,50}$",$value))
              {
                 $errors[]="$value is not a valid name.";
              }
           }
           if(eregi("street",$field) or
             eregi("addr",$field) or eregi("city",$field))
           {
              if(!ereg("^[A-Za-z0-9.,' -]{1,50}$",$value))
              {
                 $errors[] = "$value is not a valid
                               address or city.";
              }
           }
           if(eregi("County",$field))
           {
              if(!ereg("[A-Za-z]{2}",$value))
              {
                $errors[]="$value is not a valid state.";
              }
           }
           if(eregi("email",$field))
           {
              if(!ereg("^.+@.+\\..+$",$value))
              {
                 $errors[] = "$value is not a valid
                              email address.";
              }
           }
           /*

           THIS CODE THAT IS COMMENTED OUT IS USED TO VALIDATE THE ZIP CODE!

           if(eregi("zip",$field))
           {
              if(!ereg("^[0-9]{5,5}(\-[0-9]{4,4})?$",
                  $value))
              {
                $errors[]="$value is not a valid
                            zipcode.";
              }
           }
           */
           if(eregi("phone",$field)
              or eregi("fax",$field))
           {
              if(!ereg("^[0-9)(xX -]{7,20}$",$value))
              {
                 $errors[] = "$value is not a valid
                              phone number. ";
              }
           }
        } // end if empty                             
     } // end foreach
     if(@is_array($errors))                           
     {
        $message_new = "";
        foreach($errors as $value)
        {
          $message_new .= $value." Please try
                                   again<br />";
        }
        extract($_POST);
        include("login_form.php");
        exit();
     }

      /* clean data */
     //$cxn = mysqli_connect($host,$user,$passwd,$dbname);

     foreach($_POST as $field => $value)              
     {
        if($field != "Button" and $field != "do")
        {
           if($field == "password")
           {
              $password = strip_tags(trim($value));
           }
           else
           {
              $fields[]=$field;
              $value = strip_tags(trim($value));
              $values[] =
                   mysqli_real_escape_string($cxn,$value);
              $$field = $value;
           }
        }
     }

      /* check whether user name already exists */
     $sql = "SELECT LoginName FROM user
                    WHERE LoginName = '$LoginName'";  
     $result = mysqli_query($cxn,$sql)
               or die("Couldn't execute select query.");
     $num = mysqli_num_rows($result);                 
     if ($num > 0)                                    
     {
        $message_new = "$loginName already used.
                         Select another User Name.";
        include("login_form.php");
        exit();
     }
    /* Add new member to database */
     else                                             
     {
        $today = date("Y-m-d");
        $fields_str = implode(",",$fields);
        $values_str = '"'.implode('","',$values);
        $fields_str .=",createDate";
        $values_str .='"'.",".'"'.$today;
        $fields_str .=",password";
        $values_str .= '"'.","."md5"."('".$password."')";
       
		$sql = '
			INSERT INTO user
			('.$fields_str.')
			VALUES ('.$values_str.');
		';
		
		//print_r($sql);

       $result = mysqli_query($cxn,$sql)
           or die("Couldn't execute insert query 2.");
       

        /* send email to new member                #208
        $emess = "A new Member Account has been setup. ";
        $emess.= "Your new Member ID and password are: ";
        $emess.= "\n\n\t$loginName\n\t$password\n\n";
        $emess.="We appreciate your interest in Pet";
        $emess.= " Store at PetStore.com. \n\n";
        $emess.= "If you have any questions or problems,";
        $emess.= " email webmaster@petstore.com";
        $ehead="From: member-desk@petstore.com\r\n";  #216
        $subj = "Your new Member Account from Pet Store";
        $mailsnd=mail("$email","$subj","$emess","$ehead");
        header("Location: New_member.php");
         *            #219
         */
		 
		 // redirect or result here
		 if($result != false)
		 {
			 $_SESSION['auth']="yes";                     
			 $_SESSION['logname'] = $LoginName;            
			 
			 header('Location: '.$base_url.'new_member.php');
		 }
      }
    break;                                            

    default:                                          
        include("login_form.php");
  }
?>

I have a variable called logname but I don't know how to call this, it needs to save data into the database, do any of you know how to fix the problem giving examples in the code?


Thank you :)

1
Contributor
1
Reply
2
Views
6 Years
Discussion Span
Last Post by Imratzio
This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.