Member Avatar for azegurb

hi all,
i have registration script that registers user according their user ID. if there more than one user id it returns false and says that this user ID is taken. but if i submit different user ID and the same email address it accepts. how can i do that if both user id and email exists it says that the user id is taken and the email is taken. thanks for attention
here is script

<?php
	//Start session
	session_start();
 include("config/connect.php");
	    
	    $az=new funksiyalar('karyeram');

	
	//Array to store validation errors
	$errmsg_arr = array();
	
	//Validation error flag
	$errflag = false;
	
	//Connect to mysql server
	
	
	//Function to sanitize values received from the form. Prevents SQL injection
	function clean($str) {
		$str = @trim($str);
		if(get_magic_quotes_gpc()) {
			$str = stripslashes($str);
		}
		return mysql_real_escape_string($str);
	}
	
	//Sanitize the POST values
	$fname = clean($_POST['fname']);
	$lname = clean($_POST['lname']);
	$login = clean($_POST['login']);
	$password = clean($_POST['password']);
	$email = clean($_POST['email']);
	$cpassword = clean($_POST['cpassword']);
	
	//Input Validations
	if($fname == '') {
		$errmsg_arr[] = 'Name necessary';
		$errflag = true;
	}
	if($lname == '') {
		$errmsg_arr[] = 'Surname is required';
		$errflag = true;
	}
	if($login == '') {
		$errmsg_arr[] = 'Login is required';
		$errflag = true;
	}
	if($password == '') {
		$errmsg_arr[] = 'Password is required';
		$errflag = true;
	}
	if($cpassword == '') {
		$errmsg_arr[] = 'please repeat password';
		$errflag = true;
	}
	if( strcmp($password, $cpassword) != 0 ) {
		$errmsg_arr[] = 'Passwords dont match';
		$errflag = true;
	}
	
	//Check for duplicate login ID
	if($login != '') {
		$qry = "SELECT * FROM members WHERE login='$login'";
				$result = mysql_query($qry);
		//$yeni=mysql_fetch_array($result);
		//$yeni[]
		
		if($result) {
			if(mysql_num_rows($result) > 0) {
				$errmsg_arr[] = 'This login is already taken';
				$errflag = true;
			}
			@mysql_free_result($result);
		
		
				}
		else {
			die("Query failed");
		}
		}
	
	//If there are input validations, redirect back to the registration form
	if($errflag) {
		$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
		session_write_close();
		header("location: register-form.php");
		exit();
	}

	//Create INSERT query
	$qry = "INSERT INTO members(firstname, lastname, login, passwd, password, email) VALUES ('$fname','$lname','$login','".md5($_POST['password'])."','$password','$email')";
	$result = @mysql_query($qry);
	
	//Check whether the query was successful or not
	if($result) {
		header("location: register-success.php");
		exit();
	}else {
		die("Query failed");
	}
?>

Thanks for attention in advance

  • 2 Contributors
  • 4 Replies
  • 129 Views
  • 9 Hours Discussion Span
  • Latest Post Latest Post by azegurb

Recommended Answers

All 4 Replies

Member Avatar for rch1231

Try this on line 64:

$qry = "SELECT * FROM members WHERE login='$login'" or ( email is not null and email = '$email' )";

This will eliminate the empty email addresses (since you don't test for it being filled in) and return a result if login or email match. You will need to change your message to reflect email or login already used.

Member Avatar for azegurb

thank you very much but how can i do that it displays message for email and user ID seperately.

Member Avatar for rch1231

Duplicate the lines from 62 through 82 and change the select to:

$qry = "SELECT * FROM members WHERE email is not null and email = '$email'";

And the error message to:

$errmsg_arr[] = 'email address already in use on another ID';
Member Avatar for azegurb

Thank you very much. You solved my problem

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.