0

New Friends! :)

The following is my member registration code as of latest.

ISSUE 1:
I get this error:

Parse error: syntax error, unexpected '_' (T_STRING), expecting ',' or ')' in C:\xampp\htdocs\e_id\register_edited.php on line 10

What is wrong ? I copied the "'images/'_$FILES['avatar']['name']);" from a youtube tutorial on how to create feature for your member site members to upload their images. It was working on my site but not now on my xammp.

ISSUE 2:

Is the following ok or have I got them wrong way round ? I mean the real_escape and the strtolower and the strip_tags. Eg.

$member_registration_username = trim(strip_tags(strtolower(mysqli_real_escape_string($conn,$_POST["member_registration_username"]))));

Any mistakes I made from line 9-22 ?

Question 3:

Looking at my html form, do you spot any errors apart from the <center> outdated tags ? (Will replace them and design with css instead. In the middle of it now).

Question 4:
Should there be 2 equal signs ? Eg. "== 0" (equal to) ? instead of just "=" ?
$member_registration_account_activation = 0;

FULL REG PAGE CODE:

<?php
require "conn.php";
require "site_details.php";

if  (isset($_POST['submit']))
{
    if(!empty($_POST["member_registration_username"]) && !empty($_POST["member_registration_password"])&& !empty($_POST["member_registration_password_confirmation"])&& !empty($_POST["member_registration_email"])&& !empty($_POST["member_registration_email_confirmation"])&& !empty($_POST["member_registration_forename"])&& !empty($_POST["member_registration_surname"]))
    {
        $account_activation_link = "http://www.$site_domain.com/$site-name/activate_account.php?email=$member_registration_email&&member_registration_account_activation_code=$member_registration_account_activation_code";
        $avatar_path = trim(strip_tags(mysqli_real_escape_string($conn,'images/'_$FILES['avatar']['name']);
        $member_registration_account_activation = 0;
        $member_registration_random_numbers = random_int(0, 9999999999);

        $member_registration_username = trim(strip_tags(strtolower(mysqli_real_escape_string($conn,$_POST["member_registration_username"]))));
        $member_registration_password = trim(strip_tags(md5(mysqli_real_escape_string($conn,$_POST["member_registration_password"]))));
        $member_registration_password_confirmation = trim(strip_tags(md5(mysqli_real_escape_string($conn,($_POST["member_registration_password_confirmation"])))));
        $member_registration_forename = trim(strip_tags(mysqli_real_escape_string($conn,$_POST["member_registration_forename"])));
        $member_registration_surname = trim(strip_tags(mysqli_real_escape_string($conn,$_POST["member_registration_surname"])));
        $member_registration_gender = trim(strip_tags(mysqli_real_escape_string($conn,$_POST["member_registration_gender"])));
        $member_registration_email = trim(strip_tags(mysqli_real_escape_string($conn,$_POST["member_registration_email"])));
        $member_registration_email_confirmation = trim(strip_tags(mysqli_real_escape_string($conn,$_POST["member_registration_email_confirmation"]));
        $member_registration_account_activation_code = trim(strip_tags(mysqli_real_escape_string($conn,"$member_registration_random_numbers")));

        if (preg_match("!image!", $_FILES['avatar']['type'])) 
        {       
        //copy image to images/ folder.
            if(copy($_$FILES['avatar']['tmp_name'], $avatar_path)) 
            {           
                $_SESSION['avatar']=$avatar_path;
            }
            else
            {
                $_SESSION['message']= "Image could not be uploaded!";
            }
        else
        {
            $_SESSION['message']= "Only gif, jpeg or png files allowed for your avatar!";
            exit();
        }

        if($_POST["member_registration_email"] != $_POST["member_registration_email_confirmation"])
        {
            $_SESSION['message']= "Your email inputs do not match! Try inputting again and then re-submit.";
            exit();
        }

        if($_POST["member_registration_password_confirmation"] != $_POST["member_registration_password_confirmation"])
        {
            $_SESSION['message']= "Your password inputs do not match! Try inputting again and then re-submit.";
            exit();
        }

        //Check for Username match in users table.  
        $sql = "SELECT * FROM users WHERE Usernames ='".$member_registration_username."'";
        $result = mysqli_query($conn,$sql);
        if(mysqli_num_rows($result)!=0)
        {
            $_SESSION['message']="That Username $member_registration_username is already registered!";
            exit();
        }

        $sql = "SELECT * FROM users WHERE Emails ='".$member_registration_email."'";
        $result = mysqli_query($conn,$sql);
        if(mysqli_num_rows($result)>0)
        {
            $_SESSION['message']="That Email $member_registration_email is already registered!";
            exit();
        }

        $sql = "INSERT INTO users(Usernames,Passwords,Emails,Forenames,Surnames,Genders,Account_Activation_Codes,Account_Activations) VALUES('".$member_registration_username."','".$member_registration_password."','".$member_registration_email."','".$member_registration_forename."','".$member_registration_surname."','".$member_registration_account_activation_code."','".$member_registration_account_activation."')";
        if($sql)
        {
            $_SESSION['message']="Data insertion into table success!";
        }
        else    
        {
            $_SESSION['message']="Data insertion into table failure!";
        }

        $to = "$member_registration_email";
        $subject = "Your $site_name Account Activation!";
        $body = "$member_registration_forename $member_registration_surname,\n\n You need to click the following link to confirm your email address and activate your account.\n\n\
        $account_activation_link;
        $from = "$site_admin_email";
        $headers = "from: $from";

        mail($to,$subject,$body,$headers);
        $_SESSION['message']="Check your email for further instructions!";
    }
    else
    {
        $_SESSION['message']="You must fill-in all input fields!";
    }
}

?> <!DOCTYPE html> <html> <head> <title><?php $site_name ?> Signup Page</title> <meta charset="utf-8"> </head> <body> <div class = "container"> <form method="post" action=""> <center><h2>Signup Form</h2></center> <div class="form-group"> <center><label>Username:</label> <input type="text" placeholder="Enter a unique Username" name="member_registration_username" required [A-Za-z0-9]></center> </div> <div class="form-group"> <center><label>Password:</label> <input type="password" placeholder="Enter a new Password" name="member_registration_password" required [A-Za-z0-9]></center> </div> <div class="form-group"> <center><label>Repeat Password:</label> <input type="password" placeholder="Repeat a new Password" name="member_registration_password_confirmation" required [A-Za-z0-9]></center> </div> <div class="form-group"> <center><label>First Name:</label> <input type="text" placeholder="Enter your First Name" name="member_registration_forename" required [A-Za-z]></center> </div> <div class="form-group"> <center><label>Surname:</label> <input type="text" placeholder="Enter your Surname" name="member_registration_surname" required [A-Za-z]></center> </div> <div class="form-group"> <center><label>Gender:</label> <input type="radio" name="member_registration_gender" value="male" required>Male<input type="radio" name="member_registration_gender" value="female" required>Female</center> </div> <div class="form-group"> <center><label>Email:</label> <input type="email" placeholder="Enter your Email" name="member_registration_email" required [A-Za-z0-9]></center> </div> <div class="form-group"> <center><label>Repeat Email:</label> <input type="email" placeholder="Repeat your Email" name="member_registration_email_confirmation" required [A-Za-z0-9]></center> </div> <center><button type="submit" class="btn btn-default" name="submit">Register!</button></center> <center><font color="red" size="3"><b>Already have an account ?</b><br><a href="login.php">Login here!</a></font></center> </form> </div> </body> </html>
4
Contributors
5
Replies
43
Views
4 Months
Discussion Span
Last Post by UI
3

I recommend you use filter_input() or filter_input_array() function e.g.

            $args = array(
                'member_registration_username' => array(
                    'filter'    => FILTER_SANITIZE_STRING
                    ),
                'member_registration_password' => array(
                    'filter'    => FILTER_SANITIZE_STRING
                    ),
                'member_registration_password_confirmation' => array(
                    'filter'    => FILTER_SANITIZE_STRING
                    ),
                'member_registration_forename' => array(
                    'filter'    => FILTER_SANITIZE_STRING
                    ),
                'member_registration_surname' => array(
                    'filter'    => FILTER_SANITIZE_STRING
                    ),
                'member_registration_gender' => array(
                    'filter'    => FILTER_SANITIZE_STRING
                    ),
                'member_registration_email' => array(
                    'filter'    => FILTER_VALIDATE_EMAIL
                    ),
                'member_registration_email_confirmation' => array(
                    'filter'    => FILTER_VALIDATE_EMAIL
                    )
                );
            $post = filter_input_array(INPUT_POST, $args);

Edited by AndrisP

0

AndrisP, your English is ok.
Anyway, most beginner php tutorials are in procedural style teaching mysqli.
Intermediate tutorials teach oop and pdo.
I am still a beginner and so do you mind converting your pdo oop style code to mysqli procedural style as that way I would understand it better ?
I would get into pdo and oop later-on when I'm more experienced in php.

Thank You!

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.