API tools faq
paste
gitlez

YA: Form Registration With Check and Addition to Database WC

gitlez
May 11th, 2012
91
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 4.20 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /* In response to a Yahoo Answer's Question */
  3.  
  4.  
  5. /*    Check if Page has been POSTed to    */
  6. if( $_SERVER['REQUEST_METHOD'] !== 'POST'){
  7.     echo '<h1>Invalid Permission</h1><p>Please Fill out the form first.</p>';
  8.     exit; // Exit the page.
  9. }
  10.  
  11. /*    Functions to help with checks    */
  12. function minLength($str, $len){
  13.     return (strlen($str) >= $len);
  14. }
  15. function maxLength($str, $len){
  16.     return (strlen($str) <= $len);
  17. }
  18. function pvar($name, $mysqlEscape=false){
  19.     // mysql_real_escape_string() helps prevent MySQL injection attacks. Not perfect, but better than nothing.
  20.     $v = (isset($_POST[$name]))? $_POST[$name] : '';
  21.     return ($mysqlEscape)? mysql_real_escape_string(trim($v)) : trim($v);
  22. }
  23. function hasValue(){
  24.     $args = func_get_args();
  25.     foreach($args as $arg){
  26.         if(!isset($args{0})){
  27.             return false;
  28.         }
  29.     }
  30.     return true;
  31. }
  32.  
  33. /*    Connect To the database    */
  34. $connect = mysql_connect("localhost","root","") or die('Internal Error. Couldn\'t connect to database');
  35. mysql_select_db("thorbis", $connect) or die('Internal Error. Could\'t select database'); // Discriptive Error Messages allow you to easily pinpoint causes
  36.  
  37.  
  38. /*    Variable Definitions with the help of pvar() function    */
  39. $fullname = strip_tags(pvar('fullname', true));
  40. $username = strtolower(strip_tags(pvar('username', true))); // Helps to prevent duplicate usernames
  41. $password = strip_tags(pvar('password', true));
  42. $repeatpassword = strip_tags(pvar('repeatpassword', true));
  43. $email = strip_tags(pvar('email', true));
  44. $firstname = pvar('firstname', true);
  45. $lastname = pvar('lastname', true);
  46. $phone = pvar('phone', true);
  47. $address1 = pvar('address1', true);
  48. $address2 = pvar('address2', true);
  49. $country = pvar('counry', true);
  50. $state = pvar('state', true);
  51. $city = pvar('city', true);
  52. $zip = pvar('zip', true);
  53. $date = date("Y-m-d");
  54. $errorMsg = ''; // Will hold any  error messages
  55.  
  56.  
  57.  
  58. /*    Check for Input Values    */
  59. if (!hasValue($fullname, $username, $password, $repeatpassword, $email, $firstname, $lastname, $phone, $address1, $address2, $country, $state, $city, $zip)){
  60.     $errorMsg .= 'All Fields are Required.<br>';
  61. }
  62.  
  63. /*    Check for Existing Username    */
  64. $namecheck = mysql_query("SELECT username FROM users WHERE username='$username' LIMIT 1") or die(mysql_error($connect));
  65. if( mysql_num_rows($namecheck) > 0){
  66.     $errorMsg .= "Username is already Registered! Please select another.<br>";
  67. }
  68.  
  69. /*    Check Passwords Match and Length   */
  70. if( !minLength($password, 6)){ // A maximum length is not needed, as you are hashing the password, which will condense it to 32 characters in length.
  71.     $errorMsg .= 'Password needs to be a minimum of 6 characters in length.<br>';
  72. if ($password !== $repeatpassword){
  73.     $errorMsg .= 'Password and Confirmation Password DO NOT MATCH.<br>';
  74. }else{
  75.     $password = md5($password); // Although I would suggest using some salt or adding another hash function to the process ex: $password = sha1('#$1a1' . md5($password) . '@1^'); Remember that to compare this password for login, you need to apply the same steps and salt to the user input. A modifyPassword($password) function is the best way to go about this.
  76. }
  77.  
  78. /*    Username Length Checks and Fullname length checks    */
  79. if( !maxLength($username, 25) || !maxLength($fullname, 25)){
  80.     $errorMsg .= "Length of username or fullname is too long!<br>";
  81. }
  82.  
  83.  
  84. /*    Output Error Message, if there is one. Otherwise, register User.    */
  85.  
  86. if( strlen($errorMsg) > 0){
  87.     echo $errorMsg;
  88. }else{
  89.     // Yahoo cut off your query statement, so I couldn't write it properly for you, but you only name the column to which you will be adding data to. You cannot name null columns
  90.     $result = mysql_query( "INSERT INTO users(fullname, username, password,...) VALUES('{$fullname}','{$username}','{$password}',...)");
  91.     if($result){
  92.         echo "You have been registered! <a href='index.php'>click here</a> to go login";
  93.     }else{
  94.         echo 'There has been an Internal Error. Please  Try Again Later. '; // There was a problem with your query statement. Uncomment the next line to help determine the issue
  95.         /*    echo '<br>' . mysql_error($connect);    */
  96.     }
  97. }
  98. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!