homepage Welcome to WebmasterWorld Guest from 54.237.122.241
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
i can't figure out what the problem with this script is!
problem with a registration page
dontwannabeanoob




msg:4231476
 4:06 pm on Nov 17, 2010 (gmt 0)

well i don't know what to say other than I have an error in this script and i can't find it, if anyone could point me in the right direction, i'd GREATLY appreciate it.

here's is the entire page in case it's somewhere in the top, honestly i'm so frustrated with it i could punch a bunny, or light my computer on fire, thanks in advance

<?php ob_start();?>
<script type="text/javascript">

var _gaq = _gaq || [];
_gaq.push(['_setAccount', 'UA-*******-1']);
_gaq.push(['_setDomainName', '.when-money.com']);
_gaq.push(['_trackPageview']);

(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();

</script>
<?php // Connects to Database
mysql_connect("localhost", "whenmone_****", "*******") or die(mysql_error());
mysql_select_db("whenmone_****") or die(mysql_error());
//This code runs if the form has been submitted
if (isset($_POST['submit'])) {

//This makes sure they did not leave any fields blank
if (!$_POST['username'] | !$_POST['pass'] | !$_POST['pass2'] | !$_POST['artistname'] | !$_POST['payment_email_address'] ) {
die('You did not complete all of the required fields');
}

// checks if the username is in use
if (!get_magic_quotes_gpc()) {
$_POST['username'] = addslashes($_POST['username']);
}
$usercheck = $_POST['username'];
$check = mysql_query("SELECT username FROM users WHERE username = '$usercheck'")
or die(mysql_error());
$check2 = mysql_num_rows($check);

//if the name exists it gives an error
if ($check2 != 0) {
die('Sorry, the username '.$_POST['username'].' is already in use.');
}
// this makes sure both passwords entered match
if ($_POST['pass'] != $_POST['pass2']) {
die('Your passwords did not match. ');
}

// here we encrypt the password and add slashes if needed
$_POST['pass'] = md5($_POST['pass']);
if (!get_magic_quotes_gpc()) {
$_POST['pass'] = addslashes($_POST['pass']);
$_POST['username'] = addslashes($_POST['username']);
}

// now we insert it into the database
$insert = "INSERT INTO users (username, password, artistname, summary, email_address)
VALUES ('".$_POST['username']."', '".$_POST['pass']."','".$_POST['artistname']."','".$_POST['summary']."','".$_POST['influences']."','".$_POST['whyimhere']."','".$_POST['email_address']."')";
$add_member = mysql_query($insert);
?>
<?php }
else { ?>
<link href="styling/when-money.css" rel="stylesheet" type="text/css">

<div class="container">
<div class="header">
<p><a href="http//:www.when-money.com"><img src="images/yellowbanner2raised.jpg" alt=" When Money .com" width="1024" height="150" align="absmiddle" /></a></a><a href="#"><a href="#"></a><a href="#"></a></a></br></br>
<span class="fonter">Username and password are required for all users, if you plan to sell your art be sure to fill out as much artist info as possible, otherwise if you just plan to download and use the art you can leave these fields blank.</span></p>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table border="0">
<tr>
<td align="center">Username:</td>
<td>
<input type="text" name="username" maxlength="60">
</td></tr>
<tr><td align="center">Password:</td><td>
<input type="password" name="pass" maxlength="10">
</td></tr>
<tr><td align="center">Confirm Password:</td><td>
<input type="password" name="pass2" maxlength="10">
</td></tr>
<tr>
<td align="center">Your name as you would like it to apear on you profile</td>
<td>
<input type="text" name="artistname" maxlength="60">
</td></tr>
<tr>
<td align="center">Artist Summary(give a brief description about yourself and your art)</td>
<td><textarea name="summary"></textarea>
</td></tr>
<tr>
<td align="center">Email address you would like to appear on your artist profile for contact</td>
<td><input name="email_address" type="text" value="">
</td>
</tr>
<td align="center">Influences (artists, paintings, cartoons or anything else that has inspired you) </td>
<td><textarea name="influences"></textarea>
</td>
</tr>
<td align="center">Why are you here (if you were to sell, why you joined the site)</td>
<td><textarea name="whyimhere"></textarea>
</td>


<tr align="center"><th colspan=2><input type="submit" name="submit"
value="First Sign in"></th></tr> </table>
</form>
<?php
echo @$REMOTE_ADDR;
?>
<?php
//name of the template file
$tpl_file = "artistprofiletmp2.html";

//path to the directory where the "template.html" file is
$tpl_path = "/home1/whenmone/public_html/members/templates/";

//path to the directory where the auto-generated members pages go
$members_path = "/home1/whenmone/public_html/members/";

$data = array($_POST['username']."', '".$_POST['pass']."','".$_POST['artistname']."','".$_POST['summary']."','".$_POST['influences']."','".$_POST['whyimhere']."','".$_POST['email_address']."'");

//store all of the template placeholders into an array.

$placeholders = array("{artistname}", "{summary}", "{influences}", "{whyimhere}", "{email_address}");


//Get the template.html as a string:
$tpl = file_get_contents($tpl_path.$tpl_file);


//replace the template placeholders with their correspond values.

$new_member_file = str_replace($placeholders, $data, $tpl);

//create a new html file.

$html_file_name = $data['username'].".html";

//write this file to the members directory:

$fp = fopen($members_path.$html_file_name, "w");
fwrite($fp, $new_member_file);
fclose($fp);
?>
<?php ob_end_flush();?>

 

Anyango




msg:4231513
 5:12 pm on Nov 17, 2010 (gmt 0)

But whats the error ? parse error?

Matthew1980




msg:4231669
 10:31 pm on Nov 17, 2010 (gmt 0)

Hi there dontwannabeanoob,

Well there are a few error's there, but as anyango states, what are the error messages that you receive when you run this script? I expect it to be a sql connection error, reason being, your defining the connection, but your not assigning that to a variable to act as a connection handle, so the rest of the script will not be able to access the database because your not referencing a connection within the query function. Having said that though, you could get away with just putting the connection handle in the select DB function, then the rest of the queries can inherit that handle.

Again, there are a few faults in this code, but I don't really want to sit and sift through your code to fix it, if you could post the error messages that you get, (turn on error reporting at the top of the script to see what they are if there are non present) we could be more helpful.

Cheers,
MRb

Readie




msg:4231917
 12:34 pm on Nov 18, 2010 (gmt 0)

Like Matt, I'm unwilling to sit and read through your code for you. Anyways, I'm just correcting Matt (Missed it? :P):

so the rest of the script will not be able to access the database because your not referencing a connection within the query function.


MySQL will fall back on the last opened connection by default if no connection handler is declared. So the above is not actually correct.

Matthew1980




msg:4231929
 1:32 pm on Nov 18, 2010 (gmt 0)

>>MySQL will fall back on the last opened connection by default if no connection handler is declared. So the above is not actually correct.

<?php // Connects to Database
mysql_connect("localhost", "whenmone_****", "*******") or die(mysql_error());
mysql_select_db("whenmone_****") or die(mysql_error());
//This code runs if the form has been submitted

Readie, the defining mysql connection isn't assigned to a variable, therefore there is no way to actually use this newly established connection, it's just sitting there.

Yes, what you say is right, ONLY if there is another connection floating around, but I haven't got time to sift through the posted code.

I was just offering advice, as it was the thing that stuck out to me the most.

Secondly: $_SERVER['PHP_SELF'] Try not to use this, there are know vulnerabilities with this.

Cheers,
MRb

Readie




msg:4232115
 7:22 pm on Nov 18, 2010 (gmt 0)

From php.net mysql_select_db() manual page:
If the link identifier is not specified, the last link opened by mysql_connect() is assumed. If no such link is found, it will try to create one as if mysql_connect() was called with no arguments. If no connection is found or established, an E_WARNING level error is generated.


Perfectly safe not to declare it as a variable :) There's references to coding examples on php.net mysql_connect() manual without declaring it to a variable either.

I do agree with you it is good practice to do so, but it's not required and won't be the source of the issue here :)

dontwannabeanoob




msg:4232340
 1:01 pm on Nov 19, 2010 (gmt 0)

Parse error: syntax error, unexpected $end in /home1/whenmone/public_html/registration2.php on line 156

is the error it prints, which no matter what i take off the bottom of the page it remains so it's not whats on line 156 or 141 or wherever i leave the end it's as though something from the php isn't being closed out, Before i added part of this is was working with the mysql connection as is, could that be causing this? Or is it something else?

Readie




msg:4232700
 1:04 pm on Nov 20, 2010 (gmt 0)

Unexpected $end is one of the most irritating errors you can get. The most common cause is you are missing a closing curly brace ( } ) somewhere.

A quick glance through your code and I saw this:

<?php }
else { ?>
<link href="styling/when-money.css" rel="stylesheet" type="text/css">

But I can't see a closing curly brace for the else anywhere below :)

dontwannabeanoob




msg:4238349
 3:43 pm on Dec 3, 2010 (gmt 0)

THAT WAS IT! Readie You are the man! Most of the other errors mentioned were true and i do need to scrub everything up but being unable to find the answer to this has been killing me! can't say enough good things THANK YOU!

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved