Hello all ,

I have created a signup script .. Let me explain what is going wrong.

When i submit the script , it goes back to the form page , (register.php) and at the top in my URL , i see all the variables being displayed .. such as .. /register.php?username=whatever&pass=whatever and so on and so on

Im not really sure what is wrong , i know it is being submitted b/c the variables are being passed to the URL , so that means it has taken action.

I just dont understand why my php script wont process them , why does it keep shooting me back to the register.php page with the variables in the URL window?

My code is clean , easy to read , I will post it below. Just skim through it and see if theirs anything you can notice that would be causing these actions. Thanks ...

<?
######################
// REGISTER.PHP
// REGISTRATION PAGE
######################

// REQUIRE THE HEADER
require_once('header.php');


// START ACCOUNT CREATION

if(isset($_POST['submit'])) {

// assign the values for the variables

$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
$password2 = $_REQUEST['password2'];
$firstname = $_REQUEST['firstname'];
$lastname = $_REQUEST['lastname'];
$email = $_REQUEST['email'];
$email2 = $_REQUEST['email2'];
$dob1 = $_REQUEST['dob1'];
$dob2 = $_REQUEST['dob2'];
$dob3 = $_REQUEST['dob3'];
$status = $_REQUEST['status'];
$sexuality = $_REQUEST['sexuality'];
$ethnicity = $_REQUEST['ethnicity'];
$agree = $_REQUEST['agree'];


// START CHECK OF VALUES

## check to make sure a username was entered
if(!isset($username)) {
	$error = 1;
	$username_html = "You must Choose a Username";
}

## check to make sure the username isnt already taken
$sql = "SELECT `username` FROM `shocc_users` WHERE `username` = '$username'";
$query = mysql_query($sql) or die('Selection of username has failed because' . mysql_error());
$result = mysql_num_rows($query);
if($result) {
	$error = 1;
	$username_html = "Username Already in Use";
}

## check to make sure username is longer then 4 chars
if(strlen($username) < 4) {
	$error = 1;
	$username_html = "Your username Must be between 4 to 16 chars";
}

## check to make sure the username only contains allowed chars
if (!preg_match('/^[a-zA-Z0-9_]{5,}$/',$username)){
	$error = 1;
	$username_html = "Your username contains Invalid Chars";
}

## check to ban profane and vulgar usernames
$bad_words = array('cpixel','mysite','fuck','bitch','whore','cunt','shit');

foreach ($bad_words as $word) {
    if (strpos($signup_username, $word) !== false) {
      $error = 1;
      $username_html = "Username Not Allowed";
   }
}

## check to make sure the password is at least 4 char long
if(strlen($password) < 4){
	$error = 1;
	$pw_html = "Your password Must be at Least 4 Char";
		}

## check to make sure the passwords match
if($password != $password2) {
	$error = 1;
	$pw_html = "Your passwords Must Match";
}

## check to make sure they selected their gender
if(!strlen($gender)){
	$error = 1;
	$gender_html = "You must select Your Gender";
}

## now we are going to validate the email address they used
if(!strlen($email)) {
	$error = 1;
	$email_html = "You must Enter your Email Address";
}

## now we are going to make sure the email they used is real
   $email = $email;
   $regexp = "^([_a-z0-9-]+)(\.[_a-z0-9-]+)*@([a-z0-9-]+)(\.[a-z0-9-]+)*(\.[a-z]{2,4})$";

   // Presume that the email is invalid
   $valid = 0;

   // Validate the syntax
   if (eregi($regexp, $email))
   {
      list($username,$domaintld) = split("@",$email);
      // Validate the domain
      if (getmxrr($domaintld,$mxrecords))
         $valid = 1;
   } else {
      $valid = 0;
   }

if($valid = 0) {
   $error = 1;
   $email_html = "Your email Address is Invalid";
}

## Now lets make sure the email hasnt been used before
$sql2 = "SELECT `email` FROM `shocc_users` WHERE `email` = '$email'";
$query2 = mysql_query($sql2) or die('Selection of Email Failed Because' . mysql_error());
$result2 = mysql_num_rows($query2);
if($result2) {
	$error = 1;
	$email_html = "Email Address Already In Us";
}
// 2 QUERYS so far ;]

## Ok , If they passed all that validation , I guess we can give em an account , lol
if(!isset($error)) {
	$confirm_code = md5($_SERVER['remote_addr'] . time() . date(R));
	$birth_date = date('Ymd', mktime(0, 0, 0, $dob1, $dob2, $dob3));
	// Start Insert of Data into MYSQL
	$sql3 = "
	INSERT into `shocc_users` (
	id,
	username,
	first_name,
	last_name,
	email,
	birthday,
	gender,
	status,
	sexuality,
	ethnicity
	) values (
	'',
	'$username',
	'$first_name',
	'$last_name',
	'$email',
	'$birthday',
	'$gender',
	'$status',
	'$sexuality',
	'$ethnicity'
	)
	";
	$query3 = mysql_query($sql3) or die('Account Creation Failed Because' . mysql_error());

// Now , Lets welcome our new user and send them their activation email
$link = "http://www.mystie.com/account_activate.php?user=$username&cc=$confirm_code";
$to = $email;
$from = "mysite";
$subject = "mysite.com Activation";
$message = "Welcome to mysite.com<br><br>
Your account is Ready. Please visit the link below to Activate your Account<br><br>
" . $link . "<br><br>Thanks for Registering , Tell a Friend about the site";

$headers="From: ".$from;
	     $headers.="\r\nMIME-Version: 1.0\r\n";
	     $headers.="Content-type: text/html; charset=iso-8859-1\r\n";
mail($to, $subject, $message, $headers);
header('Location: /registration_confirm.php');

}
}


// ASSIGN THE OUTPUT
$smarty->assign('username_html',$username_html);
$smarty->assign('pw_html',$pw_html);
$smarty->assign('gender_html',$gender_html);
$smarty->assign('email_html',$email_html);


// DISPLAY THE TEMPLATE
$smarty->display('register.tpl');

// REQUIRE FOOTER
require_once('footer.php');

?>
    Write a Reply...