I have some code below that is partially working, but I can't figure out why it won't save any info to the DB.
The code is as follows:
<?
# Registration Page
# Includes
include('include/main.php');
# Set variables
$error = "";
# Check variables from GET
if($_GET["docID"] && $_GET["regName"] && $_GET["regPass"] && $_GET["regDOB"] && $_GET["regMail"]) {
# Search for duplicated username
$sql = "SELECT count(*) as found FROM patientTable WHERE name='".$_GET["regName"]."'";
$results = func_query_first($sql);
# If no duplicate, then create user
if(!$results["found"]) {
$sql = "INSERT INTO patientTable (docID,name,pass,dob,mail,date_created) values ('".$_GET['docID']."','".$_GET['regName']."','".md5($_GET['regPass'])."','".$_GET['regDOB']."','".$_GET['regMail']."',now())";
$results = db_query($sql);
$sql = "SELECT docFolder FROM docTable WHERE docID='".$_GET["docID"]."'";
$results = func_query_first($sql);
$id = db_insert_id();
$folderName = $_GET["regName"].mktime();
# Create folder based on username and ID
func_mkdir($_SERVER['DOCUMENT_ROOT']."/".$results['docFolder'].$folderName);
# Assign folder to user
$sql = "INSERT INTO projectTable (patientID,projectFolder) values ('".$id."','".$folderName."')";
$results_folder = db_query($sql);
if(!$results_folder)
$error = "Sorry, there was a problem creating your folder.";
else {
# Get FTP info
$sql = "SELECT pt.id as patientID, d.gen2doc as gen2doc, d.ftpHost as ftpHost, d.ftpUser as ftpUser, d.ftpPass as ftpPass, d.docFolder as docFolder, d.genFolder as genFolder, pj.projectFolder as projectFolder FROM docTable as d, patientTable as pt, projectTable as pj WHERE pt.docID=d.docID AND pt.id=pj.patientID AND pt.id=$id";
$results = func_query_first($sql);
if($results) {
echo "userID=".$results['patientID']."&ftpHost=".$results['ftpHost']."&ftpUser=".$results['ftpUser']."&ftpPass=".$results['ftpPass']."&docFolder=".$results['docFolder']."&genFolder=".$results['genFolder']."&projectFolder=".$results['projectFolder']."&gen2doc=".$results['gen2doc'];
send_registration_email($results['patientID'],$_GET['regPass']);
}
else {
$error = "Sorry, we could not locate your information.";
}
}
}
else {
$error = "Sorry, the username '".$_GET["regName"]."' is not available. Please choose another.";
}
}
# Error if all fields aren't passed through
else {
$error = "Sorry, you must enter all required fields";
}
# Display error, if any
if($error) {
$errorString = "&message=".urlencode($error);
echo("err=1".$errorString);
}
?>
The Part that works is (this is a piece of code that creates a users folder on a website):
$folderName = $_GET["regName"].mktime();
# Create folder based on username and ID
func_mkdir($_SERVER['DOCUMENT_ROOT']."/".$results['docFolder'].$folderName);
The part that doesn't work is (this is the code that is supposed to put data into the db):
# Check variables from GET
if($_GET["docID"] && $_GET["regName"] && $_GET["regPass"] && $_GET["regDOB"] && $_GET["regMail"]) {
# Search for duplicated username
$sql = "SELECT count(*) as found FROM patientTable WHERE name='".$_GET["regName"]."'";
$results = func_query_first($sql);
# If no duplicate, then create user
if(!$results["found"]) {
regName=zz & regPass=zz & regDOB=01%2F01%2F1974 & regMail=default%40my%2Ecom & docID=brandon
$sql = "INSERT INTO patientTable (docID,name,pass,dob,mail,date_created) values ('".$_GET['docID']."','".$_GET['regName']."','".md5($_GET['regPass'])."','".$_GET['regDOB']."','".$_GET['regMail']."',now())";
$results = db_query($sql);
$sql = "SELECT docFolder FROM docTable WHERE docID='".$_GET["docID"]."'";
$results = func_query_first($sql);
The data that is being sent to this script so that it can create the db entries and the users folder is (sample):
regName=zz®Pass=zz®DOB=01%2F01%2F1974®Mail=default%40my%2Ecom&docID=brandon
Any help would be greatly appreciated,
Brandon
