The following registration form only inserts “username” “password” “salt” and “email” into the user table, everything else is left blank. I get the following error upon registering:
Warning: Missing argument 3 for user_register(), called in C:\Program Files\xampp\htdocs\register07.php on line 30 and defined in C:\Program Files\xampp\htdocs\functions.php on line 15
Warning: Missing argument 4 for user_register(), called in C:\Program Files\xampp\htdocs\register07.php on line 30 and defined in C:\Program Files\xampp\htdocs\functions.php on line 15
Warning: Missing argument 5 for user_register(), called in C:\Program Files\xampp\htdocs\register07.php on line 30 and defined in C:\Program Files\xampp\htdocs\functions.php on line 15
Warning: Missing argument 6 for user_register(), called in C:\Program Files\xampp\htdocs\register07.php on line 30 and defined in C:\Program Files\xampp\htdocs\functions.php on line 15
Warning: Missing argument 7 for user_register(), called in C:\Program Files\xampp\htdocs\register07.php on line 30 and defined in C:\Program Files\xampp\htdocs\functions.php on line 15
Warning: Missing argument 8 for user_register(), called in C:\Program Files\xampp\htdocs\register07.php on line 30 and defined in C:\Program Files\xampp\htdocs\functions.php on line 15
Thank you for registering on our site, click here to go back.
Below is the code that i used:
Functions.php
<?php
// Salt Generator
function generate_salt()
{
// Declare $salt
$salt = '';
// And create it with random chars
for ($i = 0; $i < 3; $i++)
{
$salt .= chr(rand(35, 126));
}
return $salt;
}
function user_register($username, $email, $password, $address, $city, $state_county, $zip_postcode, $telephone)
{
// Get a salt using our function
$salt = generate_salt();
// Now encrypt the password using that salt
$encrypted = md5(md5($password).$salt);
// And lastly, store the information in the database
$query = "insert into user (username, email, address, city, state_county, zip_postcode, telephone, password, salt) values
('$username', '$email', '$address','$city', '$state_county', '$zip_postcode', '$telephone', '$encrypted', '$salt')";
mysql_query ($query) or die ('Could not create user.');
}
function user_login($username, $password)
{
// Try and get the salt from the database using the username
$query = "select salt from user where username='$username' limit 1";
$result = mysql_query($query);
$user = mysql_fetch_array($result);
// Using the salt, encrypt the given password to see if it
// matches the one in the database
$encrypted_pass = md5(md5($password).$user['salt']);
// Try and get the user using the username & encrypted pass
$query = "select userid, username from user where username='$username' and password='$encrypted_pass'";
$result = mysql_query($query);
$user = mysql_fetch_array($result);
$numrows = mysql_num_rows($result);
// Now encrypt the data to be stored in the session
$encrypted_id = md5($user['userid']);
$encrypted_name = md5($user['username']);
// Store the data in the session
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['encrypted_id'] = $encrypted_id;
$_SESSION['encrypted_name'] = $encrypted_name;
if ($numrows == 1)
{
return 'Correct';
}
else
{
return false;
}
}
function user_logout()
{
// End the session and unset all vars
session_unset ();
session_destroy ();
}
function is_authed()
{
// Check if the encrypted username is the same
// as the unencrypted one, if it is, it hasn't been changed
if (isset($_SESSION['username']) && (md5($_SESSION['username']) == $_SESSION['encrypted_name']))
{
return true;
}
else
{
return false;
}
}
?>
Register07.php:
<?php
// Include init file
include 'init.php';
if (!isset($_POST['submit']))
{
// Show the form
include 'register_form.inc.php';
exit;
}
else
{
// Check if any of the fields are missing
if (empty($_POST['username']) || empty($_POST['password']) || empty($_POST['confirmpass']))
{
// Reshow the form with an error
$reg_error = 'One or more fields missing';
include 'register_form.inc.php';
exit;
}
// Check if the passwords match
if ($_POST['password'] != $_POST['confirmpass'])
{
// Reshow the form with an error
$reg_error = 'Your passwords do not match';
include 'register_form.inc.php';
exit;
}
// Everything is ok, register
user_register ($_POST['username'], $_POST['password']);
echo 'Thank you for registering on our site, <a href="index.php">click here</a> to go back.';
}
?>
Init.php:
<?php
// Start the session
session_start();
// MySQL Settings
$db_host = 'machine';
$db_user = 'user';
$db_pass = 'pass';
$db_database = 'user';
// Connect to the database
mysql_connect ($db_host, $db_user, $db_pass) or die ('Could not connect to the database.');
mysql_selectdb ($db_database) or die ('Could not select database.');
// Seed the random number generator
srand();
// Include functions
include 'functions.php';
?>
Register_Form.inc.php:
<?php if (isset($reg_error)) { ?>
There was an error: <?php echo $reg_error; ?>, please try again.
<?php } ?>
<form action="register07.php" method="post">
<b>Username:</b> <input type="text" size="20" maxlength="20" name="username"
<?php if (isset($_POST['username'])) { ?> value="<?php echo $_POST['username']; ?>" <?php } ?>/><br />
<b>Email:</b> <input type="text" size="20" maxlength="20" name="email" /><br />
<b>Password:</b> <input type="password" size="20" maxlength="10" name="password" /><br />
<b>Confirm Password:</b> <input type="password" size="20" maxlength="10" name="confirmpass" /><br />
<b>address:</b> <textarea cols="35" rows="8" name="address" ></textarea><br />
<b>city:</b> <input type="text" size="20" maxlength="20" name="city" /><br />
<b>state/county:</b> <input type="text" size="20" maxlength="20" name="state_county" /><br />
<b>Zip code:</b> <input type="text" size="20" maxlength="20" name="Zip_postcode" /><br />
<b>Telephone:</b> <input type="text" size="20" maxlength="20" name="telephone" /><br />
<input type="submit" name="submit" value="Register!" />
</form>
