[RESOLVED] Confirm Associate Member

hairpuller

I have modelled a Login script based on the one found in http://evolt.org/article/comment/17/60265/index.html and everything works fine so far. I'm wanting to intergrade within that script a confirm Another Member facility where the Applicant identifies another registered member as his/her Associate. I have studied the code and tried many ways but failed to get this facility to work.

I need PHP to take the given "Other Member" (username) that is entered and posted and then search the database to see if that username exists and if it exists then nothing more is done other than the entry into the MySQL database Associate Member column, but if it doesn't exist I need PHP to reject the application and revert back to the forms for the error to be corrected. I also want the facility for the Applicant to enter "To be advised" in which case all the submitted data will be stored but the applicant would not be able to proceed until the Associate Member' username is provided. The best I can do is the following in the Register.php file but it doesn't work.

function confirmAssMem($assmem){
global $conn;
/ Add slashes if necessary (for query) /
if(!get_magic_quotes_gpc()) {
$assmem = addslashes($assmem);
}

/ Verify that associate member is in database /
$m = "select username from users where username = '$assmem'";
$mresult = mysql_query($m,$conn);
if(!$mresult || (mysql_numrows($mresult) < 1)){
return 1; //Indicates associate member failure
}

/**
Checks to see if the associate member has a registered
username in database.
/
if(isset($POST['subjoin'])){
/ Checks that associate member is in database */
$mresult = confirmAssMem($POST['assmem']);

/ Checks Associate Member for error /
if($mresult == 1){
die("<CENTER><TABLE ALIGN=\"CENTER\" BORDER=\"10\" CELLSPACING=\"5\" CELLPADDING=\"5\">
<TD><CENTER>Your Associate Member does not exist in our database, please <A HREF=\"Register.php\" TITLE=\"check the accuracy.\">check the accuracy.</A>.");
}

Can anybody help me with the code for that please?

Also I find when something is not correct in the application, and the Applicant reverts back to the forms all the entered data is lost. Is there some code which can save the entered data to avoid the applicant re-entering it?

Regards,
David Young.

sheephat

Please wrap it in the

 tags so its easier to view,

It will look like this: (i havent modified anything)

[code=php]function confirmAssMem($assmem){
global $conn;
/* Add slashes if necessary (for query) */
if(!get_magic_quotes_gpc()) {
$assmem = addslashes($assmem);
}

/* Verify that associate member is in database */
$m = "select username from users where username = '$assmem'";
$mresult = mysql_query($m,$conn);
if(!$mresult || (mysql_numrows($mresult) < 1)){
return 1; //Indicates associate member failure
}

/**
* Checks to see if the associate member has a registered
* username in database.
*/
if(isset($_POST['subjoin'])){
/* Checks that associate member is in database */
$mresult = confirmAssMem($_POST['assmem']);

/* Checks Associate Member for error */
if($mresult == 1){
die("<CENTER><TABLE ALIGN=\"CENTER\" BORDER=\"10\" CELLSPACING=\"5\" CELLPADDING=\"5\">
<TD><CENTER>Your Associate Member does not exist in our database, please <A HREF=\"Register.php\" TITLE=\"check the accuracy.\">check the accuracy.</A>.");
}

hairpuller

Hi Sheephat, I am grateful for all the help that is given. I was conscious of the snippet of script not having the tags but I was trying to keep my query as short as possible. Here is the content of the register.php file with the modifications I have made, and I can get the associate member entered into the database but I can not get it to reject if it does not exist.

<?
session_start();
include("database.php");

/**
Returns true if the username has been taken
by another user, false otherwise.
*/
function usernameTaken($username){
global $conn;
if(!get_magic_quotes_gpc()){
$username = addslashes($username);
}
$q = "select username from users where username = '$username'";
$m = "select username from users where username = '$assmem'";
$result = mysql_query($q,$conn);
return (mysql_numrows($result) > 0);
$mresult = mysql_query($m,$conn);
if(!$mresult || (mysql_numrows($mresult) < 1))
return 1; //Indicates associate member failure
}

/**
Inserts the given (username, password) pair
into the database. Returns true on success,
false otherwise.
/
function addNewUser($username, $password, $assmem){
global $conn;
$q = "INSERT INTO users VALUES ('$username', '$password', '$assmem')";
return mysql_query($q,$conn);
}

/**
Displays the appropriate message to the user
after the registration attempt. It displays a
success or failure status depending on a
session variable set during registration.
*/
function displayStatus(){
$uname = $SESSION['reguname'];
if($SESSION['regresult']){
?>

<h1>Registered!</h1>
<p>Thank you <b><? echo $uname; ?></b>, your information has been added to the database, you may now <a href="main.php" title="Login">log in</a>.</p>

<?
}
else{
?>

<h1>Registration Failed</h1>
<p>We're sorry, but an error has occurred and your registration for the username <b><? echo $uname; ?></b>, could not be completed.<br>
Please try again at a later time.</p>

<?
}
unset($SESSION['reguname']);
unset($SESSION['registered']);
unset($_SESSION['regresult']);
}

if(isset($_SESSION['registered'])){
/**
This is the page that will be displayed after the
registration has been attempted.
*/
?>

<html>
<title>Registration Page</title>
<body>

<? displayStatus(); ?>

</body>
</html>

<?
return;
}

/**
Determines whether or not to show to sign-up form
based on whether the form has been submitted, if it
has, check the database for consistency and create
the new account.
/
if(isset($POST['subjoin'])){
/ Make sure all fields were entered */
if(!$POST['user'] || !$_POST['pass']){
die('You didn\'t fill in a required field.');
}

/ Spruce up username, check length /
$POST['user'] = trim($POST['user']);
if(strlen($_POST['user']) > 30){
die("Sorry, the username is longer than 30 characters, please shorten it.");
}

/ Check if username is already in use /
if(usernameTaken($POST['user'])){
$use = $POST['user'];
die("Sorry, the username: <strong>$use</strong> is already taken, please pick another one.");
}

  /* Checks that associate member is in database */

$mresult = confirmAssMem($_POST['assmem']);

/ Add the new account to the database /
$md5pass = md5($POST['pass']);
$SESSION['reguname'] = $POST['user'];
$SESSION['regassmem'] = $POST['assmem'];
$SESSION['regresult'] = addNewUser($POST['user'], $md5pass, $POST['assmem']);
$_SESSION['registered'] = true;
echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}
else{
/**
This is the page with the sign-up form, the names
of the input fields are important and should not
be changed.
/
?>

<html>
<title>Registration Page</title>
<body>
<h1>Register</h1>
<form action="<? echo $HTTP_SERVER_VARS['PHP_SELF']; ?>" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td>Associate Member:</td><td><input type="text" name="assmem" maxlength="30"></td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="subjoin" value="Join!"></td></tr>
</table>
</form>
</body>
</html>

<?
}
?>

bradgrafelman

No, he meant that you need to wrap your code in the board's [PHP][/PHP] bbcode tags so that it's easier for everyone to read/analyze.

hairpuller

I know nothing about the "board's

bbcode tags" despite a search on Google prompted from your previous posting. You may be aware of a site which explains bbcode better that I was able to find???

bradgrafelman

FAQ: Are there any special codes/tags I can use to markup my posts?
More info specifically about bbcode here.

hairpuller

For those who reqire the answer to this question here it is;

function confirmAssMem($assmem){
global $conn;

/ Verify that associate member is in database /
$m = "select username from users where username = '$assmem'";
$mresult = mysql_query($m,$conn);
return (mysql_numrows($mresult) > 0);
}

/ Somewhere before the line below insert the above /
if(isset($_POST['subjoin'])){
/ Somewhere after the line above insert the below/

/ Checks Associate Member for error /
if(!confirmAssMem($POST['assmem'])){
$ass = $POST['assmem'];
die("Sorry, your Associate Member <strong>$ass</strong> does not exist in our database, please <A HREF=\"Register.php\" TITLE=\"check the accuracy.\">check the accuracy.</A>");
}

I was disappointed in not getting it resolved from this site.

laserlight

I was disappointed in not getting it resolved from this site.

I am disappointed that you have not figured out the use of bbcode tags, which are as simple as:
[php]// insert PHP code here[/php]
to get:

// insert PHP code here

hairpuller

Maybe the reason for not using "bbcode tags" is I can see no benefit. If your criticism explained the benefits then people may follow your wishes.

laserlight

Maybe the reason for not using "bbcode tags" is I can see no benefit. If your criticism explained the benefits then people may follow your wishes.

sheephat already stated the benefit: it makes code easier to view. To be precise, it preserves indentation and provides syntax highlighting. I am a regular at two other programming related communities, and all three recommend that code be placed in some kind of code bbcode tags.

Your code would then look like:

function confirmAssMem($assmem){
    global $conn;

/* Verify that associate member is in database */
$m = "select username from users where username = '$assmem'";
$mresult = mysql_query($m,$conn);
return (mysql_numrows($mresult) > 0);
}

/* Somewhere before the line below insert the above */
if(isset($_POST['subjoin'])){
    /* Somewhere after the line above insert the below*/


/* Checks Associate Member for error */
if(!confirmAssMem($_POST['assmem'])){
    $ass = $_POST['assmem'];
    die("Sorry, your Next of Kin <strong>$ass</strong> does not exist in our database, please <A HREF=\"Register.php\" TITLE=\"check the accuracy.\">check the accuracy.</A>");
}

At a glance it is clear that the code fragment is incomplete. In this case it does not matter, but in other cases this could well have been the problem.

Incidentally, change mysql_numrows to mysql_num_rows. The former is deprecated.

hairpuller

I am grateful for all criticism but I do not share the opinion that bbcode is easier to view. sheephad stated "It will look like this: (i havent modified anything)" I find that uneasy to view. PHP is hard enough to understand without adding any further confusion. I have spent many hours resolving many small problems that would have been resolved sooner if explanations were aimed at the amateur.

laserlight

sheephad stated "It will look like this: (i havent modified anything)" I find that uneasy to view.

That is right, because sheephat merely took the code that had lost its indentation and pasted it into the bbcode tags. If you indent your code properly (you do, don't you?), then it is different.

PHP is hard enough to understand without adding any further confusion.

Good indentation helps to reduce confusion. For example, you might have a loop with a fairly long body. Without indentation, it is more difficult to see where the loop ends, so you could accidentally add code that is supposed to come after the loop into the loop body.

sheephat

Then it is clear that this forum may not be for you.

I simply stated something that will help OTHERS read your code, so I did it.

As a contributor on this forum I see it necessary to play some part, I know a lot of people cannot be bothered to look at code that isn’t in the tags (because it is hassle), and I know a lot of them can solve problems quicker when it is in the tags. The part I played was to put it in tags for others to see, (initially to help you) in the hope that you would get a reply.

In the case here, you seem to be blaming us for not giving you a reply, well we are not all experts, this is not a "garage" for PHP code, you cant just throw code at us and expect us to jump up and spend all our time fixing it, as far as I am concerned this site is for the benefit of my own learning and in some other cases other peoples.

END.