Hey I have just used php & mysql for dummies to create a memebr only website, the only problem is that the new members details aren't being added into my sql database.
The coding is use is as follows I hope someone can help - Thanks
<?php
/* Program: Login.php
* Desc: Login program for the Members Only section of the
* pet store. It provides two options: (1) login* using an existing Login Name and (2) enter a new
* login name. Login Names and passwords are stored
* in a MySQL database.
*/
session_start();
include("ttpt.inc");
switch (@$_GET['do'])
{
case "login":
$connection = mysql_connect($host, $user,$password)
or die ("Couldn't connect to server.");
$db = mysql_select_db($database, $connection)
or die ("Couldn't select database.");
$sql = "SELECT loginName FROM members
WHERE loginName='$_POST[fusername]'";
$result = mysql_query($sql)
or die("Couldn't execute query.");
$num = mysql_num_rows($result);
if ($num == 1) // login name was found
{
$sql = "SELECT loginName FROM members
WHERE loginName='$_POST[fusername]'
AND password=password('$_POST[fpassword]')";
$result2 = mysql_query($sql)
or die("Couldn't execute query 2.");
$num2 = mysql_num_rows($result2);
if ($num2 > 0) // password is correct
{
$_SESSION['auth']="yes";
$logname=$_POST['fusername'];
$_SESSION['logname'] = $logName;
$today = date("Y-m-d h:m:s");
$sql = "INSERT INTO Login (loginName,loginTime)
VALUES ('$logname','$today')";
mysql_query($sql) or die("Can't execute query.");
header("Location: member_page.php");
}
else // password is not correct
{
unset($do);
$message="The Login Name, '$_POST[fusername]'
exists, but you have not entered the
correct password! Please try
again.<br>";
include("login_form.inc");
}
}
elseif ($num == 0) // login name not found
{
unset($do);
$message = "The Login Name you entered does not
exist! Please try again.<br>";
include("login_form.inc");
}
break;
case "new":
foreach($_POST as $field => $value)
{
if ($value == "")
{
unset($_GET['do']);
$message_new = "Required information is missing.
Please try again.";
include("login_form.inc");
exit();
}
if (ereg("(Name)",$field))
{
/*if (!ereg("^[A-Za-z' -]{1,50}$",$value))
{
unset($_GET['do']);
$message_new = "$field is not a valid name.
Please try again.";
include("login_form.inc");
exit();
}*/
}
$$field = strip_tags(trim($value));
} // end foreach
if (!ereg("^[0-9]{5,5}(\-[0-9]{4,4})?$",$postcode))
{
unset($_GET['do']);
$message_new = "$postcodeis not a valid postcode.
Please try again.";
include("login_form.inc");
exit();
}
if (!ereg("^[0-9)(xX -]{7,20}$",$phone))
{
unset($_GET['do']);
$message_new = "$phone is not a valid phone number.
Please try again.";
include("login_form.inc");
exit();
}
if (!ereg("^.+@.+\\..+$",$email))
{
unset($_GET['do']);
$message_new = "$email is not a valid email address.
Please try again.";
include("login_form.inc");
exit();
}
/* check to see if login name already exists */
$connection = mysql_connect($host,$user,$password)
or die ("Couldn't connect to server.");
$db = mysql_select_db($database, $connection)
or die ("Couldn't select database.");
$sql = "SELECT loginName FROM members
WHERE loginName='$newname'";
$result = mysql_query($sql)
or die("Couldn't execute query.");
$num = mysql_numrows($result);
if ($num > 0)
{
unset($_GET['do']);
$message_new = "$newname already used. Select another
Member ID.";
include("login_form.inc");
exit();
}
else
{
$today=date("Y-m-d");
$sql="INSERT INTO members (loginName,
password,lastName,firstName,street,city,postcode,email,phone) VALUES
('$newname','$today',password('$newpass'),
'$lastName','$firstName','$street','$city',
'$postcode','$phone','$email')";
mysql_query($sql);
$_SESSION['auth']="yes";
$_SESSION['logname'] = $newname;
/* send email to new member */
$emess = "A new Member Account has been setup. ";
$emess.= "Your new Member ID and password are: ";
$emess.= "\n\n\t$newname\n\t$newpass\n\n";
$emess.= "We appreciate your interest in Themes To Party To";
$emess.= "at themestopartyto.com. \n\n";
$emess.= "If you have any questions or problems,";
$emess.= "email webmaster@themestopartyto.com";
$ehead="From: member-desk@themestopartyto.com\r\n";
$subj = "Your new Member Account from Themes To Party To";
$mailsend=mail("$email","$subj","$emess","$ehead");
header("Location: New_member.php");
}
default:
include("login_form.inc");
}
?>
And the login_form.inc coding is as follows
<head><title>Members Only Login</title></head>
<body>
<form action="Login.php" method="GET">
<table>
<tr><td>
<b>Members Only Section</b></td></tr>
<tr>
<td>
<tr><td align=right><b>Username</b></td>
<td><input type="text" name="fusername"
size="20" maxsize="20">
</td></tr>
<tr><td width="120" align="right"><b>Password</b>
</td>
<td><input type="password" name="fpassword"
size="20" maxsize="20"></td></tr>
<tr><td align="center" colspan="2">
<br><input type="submit" name="log"
value="Enter">
</td></tr>
</table>
</form>
</td>
<td width="1" bgcolor="gray"><hr></td>
<td width="67%">
<p><font size="+1"><b>Not a member yet?</b></font>
Get discounts, a newsletter, advance notice of
new pets, much more. Fill in the information
below and join. It's easy and free! </b>
<!-- form for new member to fill in -->
<form action="Login.php?do=new" method="POST">
<p>
<table border="0" width="100%">
<?php
if (isset($message_new)) #55
echo "<tr><td colspan=’2’><b>$message_new</b>
</td></tr>";
?>
<tr><td align="right"><b>Member ID</b></td>
<td><input type="text" name="newname"
value="<?php echo @$newname ?>"
size="20" maxlength="20"></td></tr>
<tr><td align="right"><b>Password</b></td>
<td><input type="password" name="newpass"
value="<?php echo @$newpass ?>"
size="10" maxlength="8"></td>
</tr>
<tr><td align="right"><b>First Name</b></td>
<td><input type="text" name="firstName"
value="<?php echo @$firstName ?>"
size="40" maxlength="40"></td></tr>
<tr><td align="right"><b>Last Name</b></td>
<td><input type="text" name="lastName"
value="<?php echo @$lastName ?>"
size="40" maxlength="40"></td></tr>
<tr><td height="28" align="right"><b>Street</b></td>
<td><input type="text" name="street"
value="<?php echo @$street ?>"
size="55" maxlength="50"></td></tr>
<tr><td align="right"><b>City</b></td>
<td><input type="text" name="city"
value="<?php echo @$city ?>"
size="40" maxlength="40"></td></tr>
<tr>
<td align="right"><b>Postcode</b></td>
<td><input type="text" name="postcode"
value="<?php echo @$postcode ?>"
size="40" maxlength="40"></td></tr>
<tr><td align=right><b>Phone</b></td>
<td><input type="test" name="phone"
value="<?php echo @$phone ?>"
size="15" maxlength="20">
</td>
</tr>
<tr><td align=right><b>Email Address</b></td>
<td><input type="test" name="email"
value="<?php echo @$email ?>"
size="55" maxlength="67"></td></tr>
<tr><td> </td>
<td align="center"><p> </p>
<p>
<input name="submit" type="submit"
value="Become a Member">
</p>
<p> </p></td>
</tr>
</table>
</form>
<p> </p>
<p> </p></td>
</tr>
<tr><td colspan="3" bgcolor="gray"> </td></tr>
</table>
<div align="center">
All comments and suggestions are appreciated. Please
send comments to <a href="mailto:webmaster@petstore.com">
webmaster@themestopartyto.com</A>
</div>
</body>
