Join! button does not jump to correct location

mrfloyd

Hello, I have a php login script I found on evolt. For the most part works, but I have a problem I just cannot solve, been working on this one issue for 2 weeks, Im not a real programmer so pleae be gentle

When I push the Join! button the username, password and email does properly go to the mysql database, but the screen to the user, does not indicate to the user that He is now registered,.. the screen puts up the Login screen again with the 3 fields emptied.

Here is the code. Thanks in advance for any help.

<?
//This comes from -- http://www.evolt.org/article/PHP_Login_Script_with_Remember_Me_Feature/17/60265/index.html

session_start();
include("database.php");

/**
Returns true if the username has been taken
by another user, false otherwise.
*/
function usernameTaken($username){
global $conn;
if(!get_magic_quotes_gpc()){
$username = addslashes($username);
}
$q = "select username from users where username = '$username'";
$result = mysql_query($q,$conn);
return (mysql_numrows($result) > 0);
}

/**
Inserts the given (username, password) pair
into the database. Returns true on success,
false otherwise.
/
function addNewUser($username, $password, $pcidip, $datetime, $email, $emailchk){
global $conn;
$q = "INSERT INTO users VALUES ('$username', '$password', '$pcidip', '$datetime', '$email', '$emailchk')";
return mysql_query($q,$conn);
}

////////This is where my problem is <I think> ...
////////When I press Join! button, the routine adds the new user to db OK but
/////// instead of going to the "Registered! Thank you.." below it empties the 3 fields(user,pass,email) and starts again
/////// asking you to register<again>. The user gets no indication that he was registered.

/**
Displays the appropriate message to the user
after the registration attempt. It displays a
success or failure status depending on a
session variable set during registration.
*/
function displayStatus(){
$uname = $SESSION['reguname'];
if($SESSION['regresult']){

<h1>Registered!</h1>
<p>Thank you.. <br>
Your information has been added to the database, you may now <a href="index.php" title="Login">log in</a></p>

<?
}
else{
?>

<h1>Registration Failed</h1>
<p>We're sorry, but an error has occurred and your registration for the username <b><? echo $uname; ?></b>, could not be completed.<br>
Please try again at a later time.</p>

<?
}
unset($SESSION['reguname']);
unset($SESSION['registered']);
unset($_SESSION['regresult']);
}

if(isset($_SESSION['registered'])){
/**
This is the page that will be displayed after the
registration has been attempted.
*/
?>

<html>
<title>Registration Page</title>
<body>

<? displayStatus(); ?>

</body>
</html>

<?
return;
}

/**
Determines whether or not to show to sign-up form
based on whether the form has been submitted, if it
has, check the database for consistency and create
the new account.
/
if(isset($POST['subjoin'])){
/ Make sure all fields were entered */
if(!$POST['user'] || !$_POST['pass']){
die('You didn\'t fill in a required field.');
}

/* FKadded this -- checks that email field has characters */

if(!$_POST['email']){
die('You didn\'t fill in the email field, silly');
}

/ Spruce up username, check length /
$POST['user'] = trim($POST['user']);
if(strlen($_POST['user']) > 30){
die("Sorry, the username is longer than 30 characters, please shorten it.");
}

/ Check if username is already in use /
if(usernameTaken($POST['user'])){
$use = $POST['user'];
die("Sorry, the username: <strong>$use</strong> is already taken, please pick another one.");
}

/ Add the new account to the database /
$password = ($POST['pass']); //FK removed md5.. was... $md5pass = md5($POST['pass']);
$SESSION['reguname'] = $POST['user'];
$SESSION['regresult'] = addNewUser($POST['user'], $password, $pcidip, $datetime, $email, $emailchk); //FK-added $pcidip...$emailchk
$_SESSION['registered'] = true;
echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}
else{
/**
This is the page with the sign-up form, the names
of the input fields are important and should not
be changed.
/
?>

<html>
<title>Registration Page</title>
<body>
<h1>Register</h1>
<form action="<? echo $HTTP_SERVER_VARS['PHP_SELF']; ?>" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td>Email Addr:</td><td><input type="text" name="email" maxlength="50"></td></tr>
<tr><td>Send Email Alerts:</td><td> <input type="checkbox" name="emailchk" value="1" checked></td></tr><br />

<tr><td>Your IP for this visit:</td><td> <input name="pcidip" type="text" value="
<?php echo $_SERVER['REMOTE_ADDR']; ?>" size="20"></td></tr><br />

<tr><td>Date-Time for this visit:</td><td> <input name="datetime" type="text" value="
<?php echo date("Y.m.d - h:i:s"); ?>" size="20"></td></tr><br>

<?
}

?>

Your patience is appreciated
Floyd

dagon

its your displayStatus() function, you should define the output in a var and return it

mrfloyd

Hi dagon, thank for getting back.

I am not real good a this, but there is a variable assigned in that code..

function displayStatus(){
$uname = $SESSION['reguname'];

if($_SESSION['regresult']){

Is this what your talking about..??
Thanks again for the help.
Floyd

dagon

change your
displayStatus(){...}

to this:

function displayStatus(){
$uname = $_SESSION['reguname'];
if($_SESSION['regresult']){
	$result ='success';
	}else{
	$result ='fail';
	}
return $result;
}

then change

<? displayStatus(); ?>

<? echo displayStatus(); ?>

dclamp

Please use [noparse]

[/noparse] tags...

Also, if you are using PHP5.x + then short tags are not enabled by default so you may want to try using those.

I didnt even bother reading your code because it is not formated correctly.

mrfloyd

I apologize to my poor understanding of this foruum and php... I am trying hard, I've been on this problem for a very long time... I come from hardware world.. You'd think an older guy would learn.. , programming is trying for me.

dclamp, sorry for that, any more code I post I will bracket per your suggestion

 -like this-

dagon, thank you for your help-truly ... I tried what you said, but I think I am misunderstanding. I followed your instructions exactly - probably too much so..
...
change your
displayStatus(){...}
...

I replaced with your code and removed all code between the curly brackets {...}

but I think Im doing it incorrectly... because between {...} removes the statememts...

<h1>Registered!</h1>
<p>Thank you.. <br>
Your information has been added to the database, you may now <a href="index.php" title="Login">log in</a></p>

---and more----

so can you be a bit more remidial for me please...
Exactly to where do I replace with your code?
Here is the area of the code in question, could you identify how far down of my code should I remove... If I take you literally I would remove all the way to the ""if(isset($..."" statement, and I know that is wrong...

/**
* Displays the appropriate message to the user
* after the registration attempt. It displays a
* success or failure status depending on a
* session variable set during registration.
*/
function displayStatus(){
$uname = $_SESSION['reguname'];
if($_SESSION['regresult']){

?>

<h1>Registered!</h1>
<p>Thank you.. <br>
Your information has been added to the database, you may now <a href="index.php" title="Login">log in</a></p>

<?
}
else{
?>

<h1>Registration Failed</h1>
<p>We're sorry, but an error has occurred and your registration for the username <b><? echo $uname; ?></b>, could not be completed.<br>
Please try again at a later time.</p>

<?
}
unset($_SESSION['reguname']);
unset($_SESSION['registered']);
unset($_SESSION['regresult']);
}

if(isset($_SESSION['registered'])){
/**
* This is the page that will be displayed after the
* registration has been attempted.
*/

Thanks again,
Floyd

dclamp

i used my PHPBeautfier and cleaned up your code a little. Not sure if it will help any

<?php
session_start();
include ("database.php");

/**
 * Returns true if the username has been taken
 * by another user, false otherwise.
 */
function usernameTaken($username)
{
    global $conn;
    if (!get_magic_quotes_gpc())
    {
        $username = addslashes($username);
    }
    $q = "select username from users where username = '$username'";
    $result = mysql_query($q, $conn);
    $num = mysql_numrows($result);
    return $num;
}

/**
 * Inserts the given (username, password) pair
 * into the database. Returns true on success,
 * false otherwise.
 */
function addNewUser($username, $password, $pcidip, $datetime, $email, $emailchk)
{
    global $conn;
    $q = "INSERT INTO users VALUES ('$username', '$password', '$pcidip', '$datetime', '$email', '$emailchk')";
    $query = mysql_query($q, $conn);
	return $query;
}

////////This is where my problem is <I think> ...
////////When I press Join! button, the routine adds the new user to db OK but
/////// instead of going to the "Registered! Thank you.." below it empties the 3 fields(user,pass,email) and starts again
/////// asking you to register<again>. The user gets no indication that he was registered.

/**
 * Displays the appropriate message to the user
 * after the registration attempt. It displays a
 * success or failure status depending on a
 * session variable set during registration.
 */
function displayStatus()
{
    $uname = $_SESSION['reguname'];
    if ($_SESSION['regresult'])
    {

?>

<h1>Registered!</h1>
<p>Thank you.. <br>
Your information has been added to the database, you may now <a href="index.php" title="Login">log in</a></p>

<?
    }
    else
    {
?>

<h1>Registration Failed</h1>
<p>We're sorry, but an error has occurred and your registration for the username <b><? echo
$uname; ?></b>, could not be completed.<br>
Please try again at a later time.</p>

<?
    }
    $_SESSION['reguname'] = NULL;
    $_SESSION['registered'] = NULL;
    $_SESSION['regresult'] = NULL;
}

if (isset($_SESSION['registered']))
{
    /**
     * This is the page that will be displayed after the
     * registration has been attempted.
     */
?>

<html>
<title>Registration Page</title>
<body>

<?php echo displayStatus(); ?>

</body>
</html>

<?
    return;
}

/**
 * Determines whether or not to show to sign-up form
 * based on whether the form has been submitted, if it
 * has, check the database for consistency and create
 * the new account.
 */
if (isset($_POST['subjoin']))
{
    /* Make sure all fields were entered */
    if (!$_POST['user'] || !$_POST['pass'])
    {
        die('You didn\'t fill in a required field.');
    }

/* FKadded this -- checks that email field has characters */
if (!$_POST['email'])
{
    die('You didn\'t fill in the email field, silly');
}


/* Spruce up username, check length */
$_POST['user'] = trim($_POST['user']);
if (strlen($_POST['user']) > 30)
{
    die("Sorry, the username is longer than 30 characters, please shorten it.");
}

/* Check if username is already in use */
if (usernameTaken($_POST['user']))
{
    $use = $_POST['user'];
    die("Sorry, the username: <strong>$use</strong> is already taken, please pick another one.");
}

/* Add the new account to the database */
$password = ($_POST['pass']);//FK removed md5.. was... $md5pass = md5($_POST['pass']);
$_SESSION['reguname'] = $_POST['user'];
$_SESSION['regresult'] = addNewUser($_POST['user'], $password, $pcidip, $datetime,
    $email, $emailchk);//FK-added $pcidip...$emailchk
$_SESSION['registered'] = true;
echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}
else
{
    /**
     * This is the page with the sign-up form, the names
     * of the input fields are important and should not
     * be changed.
     */
?>

<html>
<title>Registration Page</title>
<body>
<h1>Register</h1>
<form action="<? echo $HTTP_SERVER_VARS['PHP_SELF']; ?>" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td>Email Addr:</td><td><input type="text" name="email" maxlength="50"></td></tr>
<tr><td>Send Email Alerts:</td><td> <input type="checkbox" name="emailchk" value="1" checked></td></tr><br />

<!-- FKinsert begins here -->
<tr><td>Your IP for this visit:</td><td> <input name="pcidip" type="text" value="
<?php echo $_SERVER['REMOTE_ADDR']; ?>" size="20"></td></tr><br />

<tr><td>Date-Time for this visit:</td><td> <input name="datetime" type="text" value="
<?php echo date("Y.m.d - h:i:s"); ?>" size="20"></td></tr><br>
<!-- FK insert ends here -->

<tr><td colspan="2" align="right"><input type="submit" name="subjoin" value="Join!"></td></tr>
</table>
</form>
</body>
</html>

<?
}
?>

mrfloyd

Thanks dclamp, very nice organization.. helpful for me
however.
same problem exists...

When filling out the username, password and email fields, they all log properly into the MySQL, but the screen refreshes into the Register screen again with those three fields empy and no indication to the user, that he did indeed get registered.

Don 't know if it makes a difference but my hosting is using PHP 4.4.7

Floyd

dclamp

try this:

if (!empty($_SESSION['regresult']))
{

mrfloyd

To quote your thread... "HELP! I'm Stupid"

Where should I put it? (please don't say what your thinking)
:-)
I ask because it seems the code is jumping over the =="Registered" .. Thank you== message, so Im not sure where should go

Floyd

dclamp

here you go:

<?php
session_start();
include ("database.php");

/**
* Returns true if the username has been taken
* by another user, false otherwise.
*/
function usernameTaken($username)
{
    global $conn;
    if (!get_magic_quotes_gpc())
    {
        $username = addslashes($username);
    }
    $q = "select username from users where username = '$username'";
    $result = mysql_query($q, $conn);
    $num = mysql_numrows($result);
    return $num;
}

/**
* Inserts the given (username, password) pair
* into the database. Returns true on success,
* false otherwise.
*/
function addNewUser($username, $password, $pcidip, $datetime, $email, $emailchk)
{
    global $conn;
    $q = "INSERT INTO users VALUES ('$username', '$password', '$pcidip', '$datetime', '$email', '$emailchk')";
    $query = mysql_query($q, $conn);
    return $query;
}

////////This is where my problem is <I think> ...
////////When I press Join! button, the routine adds the new user to db OK but
/////// instead of going to the "Registered! Thank you.." below it empties the 3 fields(user,pass,email) and starts again
/////// asking you to register<again>. The user gets no indication that he was registered.

/**
* Displays the appropriate message to the user
* after the registration attempt. It displays a
* success or failure status depending on a
* session variable set during registration.
*/
function displayStatus()
{
    $uname = $_SESSION['reguname'];
    if (!empty($_SESSION['regresult']))
    {

?>

<h1>Registered!</h1>
<p>Thank you.. <br>
Your information has been added to the database, you may now <a href="index.php" title="Login">log in</a></p>

<?
    }
    else
    {
?>

<h1>Registration Failed</h1>
<p>We're sorry, but an error has occurred and your registration for the username <b><? echo
$uname; ?></b>, could not be completed.<br>
Please try again at a later time.</p>

<?
    }
    $_SESSION['reguname'] = NULL;
    $_SESSION['registered'] = NULL;
    $_SESSION['regresult'] = NULL;
}

if (isset($_SESSION['registered']))
{
    /**
     * This is the page that will be displayed after the
     * registration has been attempted.
     */
?>

<html>
<title>Registration Page</title>
<body>

<?php echo displayStatus(); ?>

</body>
</html>

<?
    return;
}

/**
* Determines whether or not to show to sign-up form
* based on whether the form has been submitted, if it
* has, check the database for consistency and create
* the new account.
*/
if (isset($_POST['subjoin']))
{
    /* Make sure all fields were entered */
    if (!$_POST['user'] || !$_POST['pass'])
    {
        die('You didn\'t fill in a required field.');
    }

/* FKadded this -- checks that email field has characters */
if (!$_POST['email'])
{
    die('You didn\'t fill in the email field, silly');
}


/* Spruce up username, check length */
$_POST['user'] = trim($_POST['user']);
if (strlen($_POST['user']) > 30)
{
    die("Sorry, the username is longer than 30 characters, please shorten it.");
}

/* Check if username is already in use */
if (usernameTaken($_POST['user']))
{
    $use = $_POST['user'];
    die("Sorry, the username: <strong>$use</strong> is already taken, please pick another one.");
}

/* Add the new account to the database */
$password = ($_POST['pass']);//FK removed md5.. was... $md5pass = md5($_POST['pass']);
$_SESSION['reguname'] = $_POST['user'];
$_SESSION['regresult'] = addNewUser($_POST['user'], $password, $pcidip, $datetime,
    $email, $emailchk);//FK-added $pcidip...$emailchk
$_SESSION['registered'] = true;
echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}
else
{
    /**
     * This is the page with the sign-up form, the names
     * of the input fields are important and should not
     * be changed.
     */
?>

<html>
<title>Registration Page</title>
<body>
<h1>Register</h1>
<form action="<? echo $HTTP_SERVER_VARS['PHP_SELF']; ?>" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td>Email Addr:</td><td><input type="text" name="email" maxlength="50"></td></tr>
<tr><td>Send Email Alerts:</td><td> <input type="checkbox" name="emailchk" value="1" checked></td></tr><br />

<!-- FKinsert begins here -->
<tr><td>Your IP for this visit:</td><td> <input name="pcidip" type="text" value="
<?php echo $_SERVER['REMOTE_ADDR']; ?>" size="20"></td></tr><br />

<tr><td>Date-Time for this visit:</td><td> <input name="datetime" type="text" value="
<?php echo date("Y.m.d - h:i:s"); ?>" size="20"></td></tr><br>
<!-- FK insert ends here -->

<tr><td colspan="2" align="right"><input type="submit" name="subjoin" value="Join!"></td></tr>
</table>
</form>
</body>
</html>

<?
}
?>

mrfloyd

Same problem... identical.... logs into the DB just fine, but does not tell the user he is registered.... and brings up the new screen with the 3 empty fields..
BTW the form has 6 fields in it.... 3 are automatically filled, but the other three are for the user to fill out.
Floyd