Question about login

Janjan

Hi guys,

I'm still learning PHP and I'm trying to make a member system.
And now I was wondering if my script is good.
Don't look at the HTML please, it's old, I know, but I'm working on that.
It's just the PHP-code I was doubting about: Is it recent enough?
(I don't know the PHP version of this script, I'm using an old book)
It works on my localhost, but once tested on the WAMP, in returns a warning everythime when I try to register myself.

This is the warning I'm receiving:

"; $status= "NOTOK";} if(!ctype_alnum($userid)){ $msg=$msg."User id should contain alphanumeric chars only
"; $status= "NOTOK";} if(mysql_num_rows(mysql_query("SELECT userid FROM plus_signup WHERE userid = '$userid'"))){ $msg=$msg."Userid already exists. Please try another one
"; $status= "NOTOK";} if(mysql_num_rows(mysql_query("SELECT email FROM plus_signup WHERE email = '$email'"))){ $msg=$msg."This email address is there with us. If you forgot your password you can activate it by using forgot password link. Or Please try another one
"; $status= "NOTOK";} if ( strlen($password) < 3 ){ $msg=$msg."Password must be more than 3 char legth
"; $status= "NOTOK";} if ( $password <> $password2 ){ $msg=$msg."Both passwords are not matching
"; $status= "NOTOK";} if ($agree<>"yes") { $msg=$msg."You must agree to terms and conditions
"; $status= "NOTOK";} if($status<>"OK"){ echo "$msg
"; }else{ // if all validations are passed. $password=md5($password); // Encrypt the password before storing if(mysql_query("insert into plus_signup(userid,password,email,name,sex) values('$userid','$password','$email','$name','$sex')")){ echo "Welcome, You have successfully signed up

Click here to login
"; }else{ echo "There is some database problem, Please contact site admin

Click here to login
"; } } } ?>

And this is the register script:

<?php

include "config.php"; // database connection details stored here
// Collect the data from post method of form submission // 
$userid=$_POST['userid'];
$password=$_POST['password'];
$password2=$_POST['password2'];
$agree=$_POST['agree'];
$todo=$_POST['todo'];
$email=$_POST['email'];
$name=$_POST['name'];
$sex=$_POST['sex'];

?>
<!doctype html public "-//w3c//dtd html 3.2//en">

<html>

<head>
<title>Learning to register</title>
</head>

<body >
<?php
if(isset($todo) and $todo=="post"){

$status = "OK";
$msg="";

// if userid is less than 3 char then status is not ok
if(!isset($userid) or strlen($userid) <3){
$msg=$msg."User id should be =3 or more than 3 char length<BR>";
$status= "NOTOK";}					

if(!ctype_alnum($userid)){
$msg=$msg."User id should contain alphanumeric  chars only<BR>";
$status= "NOTOK";}					


if(mysql_num_rows(mysql_query("SELECT userid FROM plus_signup WHERE userid = '$userid'"))){
$msg=$msg."Userid already exists. Please try another one<BR>";
$status= "NOTOK";}					

if(mysql_num_rows(mysql_query("SELECT email FROM plus_signup WHERE email = '$email'"))){
$msg=$msg."This email address is there with us. If you forgot your password you can activate it by using forgot password link. Or Please try another one<BR>";
$status= "NOTOK";}					

if ( strlen($password) < 3 ){
$msg=$msg."Password must be more than 3 char legth<BR>";
$status= "NOTOK";}					

if ( $password <> $password2 ){
$msg=$msg."Both passwords are not matching<BR>";
$status= "NOTOK";}					


if ($agree<>"yes") {
$msg=$msg."You must agree to terms and conditions<BR>";
$status= "NOTOK";}	

if($status<>"OK"){ 
echo "<font face='Verdana' size='2' color=red>$msg</font><br><input type='button' value='Retry' onClick='history.go(-1)'>";
}else{ // if all validations are passed.
$password=md5($password); // Encrypt the password before storing
if(mysql_query("insert into plus_signup(userid,password,email,name,sex) values('$userid','$password','$email','$name','$sex')")){

echo "<font face='Verdana' size='2' color=green>Welcome, You have successfully signed up<br><br><a href=login.php>Click here to login</a><br></font>";
}else{
echo "<font face='Verdana' size='2' color=red>There is some database problem, Please contact site admin<br><br><a href=login.php>Click here to login</a><br></font>";

}
}
}
?>
</html>

halojoy

I suspect you are using this
<?
See if you have such opening tags in your pages.

If you find such, you should change THEM ALL
to the best correct php tag:
<?php

Because '<?' does not work every server,
but normal <?php will work anywhere!
🙂

Janjan

Hello

I've changed it in all my pages... But it still returns the same warning on WAMP
But it is working on my USBwebserver.

But maybe the code is to old?

ixalmida

Focus on the area in the code just above where the output begins on this page. The problem is apparently somewhere before this line:

"; $status= "NOTOK";} if(!ctype_alnum($userid)){ $msg=$msg."User id should contain alphanumeric chars only

There may be defunct function just before this code, or it may be some other syntax error that your old version of PHP managed to gloss over. I had the same problem when I upgraded servers and found some very loose syntax left over from a previous developer. Like halojoy suggested, I also found the <? opening tag in many places. That particular issue is easily cleaned up by doing a search and replace on the entire site.