Register Form does not display

Runaway_Zero

I've just recently started my own site and wanted to allow users to register but, I have no talent for php at all. 🙁
So I searched all over for templates and found a few but none of them seemed to work

Can somebody please point out the problem with this code?
Upon opening the page nothing happens, its just blank the form does not get displayed.
The problem is the same with most of the templates I've tried.

Any help would really be appreciated.

Thanks! 🙂

<?php
require("db_connect.php"); 

function protect($value){
$value = mysql_real_escape_string(value);
$value = stripslashes($value);
$value = strip_tags($value);
return $value;
}

$action = $_REQUEST['act'];
protect($action);


if(!$action){
echo "<table border=0 cellspacing=3 cellpadding=3>\n
	<form name=register method=post action=\"register.php?act=register\">\n
	<tr><td>Username:</td><td><input type=text name=username maxlength=32>\n</td><tr>\n
	<tr><td>Password:</td><td><input type=password name=password maxlength=64>\n</td></tr>\n
	<tr><td>Confirm:</td><td><input type=password name=passconf maxlength=64>\n</td></tr>\n
	<tr><td>Email:</td><td><input type=text name=email>\n</td></tr>\n
	<tr><td>Confirm:</td><td><input type=text name=econf>\n</td></tr>\n
	<tr><td>Gender</td><td><select name=gender>
		<option value=gender>Male</option>\n
		<option value=gender>Female</option>\n
	<tr><td>Your Name</td><td><input type=text name=name maxlength=32>\n
	<tr><td colspan=2 align=right><input type=submit value=\"Register\">\n";
			}else{
			echo 'Action = '.$action.'.<br />';
			}

if($action=="register"){
$username = $_POST['username'];
$password = $_POST['password'];
$passconf = $_POST['passconf'];
$email = $_POST['email'];
$day = $_POST['gender'];
$name = $_POST['name'];
$username = protect($username);
$password = protect($password); // was spelt passwrod
$passconf = protect($passconf);
$email = protect($email);
$gender = protect($gender);
$name = protect($name);

	if (isset($username) && isset($password) && isset($passconf) && isset($email) && isset($gender) && isset($name)){
		if(strlen($username) < 3 || strlen($username) > 32){
		echo "Username is either too short or too long\n";
		}else {
			if(strlen($password) < 3 || strlen($password) > 64){
			echo "Password is either too short ot too long\n";
			}else {
				if(strlen($email) < 3 || strlen($email) > 64){
				echo "Email is either too short ot too long\n";
				}else {
					if(strlen($name) < 2 || strlen($name) > 64){
					echo "Your name is either too short or too long\n";
					}else {
						if($password != $passconf){
						echo "Your password do not match\n";
						}else {
							if($email != $echoconf){
							echo "Your emails do not match\n";
							}else {
								$checkemail = "/*[a-z0-9]+([_\\.-][a-z0-9]+)*@([a-z0-9]+([\.-][a-z0-9]-)+\\.(a-z)(2;)$/";
								if(!preg_match($checkemail,$email)){
								echo "The email you entered is incorrect";
								}else {
									$sql = "SELECT * FROM 'users' WHERE 'username' ='$username'";
									$res = mysql_query($sql) or die(mysql_error());
									if(mysql_num_rows($res) > 0){
									echo "This username already exists";
									}else {
										$sql = "SELECT * FROM 'users' WHERE 'email' ='$email'";
										$res = mysql_query($sql) or die(mysql_error());
										if(mysql_num_rows($res) > 0){
										echo "The email you supplied is already in use";
										}else {
											$sql = "SELECT * FROM 'users' WHERE 'ip' ='$_SERVER[REMOTE_ADDR]'";
											$res = mysql_query($sql) or die(mysql_error());
											if(mysql_num_rows($res) > 0){
											echo "The IP is already in use";
											}else {
												$password = mds($password);
												$date = date('f j, Y @ g:i:s a');
												$sql = "INSTER INTO 'users' ('username','password','email','ip','name,'gender','date') VALUES('$username','$password,'$email','$_SERVER[REMOTE_ADDR]',' $gender,' $date);";
												$res = mysql_query($sql) or die(mysql_error());
												echo "Thank you for registering, you may now log in\n";
												}
											}
										}
									}
								}
							}
						}
					}
				}
			}
		}
	}else{
		echo 'Action wasnt register';
	}

?>

Krik

Upon opening the page nothing happens, its just blank the form does not get displayed.

Before we go any were lets address that. Put

error_reporting(E_ALL);

at the very top of any page you are working on it will ensure all errors are reported so you can more easily find the problem.

Next this

$value = mysql_real_escape_string(value);

need the "$" in friont of the "value"

Then in this line

$day = $_POST['gender'];

"$day" should be "$gender"

Then in this

$action = $_REQUEST['act'];
protect($action);

the second line does nothing. Try this

$action = protect($_REQUEST['act']);

also note that "act" is not set anywhere in your form. And really I suspect the above lines are not needed (see last code example).

The "$echoconf" in this line is not set anywhere in your code

if($email != $echoconf){

The

$sql = "SELECT * FROM 'users' WHERE 'ip' ='$_SERVER[REMOTE_ADDR]'";

should be

$sql = "SELECT * FROM `users` WHERE `ip` ='" . $_SERVER['REMOTE_ADDR'] . "'";

I will note here that the IP address check may cause you trouble. Most ISP's will have a limited block of IP address to assign their customer, usually less IP's than they have customers. They regular have to reassign an IP address so that check may cause all sorts of issues.

Beyond all that your HTML is missing a ton of closing tags. It is a good habit to close ALL HTML tags. Good readability formatting helps find missing closing tags

Also there are several other things that could be done. Below is a rework of your code that does the same thing you had but with most of the errors fixed. If you study it you may find a lot of helpful tips.

<?php
error_reporting(E_ALL);

require("db_connect.php");

function protect($value) {
	$value = stripslashes($value);
	$value = strip_tags($value);
	$value = mysql_real_escape_string($value);
	return $value;
}

if (!isset($_POST['act'])) {
?>
<table border="0" cellspacing="3" cellpadding="3">
	<form name="register" method="post" action="register.php?act=register">
	<tr>
		<td>Username:</td>
		<td><input type="text" name="username" maxlength="32" />
		</td>
	</tr>
	<tr>
		<td>Password:</td>
		<td><input type="password" name="password" maxlength="64" /></td>
	</tr>
	<tr>
		<td>Confirm:</td>
		<td><input type="password" name="passconf" maxlength="64" /></td>
	</tr>
	<tr>
		<td>Email:</td>
		<td><input type="text" name="email"></td>
	</tr>
	<tr>
		<td>Confirm:</td>
		<td><input type="text" name="econf"></td>
	</tr>
	<tr>
		<td>Gender</td>
		<td>
			<select name="gender">
				<option value="male">Male</option>
				<option value="female">Female</option>
			</select>
		</td>
	</tr>
		<td>Your Name</td>
		<td><input type="text" name="name" maxlength="32" />
	</tr>
	<tr>
		<td colspan="2" align="right"><input type="submit" name="act" value="Register" /></td>
	</tr>
	</form>
</table>

<?php
}
else {

$username = protect($_POST['username']);
$password = protect($_POST['password']);
$passconf = protect($_POST['passconf']);
$email = protect($_POST['email']);
$econf = protect($_POST['econf']);
$gender = protect($_POST['gender']);
$name = protect($_POST['name']);

$error = '';

if (!isset($username) || strlen($username) < 3 || strlen($username) > 32) {
	$error .= 'Username is either too short or too long<br/>';
}

if (!isset($password) || strlen($password) < 3 || strlen($password) > 64) {
	$error .= 'Password is either too short ot too long<br/>';
}
if ($password != $passconf) {
	$error .= 'Your password do not match<br/>';
}

if (!isset($email) || strlen($email) < 3 || strlen($email) > 64) {
	$error .= 'Email is either too short ot too long<br/>';
}
if ($email != $econf) {
	$error .= 'Your emails do not match<br />';
}
$checkemail = "/*[a-z0-9]+([_\\.-][a-z0-9]+)*@([a-z0-9]+([\.-][a-z0-9]-)+\\.(a-z)(2;)$/";
if(!preg_match($checkemail,$email)) {
	$error .= 'The email you entered is incorrect<br/>';
}

if (!isset($name) || strlen($name) < 2 || strlen($name) > 64) {
	$error .= 'Your name is either too short or too long<br/>';
}

$sql = "
	SELECT * 
	FROM `users` 
	WHERE `username` = '$username' OR `email` = '$email'
";
$res = mysql_query($sql) or $error .= 'Query Failed' . mysql_error();
if (mysql_num_rows($res) != 0) {
	while ($row = mysql_fetch_array($res)) {
		if ($row['username'] == $username) {
			$error .= 'This username already exists<br/>';
		}
		if ($row['email'] == $email) {
			$error .= 'The email you supplied is already in use<br/>';
		}
	}
}
if ($error == '') {
	$password = mds($password);
	$date = date('f j, Y @ g:i:s a');
	$sql = "
		INSTER INTO `users` (`username`, `password`, `email`, `ip`, `name`, `gender`, `date`) 
		VALUES('$username', '$password, '$email', '" . $_SERVER['REMOTE_ADDR'] . "', '$gender', '$date')
	";
	if (mysql_query($sql)) {
		echo 'Thank you for registering, you may now log in<br/>';
	}
	else {
		echo 'Insert Query Failed' . mysql_error();
	}
}
else {
	echo $error;
}
}
?>

I can't say for certain if it will work as there may be other factors not present in your original code but I hope it helps