php validations

sanjay1911
sanjay1911 used Ask the Experts™
on
Hello, I am working on registration script. The validations that I have give are not working.
here is my code.
<?php 
// To load the config script, following command is used.
require_once('include/config.php');

// An $err variable is set assuming that there are no errors. 
//Errors that occur during the registration process are checked later
$err = NULL;

// $_POST array is checked to see if all the required infoamtion is present.
//if registration informaitn is not available, then registration form is displayed
if ( (!empty($_POST["uname"])) && (!empty($_POST["uid"])) && (!empty($_POST["pwd"])) && (!empty($_POST["vwd"])) && (!empty($_POST["umail"])))
{
    // Yes, the posted data is available. Escape it for use in query
	$uname = mysql_real_escape_string($_POST["uname"]);
    $uid = mysql_real_escape_string($_POST["uid"]);
    $pwd = mysql_real_escape_string($_POST["pwd"]);
    $vwd = mysql_real_escape_string($_POST["vwd"]);
	$umail = mysql_real_escape_string($_POST["umail"]);

    
	
	if ($_POST['submit'])
	{
	$uname = $_POST['uname'];
	$uid = $_POST['uid'];
	$pwd = $_POST['pwd'];
	$vwd = $_POST['vwd'];
	$umail = $_POST['umail'];	
	
	$err = ""; //default value of error string
	
	if (!$uname) 
	 $err = $err."Name<br>";
	 
	 if (!$uid) 
	 $err = $err."Username<br>";
	 
	 if (!$pwd) 
	 $err = $err."Password<br>";
	 
	 if (!$vwd) 
	 $err = $err."Verify Password<br>";
	 
	  if (!$umail) 
	 $err = $err."E-mail<br>";
	 
	 if ($err!="")
	echo "Please fill out the following fields:<br>$err";
	
	}
	 
			 if ($uname != 'a-z,A-Z') $err .= "<br/>FAIL: PLEASE ENTER A VALID NAME";	 	 

			// do the password and verify password match?
    if ($pwd != $vwd) $err .= "<br/>FAIL: CHOOSE AND VERIFY PASSWORDS DO NOT MATCH";	 
				 

    // Does the UID already exists?
    $sql = "SELECT uid FROM userTable WHERE uid = '$uid' LIMIT 1";
    if (!$res= mysql_query($sql)) die( mysql_error() );
    $num = mysql_num_rows($res);
    if ($num) $err .= "<br/>FAIL: USERNAME $uid IS ALREADY TAKEN.  PLEASE CHOOSE ANOTHER USERNAME";

    // If no errors were found, make unique user key
    if (!$err)
    {
        // Make the unique user key
        $uuk = md5($uid . $pwd . rand());
        $sql = "INSERT INTO userTable (uname, uid, pwd, uuk, umail) VALUES ('$uname','$uid', '$pwd', '$uuk', '$umail')";
        if (!$res = mysql_query($sql)) die( mysql_error() );

        // store the User-ID in session array
        $_SESSION["uid"] = $uid;

        // check if the "REMEMBER ME" checkbox is set or not?
        if (isset($_POST["rme"]))
        {
            remember_me($uuk);
        }

        // If registration is sucessfull, redirect the user to login_main page
echo "<meta http-equiv='refresh' content='0;url=\"99home.php?page=login_main\"'>";
			exit;
    }

    // If there were errors, display the following error message
    else
    {
        echo $err;
        echo "<br/>SORRY, REGISTRATION FAILED";
    }
} // Display the registratin form
?>
<form method="post">
<h2>PLEASE REGISTER</h2><p>
YOUR NAME:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="text" name="uname" />
<br/>CHOOSE USERNAME: <input type="text" name="uid" />
<br/>CHOOSE PASSWORD: <input name="pwd" type="password" />
<br/>VERIFY PASSWORD:&nbsp;&nbsp; <input name="vwd" type="password" />
<br/>YOUR E-MAIL:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;<input name="umail" /><p>
<br/><h4><input type="checkbox" name="rme" />KEEP ME LOGGED IN </h4>
<br/><input type="submit" name="submit" value="REGISTER" />
</form>

Open in new window

Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Senior Web Developer
Commented:
There fewer problems with your regular expression check and validation call so I write all of the code here which is working well for me and hope you will solve your problem:
<?php 
require_once('include/config.php');

	if (isset($_POST['submit']))
	{
	$uname = $_POST['uname'];
	$uid = $_POST['uid'];
	$pwd = $_POST['pwd'];
	$vwd = $_POST['vwd'];
	$umail = $_POST['umail'];	
if ( (!empty($_POST["uname"])) && (!empty($_POST["uid"])) && (!empty($_POST["pwd"])) && (!empty($_POST["vwd"])) && (!empty($_POST["umail"])))
{
    // Yes, the posted data is available. Escape it for use in query
	$uname = mysql_real_escape_string($_POST["uname"]);
    $uid = mysql_real_escape_string($_POST["uid"]);
    $pwd = mysql_real_escape_string($_POST["pwd"]);
    $vwd = mysql_real_escape_string($_POST["vwd"]);
	$umail = mysql_real_escape_string($_POST["umail"]);
}
	
$errors=array();
if(!preg_match('/[A-Za-z]/', $uname))
	$errors[]="Username is not valid.";
if(!preg_match('/[A-Za-z]/', $uid))
	$errors[]="Userid is not Valid";
if(empty($pwd))
	$errors[]="Password can not be blank.";
if(empty($vwd))
	$errors[]="Confirm password is blank.";
if(empty($umail))
	$errors[]="Email can not be blank.";
if(!preg_match("/^[a-z_][\w_\.]*@[\w]{2,20}(\.[a-zA-Z]{2,3}){1,2}$/",$umail))
	$errors[]="Email is not valid.";

if($pwd!=$vwd || $pwd=="" || $vwd==""){
	$errors[]="Password do not match or blank password.";
}
    // Does the UID already exists?
   $sql = "SELECT uid FROM userTable WHERE uid = '$uid' LIMIT 1";
   $res=mysql_query($sql) or die(mysql_error());
   if(mysql_num_rows($res)>0){
   $errors[]="FAIL: USERNAME $uid IS ALREADY TAKEN.  PLEASE CHOOSE ANOTHER USERNAME";
}
if(sizeof($errors)>0){
	echo ("<font color='red'>");
	foreach ($errors as $err){
	echo ($err."<br/>");
	}
	echo ("</font>");
	exit();
}else{
        // Make the unique user key
        $uuk = md5($uid . $pwd . rand());
        $sql = "INSERT INTO userTable (uname, uid, pwd, uuk, umail) VALUES ('$uname','$uid', '$pwd', '$uuk', '$umail')";
       $res=mysql_query($sql);

        // store the User-ID in session array
        $_SESSION["uid"] = $uid;

        // check if the "REMEMBER ME" checkbox is set or not?
        if (isset($_POST["rme"]))
        {
            remember_me($uuk);
        }

        // If registration is sucessfull, redirect the user to login_main page
echo "<meta http-equiv='refresh' content='0;url=\"99home.php?page=login_main\"'>";
			exit;
    }

}
?>
<form method="post">
<h2>PLEASE REGISTER</h2><p>
YOUR NAME:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="text" name="uname" />
<br/>CHOOSE USERNAME: <input type="text" name="uid" />
<br/>CHOOSE PASSWORD: <input name="pwd" type="password" />
<br/>VERIFY PASSWORD:&nbsp;&nbsp; <input name="vwd" type="password" />
<br/>YOUR E-MAIL:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;<input name="umail" /><p>
<br/><h4><input type="checkbox" name="rme" />KEEP ME LOGGED IN </h4>
<br/><input type="submit" name="submit" value="REGISTER" />
</form>

Open in new window

Author

Commented:
@jagadishdulal : you are awesome!!!!

thank you so much!!!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial