BrighteyesDesign
asked on
PHP Registration Form not submitting
I'm trying to setup a user registration form but when I submit the form this error displays...Please re-enter your passwords and try again.
Any ideas why? Here's the code...
<?php if (isset($_POST['submitted'] )) { // Handle the form.
require_once (MYSQL);
// Trim all the incoming data:
$trimmed = array_map('trim', $_POST);
// Assume invalid values:
$fn = $ln = $e = $p = FALSE;
// Check for a first name:
if (preg_match ('/^[A-Z \'.-]{2,20}$/i', $trimmed['first_name'])) {
$fn = mysqli_real_escape_string ($dbc, $trimmed['first_name']);
} else {
echo '<p class="error">Please enter your first name!</p>';
}
// Check for a last name:
if (preg_match ('/^[A-Z \'.-]{2,40}$/i', $trimmed['last_name'])) {
$ln = mysqli_real_escape_string ($dbc, $trimmed['last_name']);
} else {
echo '<p class="error">Please enter your last name!</p>';
}
// Check for an email address:
if (preg_match ('/^[\w.-]+@[\w.-]+\.[A-Za -z]{2,6}$/ ', $trimmed['email'])) {
$e = mysqli_real_escape_string ($dbc, $trimmed['email']);
} else {
echo '<p class="error">Please enter a valid email address!</p>';
}
// Check for a password and match against the confirmed password:
if (preg_match ('/^\w{4,20}$/', $trimmed['password1']) ) {
if ($trimmed['password1'] == $trimmed['password2']) {
$p = mysqli_real_escape_string ($dbc, $trimmed['password1']);
} else {
echo '<p class="error">Your password did not match the confirmed password!</p>';
}
} else {
echo '<p class="error">Please enter a valid password!</p>';
}
if ($fn && $ln && $e && $p) { // If everything's OK...
// Make sure the email address is available:
$q = "SELECT user_id FROM users WHERE email='$e'";
$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
if (mysqli_num_rows($r) == 0) { // Available.
// Create the activation code:
$a = md5(uniqid(rand(), true));
// Add the user to the database:
$q = "INSERT INTO users (email, pass, first_name, last_name, active, registration_date) VALUES ('$e', SHA1('$p'), '$fn', '$ln', '$a', NOW() )";
$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
if (mysqli_affected_rows($dbc ) == 1) { // If it ran OK.
// Send the email:
$body = "Thank you for registering at <whatever site>. To activate your account, please click on this link:\n\n";
$body .= BASE_URL . 'activate.php?x=' . urlencode($e) . "&y=$a";
mail($trimmed['email'], 'Registration Confirmation', $body, 'From: admin@sitename.com');
// Finish the page:
echo '<h3>Thank you for registering! A confirmation email has been sent to your address. Please click on the link in that email in order to activate your account.</h3>';
include ('includes/footer.php'); // Include the HTML footer.
exit(); // Stop the page.
} else { // If it did not run OK.
echo '<p class="error">You could not be registered due to a system error. We apologize for any inconvenience.</p>';
}
} else { // The email address is not available.
echo '<p class="error">That email address has already been registered. If you have forgotten your password, use the link at right to have your password sent to you.</p>';
}
} else { // If one of the data tests failed.
echo '<p class="error">Please re-enter your passwords and try again.</p>';
}
mysqli_close($dbc);
} // End of the main Submit conditional.
?>
Any ideas why? Here's the code...
<?php if (isset($_POST['submitted']
require_once (MYSQL);
// Trim all the incoming data:
$trimmed = array_map('trim', $_POST);
// Assume invalid values:
$fn = $ln = $e = $p = FALSE;
// Check for a first name:
if (preg_match ('/^[A-Z \'.-]{2,20}$/i', $trimmed['first_name'])) {
$fn = mysqli_real_escape_string ($dbc, $trimmed['first_name']);
} else {
echo '<p class="error">Please enter your first name!</p>';
}
// Check for a last name:
if (preg_match ('/^[A-Z \'.-]{2,40}$/i', $trimmed['last_name'])) {
$ln = mysqli_real_escape_string ($dbc, $trimmed['last_name']);
} else {
echo '<p class="error">Please enter your last name!</p>';
}
// Check for an email address:
if (preg_match ('/^[\w.-]+@[\w.-]+\.[A-Za
$e = mysqli_real_escape_string ($dbc, $trimmed['email']);
} else {
echo '<p class="error">Please enter a valid email address!</p>';
}
// Check for a password and match against the confirmed password:
if (preg_match ('/^\w{4,20}$/', $trimmed['password1']) ) {
if ($trimmed['password1'] == $trimmed['password2']) {
$p = mysqli_real_escape_string ($dbc, $trimmed['password1']);
} else {
echo '<p class="error">Your password did not match the confirmed password!</p>';
}
} else {
echo '<p class="error">Please enter a valid password!</p>';
}
if ($fn && $ln && $e && $p) { // If everything's OK...
// Make sure the email address is available:
$q = "SELECT user_id FROM users WHERE email='$e'";
$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
if (mysqli_num_rows($r) == 0) { // Available.
// Create the activation code:
$a = md5(uniqid(rand(), true));
// Add the user to the database:
$q = "INSERT INTO users (email, pass, first_name, last_name, active, registration_date) VALUES ('$e', SHA1('$p'), '$fn', '$ln', '$a', NOW() )";
$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
if (mysqli_affected_rows($dbc
// Send the email:
$body = "Thank you for registering at <whatever site>. To activate your account, please click on this link:\n\n";
$body .= BASE_URL . 'activate.php?x=' . urlencode($e) . "&y=$a";
mail($trimmed['email'], 'Registration Confirmation', $body, 'From: admin@sitename.com');
// Finish the page:
echo '<h3>Thank you for registering! A confirmation email has been sent to your address. Please click on the link in that email in order to activate your account.</h3>';
include ('includes/footer.php'); // Include the HTML footer.
exit(); // Stop the page.
} else { // If it did not run OK.
echo '<p class="error">You could not be registered due to a system error. We apologize for any inconvenience.</p>';
}
} else { // The email address is not available.
echo '<p class="error">That email address has already been registered. If you have forgotten your password, use the link at right to have your password sent to you.</p>';
}
} else { // If one of the data tests failed.
echo '<p class="error">Please re-enter your passwords and try again.</p>';
}
mysqli_close($dbc);
} // End of the main Submit conditional.
?>
I believe that this is the salient part of the code that would cause the message to appear.
if ($fn && $ln && $e && $p) { // If everything's OK..
} else { // If one of the data tests failed.
echo '<p class="error">Please re-enter your passwords and try again.</p>';
}
You might want to use var_dump() to print out the contents of the variables that are used in the if() statement. You might want to add error_reporting(E_ALL) to the top of the script so that you can be sure you are not accidentally relying on an undefined variable or constant.
ASKER
Thanks Ray,
I'm working though a PHP book by Larry Ullman - PHP 6 and MySQL 5 for Dynamic Web Sites.
This script works with others (activate,lost password etc...) so i'd like to stick with it if possible.
I have reposted the code as you suggested so hopefully an errors will be easier to spot!
I'm working though a PHP book by Larry Ullman - PHP 6 and MySQL 5 for Dynamic Web Sites.
This script works with others (activate,lost password etc...) so i'd like to stick with it if possible.
I have reposted the code as you suggested so hopefully an errors will be easier to spot!
<?php if (isset($_POST['submitted'])) { // Handle the form.
require_once (MYSQL);
// Trim all the incoming data:
$trimmed = array_map('trim', $_POST);
// Assume invalid values:
$fn = $ln = $e = $p = FALSE;
// Check for a first name:
if (preg_match ('/^[A-Z \'.-]{2,20}$/i', $trimmed['first_name'])) {
$fn = mysqli_real_escape_string ($dbc, $trimmed['first_name']);
} else {
echo '<p class="error">Please enter your first name!</p>';
}
// Check for a last name:
if (preg_match ('/^[A-Z \'.-]{2,40}$/i', $trimmed['last_name'])) {
$ln = mysqli_real_escape_string ($dbc, $trimmed['last_name']);
} else {
echo '<p class="error">Please enter your last name!</p>';
}
// Check for an email address:
if (preg_match ('/^[\w.-]+@[\w.-]+\.[A-Za-z]{2,6}$/', $trimmed['email'])) {
$e = mysqli_real_escape_string ($dbc, $trimmed['email']);
} else {
echo '<p class="error">Please enter a valid email address!</p>';
}
// Check for a password and match against the confirmed password:
if (preg_match ('/^\w{4,20}$/', $trimmed['password1']) ) {
if ($trimmed['password1'] == $trimmed['password2']) {
$p = mysqli_real_escape_string ($dbc, $trimmed['password1']);
} else {
echo '<p class="error">Your password did not match the confirmed password!</p>';
}
} else {
echo '<p class="error">Please enter a valid password!</p>';
}
if ($fn && $ln && $e && $p) { // If everything's OK...
// Make sure the email address is available:
$q = "SELECT user_id FROM users WHERE email='$e'";
$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
if (mysqli_num_rows($r) == 0) { // Available.
// Create the activation code:
$a = md5(uniqid(rand(), true));
// Add the user to the database:
$q = "INSERT INTO users (email, pass, first_name, last_name, active, registration_date) VALUES ('$e', SHA1('$p'), '$fn', '$ln', '$a', NOW() )";
$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
if (mysqli_affected_rows($dbc) == 1) { // If it ran OK.
// Send the email:
$body = "Thank you for registering at <whatever site>. To activate your account, please click on this link:\n\n";
$body .= BASE_URL . 'activate.php?x=' . urlencode($e) . "&y=$a";
mail($trimmed['email'], 'Registration Confirmation', $body, 'From: admin@sitename.com');
// Finish the page:
echo '<h3>Thank you for registering! A confirmation email has been sent to your address. Please click on the link in that email in order to activate your account.</h3>';
include ('includes/footer.php'); // Include the HTML footer.
exit(); // Stop the page.
} else { // If it did not run OK.
echo '<p class="error">You could not be registered due to a system error. We apologize for any inconvenience.</p>';
}
} else { // The email address is not available.
echo '<p class="error">That email address has already been registered. If you have forgotten your password, use the link at right to have your password sent to you.</p>';
}
} else { // If one of the data tests failed.
echo '<p class="error">Please re-enter your passwords and try again.</p>';
}
mysqli_close($dbc);
} // End of the main Submit conditional.
?>
ASKER
Thanks Ray, i'll try that...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
https://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_2391-PHP-login-logout-and-easy-access-control.html
Going forward, please use the code snippet to post the code. If you do that we get a unispace font and line numbers. It is much easier to read and discuss code when we have those things.