开发者

PHP register form was working and now doesnt work after i've made no changes [closed]

问答 作者:
This question is unlikely to help any future visitors; it is only relevant to a small geographic area, a specific moment in time, or an extraordinarily narrow situation that is not generally applicable to the worldwide audience of the internet. For help making this question more broadly applicable, visit the help center. Closed 11 years ago.

my registration no longer works, but i havent made any changes to it, why would this be? the only change i made was going into the database and change to id of 1 user and deleting 2 others. here is my code:

include 'scripts/global.php';

// Register attempt  
if(isset($_POST['registerSubmit']) && $_POST['registerSubmit'] == 'true'){
$username = trim($_POST['username']);  
$email = trim($_POST['email']);  
$password = trim($_POST['password']);  
$confirmPassword    = trim($_POST['confirmPassword']);  

if(!preg_matc开发者_运维知识库h("/^[_\.0-9a-zA-Z-]+@([0-9a-zA-Z][0-9a-zA-Z-]+\.)+[a-zA-Z]{2,6}$/i", $email))  
    $errors['email'] = 'Your email address is invalid.';  

if(strlen($password) < 6)  
    $errors['password'] = 'Your password must be greater than 6 characters.';  

if($password != $confirmPassword)  
    $errors['confirmPassword'] = 'Your passwords did not match.';  

// Check to see if we have a user registered with this email address already  
$query = 'SELECT * FROM users WHERE email = "' . mysql_real_escape_string($email) . '" LIMIT 1';  
$result = mysql_query($query);  
if(mysql_num_rows($result) == 1)  
    $errors['email'] = 'This email address already exists.';

//Check if username is already taken
     $queryuser = 'SELECT * FROM users WHERE username = "' . mysql_real_escape_string($username) . '" LIMIT 1';  
$result = mysql_query($queryuser);  
if(mysql_num_rows($result) == 1)  
    $errors['username'] = 'This username is already taken.';



if(!$errors){  
    $queryFinal = 'INSERT INTO users SET email = "' . mysql_real_escape_string($email) . '", 
                                                                    password = MD5("' . mysql_real_escape_string($password) . '"), 
                                                                    date_registered = "' . date('Y-m-d H:i:s') . '",
                                                                    username = "' . mysql_real_escape_string($username) . '"';

    if(mysql_query($queryFinal)){  
        $success['register'] = 'Thank you for registering. You can now log in on the right.';  
    }else{  
        $errors['register'] = 'There was a problem registering you. Please check your details and try again.';  
    }  
}  

}

Not sure why it worked or what changed. But as far as I know, you cannot use the double quotes in queries around variable data like you have them here:

$query = 'SELECT * FROM users WHERE email = "' . mysql_real_escape_string($email) . '" LIMIT 1';

It should be:

$query = "SELECT * FROM users WHERE email = '" . mysql_real_escape_string($email) . "' LIMIT 1";

Same with your other query's. What would also help if you had some error's being displayed if something is awry:

$result = mysql_query($queryuser) or trigger_error('SQL Error on User Query: ' . mysql_error());

Which should also tell you what the error is / was. And this can be turned off to the end user easily with display_errors being set to off since it uses the trigger_error.

继续阅读:phpregistration

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9