[thelist] php password failing - (register code)

Andrew Maynes andrew at uk-webdeveloper.co.uk
Wed Jul 10 04:22:00 CDT 2002


here is the code for registering

<?php # register.php (third version)

require_once ("config.inc"); // Include the class.

if (isset($HTTP_POST_VARS[Submit])) { // If the form was submitted, process it.

	// Check the username.
	if (eregi ("^[[:alnum:]]+$", $HTTP_POST_VARS[username])) {
		$a = TRUE;
	} else {
		$a = FALSE;
		$message[] = "Please enter a username that consists only of letters and
numbers.";
	}

	// Check to make sure the password is long enough and of the right format.
	if (eregi ("^[[:alnum:]]{8,16}$", $HTTP_POST_VARS[pass1])) {
		$b = TRUE;
	} else {
		$b = FALSE;
		$message[] = "Please enter a password that consists only of letters and
numbers, between 8 and 16 characters long.";
	}

	// Check to make sure the password matches the confirmed password.
	if ($HTTP_POST_VARS[pass1] == $HTTP_POST_VARS[pass2]) {
		$c = TRUE;
		$password = crypt ($HTTP_POST_VARS[pass1]); // Encrypt the password.
	} else {
		$c = FALSE;
		$message[] = "The password you entered did not match the confirmed password.";
	}

	// Check to make sure they entered their first name and it's of the right
format.
	if (eregi ("^([[:alpha:]]|-|')+$", $HTTP_POST_VARS[first_name]))

		$d = TRUE;
	} else {
		$d = FALSE;
		$message[] = "Please enter a valid first name.";
	}

	// Check to make sure they entered their last name and it's of the right
format.
	if (eregi ("^([[:alpha:]]|-|')+$", $HTTP_POST_VARS[last_name]))

		$e = TRUE;
	} else {
		$e = FALSE;
		$message[] = "Please enter a valid last name.";
	}

	// Check to make sure they entered a valid email address.
	if (eregi("^([[:alnum:]]|_|\.|-)+@([[:alnum:]]|\.|-)+(\.)([a-z]{2,4})$",
$HTTP_POST_VARS[email]))

		$f = TRUE;
	} else {
		$f = FALSE;
		$message[] = "Please enter a valid email address.";
	}

	// Check to make sure they entered a valid birth date.
	if (checkdate ($HTTP_POST_VARS[birth_month], $HTTP_POST_VARS[birth_day],
$HTTP_POST_VARS[birth_year]))

		$birthday =
"$HTTP_POST_VARS[birth_year]-$HTTP_POST_VARS[birth_month]-$HTTP_POST_VARS[birth_
day]";
		$g = TRUE;
	} else {
		$g = FALSE;
		$message[] = "Please enter a valid birth date.";
	}

	//  If the data passes all the tests, check to ensure a unique member name then
register them.
	if ($a AND $b AND $c AND $d AND $e AND $f AND $g) {

		$query = "select * from users where username='$username'";
		$query_db = @mysql_query($query, $db_connection);
		$row = @mysql_fetch_object($query_db);
		if ($row) {
			$message[] = "That username is already taken. Please select another.";
		} else {
			$query2 = "insert into users values ('0', '$HTTP_POST_VARS[username]',
'$password', '$HTTP_POST_VARS[first_name]', '$HTTP_POST_VARS[last_name]',
'$HTTP_POST_VARS[email]', '$birthday')";
			$query_db2 = mysql_query($query2,$db_connection) or die (mysql_error());
			if ($query_db2) {
				$mailto = $HTTP_POST_VARS[email];
				$mailfrom = "From: Registration at Community.Com";
				$subject = "Registration Confirmation";
				$body = "Thank you for registering with the Community.\nYour username is
$HTTP_POST_VARS[username].\nYour password is $HTTP_POST_VARS[password].";
				mail($mailto,$subject,$body,$mailfrom);
				$message="You have been successfully registered. You will receive an email
confirmation of your username and password.";
				$m = urlencode ($message);
				header ("Location: index.php?good_message=$m");
				exit;
			} else {
				$message="You could not be successfully registered due to a system error.
Please contact the Webmaster  at webmaster at community.com to have this
corrected.";
				$m = urlencode ($message);
				header ("Location: index.php?error_message=$m");
				exit;
			}
		}

	}


} // End of Submit if.

require_once "classes/HtmlTemplate2.class"; // Include the class.
require_once "classes/HtmlRegistrationTemplate.class"; // Include the class.

session_start();

$page = new HtmlTemplate2 ("templates/main_template.inc"); // Create an
instance.

$page->SetParameter("PAGE_TITLE", "Register!");

$javascript = implode ("\n", (file ("includes/registration_javascript.inc")) );
$page->SetParameter("JAVASCRIPT", $javascript);

// Greet them if they are logged in or show the log in form.
if ($HTTP_SESSION_VARS[firstname]) {
	$header= "Greetings, $HTTP_SESSION_VARS[firstname]!";
} else {
	$header = '<form action="login.php" method="post">
Username <input type="text" name="username" size="16" maxlength="16" />
Password <input type="password" name="password" size="16" maxlength="16" />
<input type="submit" name="Submit" value="Go!" />
</form>';
}
$page->SetParameter("PAGE_HEADER", $header);

if ($message) {
	$content = HTMLRegistrationTemplate::CreateErrorMessages($message);
}

$page2 = new HtmlRegistrationTemplate ("includes/registration_form.inc");
$page2->SetParameter ("username", $HTTP_POST_VARS[username]);
$page2->SetParameter ("first_name", $HTTP_POST_VARS[first_name]);
$page2->SetParameter ("last_name", $HTTP_POST_VARS[last_name]);
$page2->SetParameter ("email", $HTTP_POST_VARS[email]);
$content .= $page2->SwapParameters();
unset($page2);
$page->SetParameter("PAGE_CONTENT", $content);


$footer = "Last modified " . (date("l, F j, Y", filemtime("modified.txt")));
$page->SetParameter("PAGE_FOOTER", $footer);

$page->CreatePage(); // Send the page to the browser.
unset ($page);
?>

-----END OF CODE-----

Hi Rob
did you register?  If you do register the email confirmation contains the user
name but not the password and when you go to login in it says you are not
recognised!

The database is working fine so connectivity is ok!

This is head scatching material!

http://www.punterspower.co.uk/fantasy_football/register/index.php

Andrew


Hi Andrew,

just by inspection there doesn't seem to be anything wrong .... but without
being able to see either the source or some kind of debug output it's
difficult to tell.

Sorry I wasn't more help.

--
Rob



---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.374 / Virus Database: 209 - Release Date: 7/9/02




More information about the thelist mailing list