SitePoint Sponsor

User Tag List

Results 1 to 20 of 20

Thread: Adding users

  1. #1
    designer
    Join Date
    Dec 2004
    Location
    Over the hill and through the woods...
    Posts
    306
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Adding users

    Ok, so, I am writing a script to add users to my database. All you do is input the new username and the new password. Here is the code for the form.

    PHP Code:
    <h2>Add A User</h2>
    <?php

    $add 
    $_GET['add'];

    if (
    $add == "false") {
        echo(
    "<div class=\"failure\">All fields are required</div>");


    if (
    $add == "true") {
        echo(
    "<div class=\"success\">User has been added</div>");
    }

    $form "<br /><form method=\"post\" action=\"add.php\">
    Username: <input type=\"text\" name=\"user2\" />
    <br /><br />Password: <input type=\"password\" name=\"passwd\" />
    <br /><br />
    <input type=\"submit\" name=\"submit\" value=\"Add User\"/>
    </form>"
    ;

    echo 
    $form

    ?>
    Here is the code for add.php.

    PHP Code:
    <?php

    $user2 
    mysql_escape_string($_POST['user2']);
    $passwd md5($_POST['passwd']);

    include(
    "config.php");

    mysql_connect($dbhost$dbuser$dbpass) or die(mysql_error());
    mysql_select_db($db) or die(mysql_error());

    if (
    $user2 == "" && $passwd == "") {
        
    header("Location:admin_users.php?add=false");
    } elseif (
    $user2 == "") {
        
    header("Location:admin_users.php?add=false");
    } elseif (
    $passwd == "") {
        
    header("Location:admin_users.php?add=false");
    } else {
        
    $query mysql_query("insert into '$dbtable' values(0, '$user2', '$passwd')");
        
    $row mysql_fetch_array($query);

        
    header("Location:admin_users.php?add=true");
    }

    exit;
    die;

    ?>
    Here is the code for config.php.

    PHP Code:
    <?php

    $dbhost 
    'localhost';
    $dbuser 'demiur_helpdesk';
    $dbpass 'me1234';
    $dbtable 'helpdesk';
    $db 'demiur_helpdesk';

    ?>
    Here is the error I get.


    Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/demiur/public_html/demo/helpdesk/add.php on line 19

    Warning: Cannot modify header information - headers already sent by (output started at /home/demiur/public_html/demo/helpdesk/add.php:19) in /home/demiur/public_html/demo/helpdesk/add.php on line 21
    Any ideas as to why this is happening? Thanks in advance.

  2. #2
    SitePoint Addict
    Join Date
    May 2003
    Location
    sitepoint
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Shouldn't the query look more like this?

    PHP Code:
    $query "INSERT INTO helpdesk (id, username, password) VALUES ('$id', '$username', '$password')"
    I think you are getting the mysql_fetch_array error becuase the query isn't valid.
    Half way to nowhere

  3. #3
    SitePoint Guru
    Join Date
    Aug 2005
    Posts
    986
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    INSERT won't return a dataset.

    Remove this line:
    $row = mysql_fetch_array($query);

  4. #4
    SitePoint Addict
    Join Date
    May 2003
    Location
    sitepoint
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yeah, didn't even think of that, I was just looking at the insert statement, which doesn't look valid to me. Yeah, mysql_fetch_array would work if the query was of the select type:

    PHP Code:
    $query "SELECT username FROM users WHERE id='$id'"
    Half way to nowhere

  5. #5
    designer
    Join Date
    Dec 2004
    Location
    Over the hill and through the woods...
    Posts
    306
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well, I removed the bit of code you told me to, and now it refreshes to user added sucessfully, but the user doesnt add. Here is the new add.php code, everything else is still the same.

    PHP Code:
    <?php

    $user2 
    mysql_escape_string($_POST['user2']);
    $passwd md5($_POST['passwd']);

    include(
    "config.php");

    mysql_connect($dbhost$dbuser$dbpass) or die(mysql_error());
    mysql_select_db($db) or die(mysql_error());

    if (
    $user2 == "" && $passwd == "") {
        
    header("Location:admin_users.php?add=false");
    } elseif (
    $user2 == "") {
        
    header("Location:admin_users.php?add=false");
    } elseif (
    $passwd == "") {
        
    header("Location:admin_users.php?add=false");
    } else {
        
    $query mysql_query("insert into '$dbtable' values(0, '$user2', '$passwd')");

        
    header("Location:admin_users.php?add=true");
    }

    exit;
    die;

    ?>
    How do you think I can make the query work? Also, it always refreshes to admin_users.php?add=true regardless of how many fields are filled in. What should I do?

  6. #6
    SitePoint Addict
    Join Date
    May 2003
    Location
    sitepoint
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I'm still new, but that query doesn't look right. Add this real quick to see if the query is being run okay:

    PHP Code:
    $query mysql_query("insert into '$dbtable' values(0, '$user2', '$passwd')");
    $result = @mysql_query($query) or die(mysql_error());
       if(
    $result) {
        
    header("Location:admin_users.php?add=true"); 
    } else {
    echo 
    "Invalid Query";

    This will atleast tell you if your query is running right.

    I think it should be along the lines of what I posted above:

    PHP Code:
    $query "INSERT INTO helpdesk (id, username, password) VALUES ('$id', '$username', '$password')"
    Half way to nowhere

  7. #7
    designer
    Join Date
    Dec 2004
    Location
    Over the hill and through the woods...
    Posts
    306
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well, it adds properly, but the verification is still wrong. even if you input no fields, it adds. New add.php code.

    PHP Code:
    <?php

    $user2 
    mysql_escape_string($_POST['user2']);
    $passwd md5($_POST['passwd']);

    include(
    "config.php");

    mysql_connect($dbhost$dbuser$dbpass) or die(mysql_error());
    mysql_select_db($db) or die(mysql_error());

    if (
    $user2 == "" && $passwd == "") {
        
    header("Location:admin_users.php?add=false");
    } elseif (
    $user2 == "") {
        
    header("Location:admin_users.php?add=false");
    } elseif (
    $passwd == "") {
        
    header("Location:admin_users.php?add=false");
    } else {
         
    $query "INSERT INTO helpdesk (id, users, pass) VALUES (0, '$user2', '$passwd')"
        
    $result = @mysql_query($query) or die(mysql_error());
        if(
    $result) {
        
    header("Location:admin_users.php?add=true");
        } else {
        
    header("Location:admin_users.php?add=false");
    }
    }

    exit;
    die;

    ?>
    Any ideas as to how to fix the validation?

  8. #8
    SitePoint Addict
    Join Date
    May 2003
    Location
    sitepoint
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    O, ok, try something like this:

    PHP Code:
    $username $_POST['user2'];
    $password $_POST['passwd'];

    if(isset(
    $username)) {
     
    $u $username;
    } else {
    $u FALSE;
    }

    if(isset(
    $password)) {
    $p $password;
    } else {
    $p FALSE;
    }

    if(
    $u && $p) {
    // Your query stuff here
    header("Location:admin_users.php?add=true");
    exit();
    } else {
    header("Location:admin_users.php?add=false");
    exit();

    Half way to nowhere

  9. #9
    designer
    Join Date
    Dec 2004
    Location
    Over the hill and through the woods...
    Posts
    306
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    New add.php code.

    PHP Code:
    <?php 

    $user2 
    mysql_escape_string($_POST['user2']);
    $passwd md5($_POST['passwd']);

    include(
    "config.php");

    mysql_connect($dbhost$dbuser$dbpass) or die(mysql_error());
    mysql_select_db($db) or die(mysql_error());

    if(isset(
    $user2)) {
    $u $user2;
    } else {
    $u FALSE;
    }

    if(isset(
    $password)) {
    $p $passwd;
    } else {
    $p FALSE;
    }

    if(
    $u && $p) {
        
    $query "INSERT INTO helpdesk (id, users, pass) VALUES (0, '$user2', '$passwd')"
        
    $result = @mysql_query($query) or die(mysql_error());
        if(
    $result) { header("Location:admin_users.php?add=true"); }
    } else {
    header("Location:admin_users.php?add=false");
    }

    exit;
    die;

    ?>
    Now it ONLY goes to admin_users.php?add=false. Why?

  10. #10
    SitePoint Addict
    Join Date
    May 2003
    Location
    sitepoint
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    looks like you didn't change $password to $passwd
    Half way to nowhere

  11. #11
    designer
    Join Date
    Dec 2004
    Location
    Over the hill and through the woods...
    Posts
    306
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hmm. So I fixed that, but now it adds the user no matter how many fields are open.

  12. #12
    SitePoint Addict
    Join Date
    May 2003
    Location
    sitepoint
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    what fields, I thought there were only two?
    Half way to nowhere

  13. #13
    designer
    Join Date
    Dec 2004
    Location
    Over the hill and through the woods...
    Posts
    306
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    There are only two. If one is blank, it still adds the user. If both are blank, it still adds the user.

  14. #14
    SitePoint Addict
    Join Date
    May 2003
    Location
    sitepoint
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Here run this script by itslef to get an understanding.

    PHP Code:
    <?php

    if(isset($_POST['submit']) && $_POST['submit'] == "Login")
    {
    $message FALSE;
    $password trim($_POST['password']);
    $username trim($_POST['uname']);
        
       
    if(
    $password){
    $p $password;
    } else {
    $p FALSE;
    $message .= "Enter a password<br>";
    }

    if(
    $username) {
    $u $username;
    } else {
    $u=FALSE;
    $message .= "Enter a username<br>";
    }


    if(
    $p && $u)
    {
    echo 
    "Everything Entered";
    }

    }

    echo 
    $message;
    ?>
    <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
    Username: <input type="text" name="uname"><br>
    Password: <input type="password" name="password"><br>
    <input type="submit" name="submit" value="Login">
    </form>
    Half way to nowhere

  15. #15
    designer
    Join Date
    Dec 2004
    Location
    Over the hill and through the woods...
    Posts
    306
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Dude! Not what I am asking! The form validation which you gave me does not work. That script you told me to run also does not validate properly. Could anyone please help me fix the validation for add.php so that it doesn't add the user if the fields arent input properly.

    PHP Code:
    <?php 

    $user2 
    mysql_escape_string($_POST['user2']);
    $passwd md5($_POST['passwd']);

    include(
    "config.php");

    mysql_connect($dbhost$dbuser$dbpass) or die(mysql_error());
    mysql_select_db($db) or die(mysql_error());

    if(isset(
    $user2) && isset($passwd)) {
        
    $query "INSERT INTO helpdesk (id, users, pass) VALUES (0, '$user2', '$passwd')"
        
    $result mysql_query($query) or die(mysql_error());
        if(
    $result) { header("Location:admin_users.php?add=true"); }
    } else {
    header("Location:admin_users.php?add=false");
    }

    exit;
    die;

    ?>

  16. #16
    SitePoint Addict
    Join Date
    May 2003
    Location
    sitepoint
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Actually it does work, same code here all you really need to do is change the everything entered to do the query and header line of code. So it won't run the query unless both fields are entered.
    Half way to nowhere

  17. #17
    designer
    Join Date
    Dec 2004
    Location
    Over the hill and through the woods...
    Posts
    306
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ok, but I do not want to rewrite my entire add.php. There HAS to be a way to just modify my current code.

  18. #18
    SitePoint Addict
    Join Date
    May 2003
    Location
    sitepoint
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Sorry, for not being able to help, but one last thing. try taking out the md5 part real quick, i think it is hashing the blank of inputting no password, which in return sets password.
    Half way to nowhere

  19. #19
    designer
    Join Date
    Dec 2004
    Location
    Over the hill and through the woods...
    Posts
    306
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Nope. Doesn't work.

    You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near ''helpdesk' (id, users, pass) VALUES (0, 'sdfsdf', '')' at line
    It just messes with my query. It needs to be md5 so that the password goes in encrypted.

  20. #20
    SitePoint Addict
    Join Date
    May 2003
    Location
    sitepoint
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You can always md5 in the query, well sorry I wasn't of any help, guess I'm still new myself.
    Half way to nowhere


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •