No Errors(?) + Not working; //Register script

**t0WL337** · Jun 9, 2007, 11:43

Okay I have tested that all the values are working from form on another page. The thing just isn't updating db.. why is this?

PHP Code:


<?php



require 'config.php';



$result = mysql_query('SELECT * FROM users') or die('Could not gather info: ' . mysql_error());





if (isset($_POST['submit'])) 

    {

    $username = $_POST['username'];

    $password = sha1($_POST['password']);

    $ip = $_SERVER['REMOTE_ADDR'];

    $registered = date("F j, Y, g:i a");  

    

    //print_r($_POST);

    //echo $ip, $registered;

    $query = 'INSERT INTO users (username, password, registration_date, user_ip) VALUES('.$username.', '.$password.', '.$registered.', '.$ip.')';

    $result = mysql_query($query);

    /*else 

        { 

        echo 'This email adress has already been registered.'; 

        }*/ 

    } 

    else 

    {

        echo 'Die Hacking Attempt!';

    }

    //echo $username, $password, $ip, $registered;

?>

Im also looking to secure the password a little bit better than a simple sha1.

**spikeZ** · Jun 9, 2007, 12:17

Have you done a or die(mysql_error()) on the $result query and what does the sql look like when you print it?

**t0WL337** · Jun 9, 2007, 12:20

When I print the array info... it looks like

Array ( [username] => name [password] => pass [password2] => pass [submit] => submit ) 127.0.0.1June 9, 2007, 3:19 pm

and thats using the lines
print_r($_POST);
echo $ip, $registered;

**spikeZ** · Jun 9, 2007, 12:25

sorry, I meant on the query line:

PHP Code:


$result = mysql_query($query) or die(mysql_error());

If that doesnt turn anything up, check the field types in the sql table itself because if you are inerting the registered date into a date field it is in the wrong format.

**byron3@earthlink** · Jun 9, 2007, 12:25

Where did you connect to the database?
Where did you select the database?

**t0WL337** · Jun 9, 2007, 12:28

Okay, spikeZ I will check field types; and check for erros.

Originally Posted by byron3@earthlink

Where did you connect to the database?
Where did you select the database?

in config.php

PHP Code:


<?php

$dbconnec = mysql_connect('localhost', 'root', '') or die('Could not connect to database');

$dbselect = mysql_select_db('tld4us') or die('Could not select database');

?>

**byron3@earthlink** · Jun 9, 2007, 12:29

Did you make those variables global?
Ever heard of scope?

**t0WL337** · Jun 9, 2007, 12:34

No please explain? I have been wondering because I'm going to need ppl to stay logged in while they visit various parts of a website.

spikeZ look at the problem with query

Problem with query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '9, 2007, 3:36 pm, 127.0.0.1)' at line 1

field: registration_date type: datetime; no other special attributes.

**spikeZ** · Jun 9, 2007, 12:55

Datetime expects the date format YYYY-MM-DD not a humanised form.
You can manipulate the date as you get it from the database.
You can simply use NOW() in your query to put the date time into the correct format

**t0WL337** · Jun 9, 2007, 13:04

Thanks again spikeZ!
I can't find now() in the php manual.
What would I put inside of the brackets?

I should mention that it needs to work for php 4.4.4

**spikeZ** · Jun 9, 2007, 13:10

Your query would look like:

PHP Code:


 $query = "INSERT INTO users (username, password, registration_date, user_ip) VALUES('".$username."', '".$password."', NOW(), '".$ip."')"; 



    $result = mysql_query($query);

**t0WL337** · Jun 9, 2007, 13:12

OH, okay, I didn't realize it was a specific thing to mysql.

**spikeZ** · Jun 9, 2007, 13:14

Yup
http://dev.mysql.com/doc/refman/5.0/...l#function_now

**t0WL337** · Jun 9, 2007, 13:22

Here is how information is being put into db

user_id: 1 username: name password: 9d4e1e23bd5b727046a9e3b4b7db57bd8d6ee684 date&time: 2007-06-09 16:18:52 ip adress: 127

For 127.0.0.1 will it always show ip as 127?

It seems to be working.. except when I access the script not using the form it gives me an unexpected $end, even though all brackets are closed.

Here is the new code:

PHP Code:


<?php



require 'config.php';





$result = mysql_query('SELECT * FROM users') or die('Could not gather info: ' . mysql_error());





if (isset($_POST['submit'])) 

    {

    $username = $_POST['username'];

    $password = sha1($_POST['password']);

    $password2 = sha1($_POST['password2']);

    $ip = $_SERVER['REMOTE_ADDR'];

    $registered = date("F j, Y, g:i a");  

    

        if ($password == $password2) 

        {

        $query = $query = "INSERT INTO users (username, password, registration_date, user_ip) VALUES('".$username."', '".$password."', NOW(), '".$ip."')";

        $result = mysql_query($query) or die('Problem with query: ' . mysql_error());

        }

    

    }

    

    else 

    {

    echo 'Die Hacking Attempt!';

    }

        

?>

I will add some validation stuff to it later.

**spikeZ** · Jun 9, 2007, 13:46

The IP address it is picking up is your Localhost address which is always 127.0.0.1. Once the script is on a server it should be ok and pick up the users IP addy.

As for the brackets it must be something other than the snippet you posted as they do indeed all balance.

**t0WL337** · Jun 9, 2007, 14:28

That is the entire code of the file. I am assuming it is something to do with WAMP or my comp where it is caching or something.

User Tag List

Thread: No Errors(?) + Not working; //Register script

Thread Tools

Display

No Errors(?) + Not working; //Register script

Bookmarks

Bookmarks

Posting Permissions