Jump to content

SQL or die issue

- - - - -
Started by hudbarnett, Aug 31 2010 01:00 PM

This topic has been archived. This means that you cannot reply to this topic.
4 replies to this topic

#1
hudbarnett
Posted 31 August 2010 - 01:00 PM

hudbarnett

    Newbie

  • Members
  • PipPip
  • 23 posts
I have this page and when the user added a username that is in the database already i get a horrid text error. All you see is the white page with the error. I would like to redirect the user to a page or add text which includes all the page HTML so it still has the look of the over all site.

The line in question is "or die ("Sorry there has been a problem with the registration, please click back and try again");"

Here is the php code

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<?php

// Check if he wants to register:
if (!empty($_POST[username]))
{
    // Check if passwords match.
    if ($_POST[password] != $_POST[password2])
        exit("Error - Passwords don't match. Please go back and try again.");

    // Assign some variables.
    $date = mktime("d - m - Y");
    $ip = $_SERVER[REMOTE_ADDR];

    require_once("connect.php");

    // Register him.
    $query = mysql_query("INSERT INTO members 
    (title, username, firstname, lastname, address, town, county, postcode, mobile, tennis_number, lta_number, itf_itn_number, age, club, website, showdetails, password, date, ip)
    VALUES    ('$_POST[title]','$_POST[username]','$_POST[firstname]','$_POST[lastname]','$_POST[address]','$_POST[town]','$_POST[county]','$_POST[postcode]','$_POST[mobile]','$_POST[tennis_number]','$_POST[lta_number]','$_POST[itf_itn_number]','$_POST[age]','$_POST[club]','$_POST[website]','$_POST[showdetails]','$_POST[password]','$date','$ip')")
    or die ("Sorry there has been a problem with the registration, please click back and try again");
    
    header("location:new_account.php");
        
    exit();
}

?>

Thanks;)

#2
DEViANT
Posted 31 August 2010 - 01:14 PM

DEViANT

    Programming Expert

  • Members
  • PipPipPipPipPipPip
  • 358 posts
Try the following:

CODE REMOVED - CHECK NEXT POST

Check the comment fields for where you have to make changes. Untested - but it SHOULD work.

#3
DEViANT
Posted 31 August 2010 - 01:19 PM

DEViANT

    Programming Expert

  • Members
  • PipPipPipPipPipPip
  • 358 posts
Updated :


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<?php


// Check if he wants to register:

if (!empty($_POST[username]))

{

    // Check if passwords match.

    if ($_POST[password] != $_POST[password2])

        exit("Error - Passwords don't match. Please go back and try again.");


    // Assign some variables.

    $date = mktime("d - m - Y");

    $ip = $_SERVER[REMOTE_ADDR];


    require_once("connect.php");


    // Register him.

    $q = mysql_query("SELECT username FROM members ORDER BY username ASC") or die(mysql_error());

    while($row = mysql_fetch_assoc($q))

    {

    	$arrnames[$i] = $row['username'];

    	$i++;

    }

    

    if(!in_array($_POST['username'],$arrnames))

    {

    	/*

    		Place what you want to 

    		have displayed in this 

    		block right here. This 

    		will be displayed if a 

    		username was found in 

    		the database that matches 

    		the given username

    		

    	*/

    	exit();

    } else {    

    	$query = mysql_query("INSERT INTO members 

    (title, username, firstname, lastname, address, town, county, postcode, mobile, tennis_number, lta_number, itf_itn_number, age, club, website, showdetails, password, date, ip)

    VALUES    ('$_POST[title]','$_POST[username]','$_POST[firstname]','$_POST[lastname]','$_POST[address]','$_POST[town]','$_POST[county]','$_POST[postcode]','$_POST[mobile]','$_POST[tennis_number]','$_POST[lta_number]','$_POST[itf_itn_number]','$_POST[age]','$_POST[club]','$_POST[website]','$_POST[showdetails]','$_POST[password]','$date','$ip')")

    or die ("Sorry there has been a problem with the registration, please click back and try again");

    

    header("location:new_account.php");

        

    exit();

}


?>

#4
Alexander
Posted 31 August 2010 - 05:50 PM

Alexander

    It's Science!

  • Moderators
  • 4,124 posts
It's much simpler than that.

$result = mysql_query("SELECT username FROM `members` WHERE `username` = '$username'");

if(mysql_num_rows($result) !== 0){
           die("Sorry! The user exists already");
}
Note 1: In your top code, do wrap non-constants in single or double quotes, $_POST[username] should be $_POST['username']
Note 2: mktime() is not correct, use date("d - m - Y")
Note 3: Consider using mysql_real_escape_string() around your $_POST elements in your query, this will prevent SQL injection.

Edited by Alexander, 31 August 2010 - 11:59 PM.
whoops!

Be sure to read the updated FAQ! || Health is achieved through the same 10,000 steps.
If a suggested code/method fails, informing us is less important than telling us why or what errors occurred.

#5
Orjan
Posted 31 August 2010 - 11:53 PM

Orjan

    Writes binary right handed and hex left handed

  • Moderators
  • 3,299 posts
the sql needs to be like this, of course
SELECT username FROM `members` WHERE username = '$username'

__________________________________________
I study Information Systems at Karlstad University when I'm not on CodeCall
Back to PHP Development




  1. CODECALL Programming Forum
  2. Web Development Forum
  3. PHP Development
IPB skins by Skinbox