Register and Login (User Account System)

[Chlor]

Hi again, I continue to struggle with my PHP, and I am stuck in one of these tutorials yet again.

I'm at the end of part 3, and everything should be done,a s far as I can tell my code is more or less identical to the one in the tutorial. At first I got a "Warning: mysql_result() expects parameter 1 to be resource, boolean given in C:\web\useracc\core\inc\user.php on line 9" message, but I managed to make that go away.

As it is right now there are no errors (neither with mysql_error();) but my database will not update, anyone mind pointing me in the right direction in this?

My "user.php" file.

[syntax=php]<?php

// checks if the given username exists in the table.
function user_exists($user){
$user = mysql_real_escape_string($user);

$total = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `user_name` = '{$user}'");

return (mysql_result($total, 0) == '1') ? true : false;
}


//Checks if the username and password matches.
function valid_credentials($user, $pass){
$user = mysql_real_escape_string($user);
$pass = sha1($pass);

$total = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `user_name` = '{$user}' AND `user_password` = '{$pass}'");

return (mysql_result($total, 0) == '1') ? true : false;
}


//Adds a user to the database.
function add_user($user, $pass){
$user = mysql_real_escape_string(htmlentities($user));
$pass = sha1($pass);

mysql_query("INSERT INTO `users`(`user_name`, `user_password`) VALUES ('{$user}','{$pass}')");
}

?>[/syntax]

and my register.php file.
[syntax=php]<?php

include('core/init.php');

if (isset($_POST['username'], $_POST['password'], $_POST['repeat_password'])){
if (empty($_POST['username'])){
$errors[] = 'The username cannot be empty.';
}

if(empty($_POST['password']) || $_POST['repeat_password']){
$errors[] = 'The password cannot be empty.';
}

if ($_POST['password'] !== $_POST['repeat_password']){
$errors[] = 'One of the passwords are spelled incorrectly.';
}

if (user_exists($_POST['username'])){
$errors[] = 'That username is already taken';
}

if (empty($errors)){
add_user($_POST['username'], $_POST['password']);

$_SESSION['username'] = htmlentities($_POST['username']);

header('Location: protected.php');
die();
}
}

?>

<!DOCTYPE html>
<head>
<title>Register</title>
</head>

<body>
<p>
<?php
?>
</p>
<form action="" method="post">
<p>
<label for="username">Username:</label>
<input type="text" name="username" id="username" />
</p>

<p>
<label for="password">Password:</label>
<input type="password" name="password" id="password" />
</p>

<p>
<label for="repeat_password">Repeat password:</label>
<input type="password" name="repeat_password" id="repeat_password" />
</p>
<p>
<input type="submit" value="Register"/>
</p>
</form>

</body>

</html>[/syntax]

[ExtremeGaming]

mysql_error() and msql_error() are totally different. Did you try mysql_error in your add_user function like this:

[syntax=php]
<?php
//Adds a user to the database.
function add_user($user, $pass){
$user = mysql_real_escape_string(htmlentities($user));
$pass = sha1($pass);

mysql_query("INSERT INTO `users`(`user_name`, `user_password`) VALUES ('{$user}','{$pass}')") or die(mysql_error());
}

?>[/syntax]

[Chlor]

Oh, I meant mysql_error(), that was a typo. (the disgrace!).
Yes, I have tried with mysql_error(); at the endo of all my queries with no results.

[ExtremeGaming]

In which function is it not updating? I also notice that you aren't displaying any of the $errors[]. Perhaps there are some and you can't see them because of that.

[Chlor]

That was the problem. I had forgotten to put a second empty(); for password verification so I assume that the "repeat password" field was the part that messed things up. Silly me.