Registration not adding users or redirecting, ect

[Curia]

so im following the login and rego system tut, have everything working, except im now at the user registration page and im getting hit with some problems.

1. the errors that should display, are not showing.
2. form does not seem to add new users, it just sends all the entered data into the address bar and reloads the page with empty fields. Visiting phpmyadmin shows that no users have been added.


registration.php

<?php

include('core/init.inc.php');

if (isset($_POST['username'], $_POST['password'], $_POST['repeat_password'])){
    if (empty($_POST['username'])){
	    $errors[] = 'The username field is empty';
	}
	
	if (empty($_POST['password']) || empty($_POST['repeat_password'])){
	    $errors[] = 'The password field is empty';
	}
	
	if ($_POST['password'] !== $_POST['repeat_password']){
	    $errors[] = 'Passwords do not match';
	}
	
	if (user_exist($_POST['username'])){
	    $errors[] = 'The username you entered is already taken';
	}
	
	if (empty($errors)){
	    add_user($_POST['username'], $_POST['password']);
		
		$_SESSION['username'] = htmlentities($_POST['username']);
		
		header('Location: protected.php');
		die();
	}

}

?>



<html>

    <head>
		<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
		<title>Registration</title>
		<!-- Stylesheets here, before all scripts. Helps avoid styling issues. -->
		<link href="css/style.css" rel="stylesheet" media="screen" type="text/css" />
		<link href="css/reset.css" rel="stylesheet" media="screen" type="text/css" />
		<!--
		If you want to use complex selectors with Cuf??load a selector engine (JavaScript framework) here.
		We support jQuery, Sizzle, MooTools, Dojo, Prototype and other popular frameworks.
		-->
		<script src="js/cufon-yui.js" type="text/javascript"></script>
		<script src="js/Opificio_400-Opificio_700.font.js" type="text/javascript"></script>
		<script type="text/javascript">
			Cufon.replace('h1'); // Works without a selector engine
			Cufon.replace('#sub1'); // Requires a selector engine for IE 6-7, see above
		</script>
		
		
		
	</head>
	
	<body>
	
 
    <div class="wrapper">
    <div class="loginbox">
	
	    <div class="logo"><img src="img/logo.png" class="logo"></img></div>
	
	<br><br>
	  <div class="login">
	  
	  
	<form action="" method"POST">
	
	   <label for="username"><h1>Username:</h1></label>
	   <input type="text" name="username" size="27px" id="username" value="<?php if (isset($_POST['username'])) echo htmlentities($_POST['username']); ?>"	/> <br><br>
	   
	   <label for="password"><h1>Password:</h1></label>
   	   <input type="password" name="password" size="27px"  /> <br><br>
	   
	   <label for="repeat_password"><h1>Repeat Password:</h1></label>
	   <input type="password" name="password" size="27px"  /> <br><br>
		   
	   <input alt="Sign In" class="submit" id="submit" src="img/rego.png" type="image" />
			
	</form>
	
	 <div>
        <?php
 
        if (empty($errors) === false){
          ?>
          <ul>
            <?php
 
            foreach ($errors as $error){
              echo "<li>{$error}</li>";
            }
 
            ?>
          </ul>
          <?php
 
        }
 
        ?>
 
    </div>
	
	  </div>
	  
    </div>
    </div>
	
	</body>

</html>

init.inc.php

<?php

session_start();



$exceptions = array('register', 'login');



$page = substr(end(explode('/', $_SERVER['SCRIPT_NAME'])), 0, -4);

if (in_array($page, $exceptions) === false) {
    if (isset($SESSION['username']) === false) {
	    header('Location: login.php');
		die();
	}
}

mysql_connect('localhost','user_system','');

mysql_select_db('user_system');

$path = dirname(__FILE__);

include("{$path}/inc/user.inc.php");

?>

user.inc.php

<?php 

//checks if the given username exists in table
function user_exist($user){
    $user = mysql_real_escape_string($user);
	
	$total = mysql_query("SELECT COUNT('user_id') FROM 'users' WHERE 'user_name' = '{$user}'");
	
	return (mysql_result($total, 0) == '1') ? true : false;

}

//checks if the given username and password combination is valid
function valid_credentials($user, $pass){
   $user = mysql_real_escape_string($user);
   $pass = sha1($pass); 
   
   $total = mysql_query("SELECT COUNT('user_id') FROM 'users' WHERE 'user_name' = '{$user}' AND ;user_password' = '{$pass}'");
   
   return (mysql_result($total, 0) == '1') ? true : false;
}

//adds a user to the db
function add_user($user, $pass){
    $user = mysql_real_escape_string(htmlentities($user));
	$pass = sha1($pass);
	
	mysql_query("INSERT INTO `users` (`user_name`,`user_password`) VALUES ('{$user}','{$pass}')");

}

?>

Ive tested it without any of the styling and other html stuff, and its still the same, so im sure its got nothing to do with my design.

[jacek]

Both of your password input have the name "password" one of them should be "repeat_password".

also, your HTML made me a little unhappy

[Curia]

ok, i realised i forgot to give my pass and repeat_pass fields an id, they have that now, yet nothing is still happening

EDIT: i looked though once again, noticed i had the wrong db details in the init.inc file, fixed them, but not working.

it seems its not connecting to the db, since it prints the values in the fields to the address (just like when not using xammp).
im sure if got the right connect details now......

<?php

session_start();



$exceptions = array('register', 'login');



$page = substr(end(explode('/', $_SERVER['SCRIPT_NAME'])), 0, -4);

if (in_array($page, $exceptions) === false) {
    if (isset($SESSION['username']) === false) {
	    header('Location: login.php');
		die();
	}
}

mysql_connect('localhost','root','');

mysql_select_db('user_system');

$path = dirname(__FILE__);

include("{$path}/inc/user.inc.php");

?>

Oh, and whats up with my html? i rather know, cause then i get better at it.

[jacek]

since it prints the values in the fields to the address

Ahh okay I see the problem, the forum is being submitted via GET not POST

<form action="" method"POST">

You have a missing = here after method. that could be the cause.

Oh, and whats up with my html? i rather know, cause then i get better at it.

• There is no doctype
• You use <br> not <br />
• You used <br> to add space when that should be done with CSS
• You use <img></img> instead of <img />
• You have used size="27px" instead of CSS
• You put a h1 inside a label tag

[JelvinJS7]

You have 2 problems w/ your queries. 1. This applies to

SELECT COUNT('user_id') FROM 'users' WHERE 'user_name' = '{$user}' -- user exists query
SELECT COUNT('user_id') FROM 'users' WHERE 'user_name' = '{$user}' AND ;user_password' = '{$pass}'--valid credentials query

Field names should have `backticks`, not 'apostrophes'

2. Let's take another look at valid credentials

SELECT COUNT('user_id') FROM 'users' WHERE 'user_name' = '{$user}' AND ;user_password' = '{$pass}'

You have a semicolon after the AND clause (it's a clause, Right?), then more code. Like in PHP, a semicolon means the end of a new line. So you're really running this SQL code:

SELECT COUNT('user_id') FROM 'users' WHERE 'user_name' = '{$user}' AND;
user_password' = '{$pass}'

which isn't a query at all

[Curia]

Ahh okay I see the problem, the forum is being submitted via GET not POST

<form action="" method"POST">

You have a missing = here after method. that could be the cause.

sweet, i should of picked that up myself, i was looking directly at it lol

• There is no doctype
• You use <br> not <br />
• You used <br> to add space when that should be done with CSS
• You use <img></img> instead of <img />
• You have used size="27px" instead of CSS
• You put a h1 inside a label tag

• im lazy and was using shorthand to get it all into format (still works in chrome and firefox, just not IE)
• me being lazy yet again and using shorthand
• yup, same as above
• good tip, ice seen it before, never really took much notice
• should of known that despite the fact ive been learning css/html for half a year, thanks
• since im using differant <h> tags, would i put them outside the <li> tags then>

Thanks guys, really helpful, improved alot and fixed some other errors myself, now im hit with two more

Warning: mysql_result() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\php\login\core\inc\user.inc.php on line 9 

Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\php\login\core\inc\user.inc.php:9) in C:\xampp\htdocs\php\login\register.php on line 29 

i undertand the 2nd one, but not how to fix it, the first error, ive looked at the line, but cannot see whats wrong 0_o

[jacek]

i undertand the 2nd one, but not how to fix it, the first error, ive looked at the line, but cannot see whats wrong 0_o

It means your query is failing for some reason, if you add

echo mysql_error();

after the mysql_query() line it will tell you why.

[Curia]

i undertand the 2nd one, but not how to fix it, the first error, ive looked at the line, but cannot see whats wrong 0_o

It means your query is failing for some reason, if you add

echo mysql_error();

after the mysql_query() line it will tell you why.

Ok, works a treat and got my registration page fixed and working good, now im just presented with the same errors on the registration page with the mysql error being

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' = '4ea30645b65ae7abc3cac044a398edc5b6e88c20'' at line 1 Warning: mysql_result() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\php\login\core\inc\user.inc.php on line 23 

Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\php\login\core\inc\user.inc.php:21) in C:\xampp\htdocs\php\login\login.php on line 23 

user.inc.int

<?php 

//checks if the given username exists in table
function user_exist($user){
    $user = mysql_real_escape_string($user);
	
	$total = mysql_query("SELECT COUNT(`user_id`) FROM `members` WHERE `user_name` = '{$user}'");
	echo mysql_error();
	
	return (mysql_result($total, 0) == `1`) ? true : false;
	

}

//checks if the given username and password combination is valid
function valid_credentials($user, $pass){
   $user = mysql_real_escape_string($user);
   $pass = sha1($pass); 
   
   $total = mysql_query("SELECT COUNT(`user_id`) FROM `members` WHERE `user_name` = '{$user}' AND user_password' = '{$pass}'");
   echo mysql_error();
   
   return (mysql_result($total, 0) == `1`) ? true : false;
}

//adds a user to the db
function add_user($user, $pass){
    $user = mysql_real_escape_string(htmlentities($user));
	$pass = sha1($pass);
	
	mysql_query("INSERT INTO `members` (`user_name`,`user_password`) VALUES ('{$user}','{$pass}')");

}

?>

ive looked around, but as far as my understanding of php and mysql goes (and that aint far) its something wrong with the $total i carnt seem to solve it after trying a few methods.

[jacek]

Ah okay, one line 20 of that code you just posted, you have ' around the column name when you should have `

[Curia]

Sweet, fixed up a few more errors, and got it all working as it should.
Thank you a heap for being patience and reading through my code (even with the stupid ` errors) really useful to have someone who puts time in to read it all. Cheers.

Also, I might make a tut or two on some basic HTML/CSS stuff, because it’s always good to know how to make a good looking login page XD.

[jacek]

No problem, glad you got it working