I have tryed to fix the first name and last name for the register system. But i can't get it to work it well not put the date to my mysql.
here is the register.php code:
<?php include('core/init.inc.php'); $errors = array(); if (isset($_POST['username'], $_POST['password'], $_POST['repeat_password'])) { if (empty($_POST['username'])) { $errors[] = 'The username cannot be empty.'; } if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false) { $errors[] = 'The email address you entered does not appear to be valid.'; } if (empty($_POST['password']) || empty($_POST['repeat_password'])) { $errors[] = 'The password cannot be empty.'; } if ($_POST['password'] !== $_POST['repeat_password']) { $errors[] = 'Password verification failed.'; } if (user_exists($_POST['username'])) { $errors[] = 'The username you entered is already taken.'; } if (empty($errors)) { add_user($_POST['username'], $_POST['firstname'], $_POST['lastname'], $_POST['email'], $_POST['password']); header('Location: protected.php'); die(); } } ?> <!DOCTYPE html> <html lang="da"> <head> <meta charset="utf-8"> <title></title> <link rel="stylesheet" type="text/css" href="ext/css/style.css" /> </head> <body> <div> <?php if (empty($errors) === false) { ?> <ul> <?php foreach ($errors as $error) { echo "<li>{$error}</li>"; } ?> </ul> <?php } ?> </div> <form action="" method="post"> <p> <label for="username"><b>Username:</b><br/></label> <input type="text" name="username" id="username" value="<?php if (isset($_POST['username'])) echo htmlentities($_POST['username']); ?>" /> </p> <p> <label for="username"><b>Firstname:</b><br/></label> <input type="text" name="firstname" id="firstname" value="<?php if (isset($_POST['firstname'])) echo htmlentities($_POST['firstname']); ?>" /> </p> <p> <label for="username"><b>Lastname:</b><br/></label> <input type="text" name="lastname" id="lastname" value="<?php if (isset($_POST['lastname'])) echo htmlentities($_POST['lastname']); ?>" /> </p> <p> <label for="email"><b>Email:</b><br/></label> <input type="text" name="email" id="email" value="<?php if (isset($_POST['email'])) echo htmlentities($_POST['email']); ?>" /> </p> <p> <label for="password"><b>Password:</b><br/></label> <input type="password" name="password" id="password" /> </p> <p> <label for="repeat_password"><b>Repeat Password:</b><br/></label> <input type="password" name="repeat_password" id="repeat_password" /> </p> <p> <input type="submit" value="Register" /> </p> </form> </body> </html>And here is the user.inc.php code:
<?php // fetches the right profile with id. function fetch_current_user_id($username){ $username = mysql_real_escape_string($username); $sql = "SELECT `user_id` FROM `users` WHERE `user_name` = '{$username}'"; $result = mysql_query($sql); return mysql_result($result, 0); } if(empty($_SESSION['uid'])){ $_SESSION['uid'] = fetch_current_user_id($_SESSION['username']); } // fetches all of the users from the table. function fetch_users() { $result = mysql_query('SELECT `user_id` AS `id`, `user_name` AS `username` FROM `users`'); $users = array(); while (($row = mysql_fetch_assoc($result)) !== false) { $users[] = $row; } return $users; } // fetches profile infomation for the given user. function fetch_user_info($uid) { $uid = (int)$uid; $sql = "SELECT `user_id` AS `id`, `user_name` AS `username`, `user_firstname` AS `firstname`, `user_lastname` AS `lastname`, `user_email` AS `email`, `user_about` AS `about`, `user_location` AS `location`, `user_gender` AS `gender` FROM `users` WHERE `user_id` = {$uid}"; $result = mysql_query($sql); $info = mysql_fetch_assoc($result); $info['avatar'] = (file_exists("{$GLOBALS['path']}/user_avatars/{$info['id']}.jpg")) ? "core/user_avatars/{$info['id']}.jpg" : "core/user_avatars/default.jpg"; return $info; } // updates the current users profile info. function set_profile_info($email, $about, $location ,$avatar) { $email = mysql_real_escape_string(htmlentities($email)); $about = mysql_real_escape_string(nl2br(htmlentities($about))); $location = mysql_real_escape_string($location); if (file_exists($avatar)) { $src_size = getimagesize($avatar); if ($src_size['mime'] === 'image/jpeg') { $src_img = imagecreatefromjpeg($avatar); }else if ($src_size['mime'] === 'image/png') { $src_img = imagecreatefrompng($avatar); }else if ($src_size['mime'] === 'image/gif') { $src_img = imagecreatefromgif($avatar); }else { $src_img = false; } if ($src_img !== false) { $thumb_width = 200; if ($src_size[0] <= $thumb_width) { $thumb = $src_img; }else { $new_size[0] = $thumb_width; $new_size[1] = ($src_size[1] / $src_size[0]) * $thumb_width; $thumb = imagecreatetruecolor($new_size[0], $new_size[1]); imagecopyresampled($thumb, $src_img, 0, 0, 0, 0, $new_size[0], $new_size[1], $src_size[0], $src_size[1]); } imagejpeg($thumb, "{$GLOBALS['path']}/user_avatars/{$_SESSION['uid']}.jpg"); } } $sql = "UPDATE `users` SET `user_email` = '{$email}', `user_about` = '{$about}', `user_location` = '{$location}' WHERE `user_id` = {$_SESSION['uid']}"; mysql_query($sql); } // check if the given username exists in the database. function user_exists($user) { $user = mysql_real_escape_string($user); $total = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `user_name` = '{$user}'"); return (mysql_result($total, 0) == '1') ? true : false; } // check if the given username and password combination is valid. function valid_credentials($user, $pass) { $user = mysql_real_escape_string($user); $pass = mysql_real_escape_string($pass); $total = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `user_name` = '{$user}' AND `user_password` = '{$pass}'"); return (mysql_result($total, 0) == '1') ? true : false; } // checks is the given user account is active. function is_active($user) { $user = mysql_real_escape_string($user); $sql = "SELECT COUNT(`user_activations`.`user_id`) FROM `users` INNER JOIN `user_activations` ON `users`.`user_id` = `user_activations`.`user_id` WHERE `users`.`user_name` = '{$user}'"; $result = mysql_query($sql); return (mysql_result($result, 0) == '0') ? true : false; } // activates the account related to the given activation code. function activate_account($aid) { $aid = mysql_real_escape_string($aid); mysql_query("DELETE FROM `user_activations` WHERE `activation_code` = '{$aid}'"); } // adds a user to the database function add_user($user, $firstname, $lastname, $email, $pass) { $user = mysql_real_escape_string(htmlentities($user)); $firstname = mysql_real_escape_string(htmlentities($firstname)); $lastname = mysql_real_escape_string(htmlentities($lastname)); $email = mysql_real_escape_string($email); $pass = sha1($pass); $charset = array_flip(array_merge(range('a', 'z'), range('A', 'Z'), range('0', '9'))); $aid = implode('', array_rand($charset, 10)); $body = <<<EMAIL Hi, Thanks for registering, before you login you need to activate your account. To do that simply click the following link. http://localhost:8888/UserSystem/activate.php?aid={$aid} EMAIL; mail($email, 'Your new account at onslowdemolering.dk', $body, 'From: ekim@onslowdemolering.dk'); mysql_query("INSERT INTO `users` (`user_name`, `user_password`, `user_email`) VALUES ('{$user}', '{$pass}', '{$email}')"); $user_id = mysql_insert_id(); mysql_query("INSERT INTO `user_activations` (`user_id`, `activation_code`) VALUES ({$user_id}, '{$aid}')"); } ?>But i have edited this part in user.inc.php code:
// adds a user to the database function add_user($user, $firstname, $lastname, $email, $pass) { $user = mysql_real_escape_string(htmlentities($user)); $firstname = mysql_real_escape_string(htmlentities($firstname)); $lastname = mysql_real_escape_string(htmlentities($lastname)); $email = mysql_real_escape_string($email); $pass = sha1($pass); $charset = array_flip(array_merge(range('a', 'z'), range('A', 'Z'), range('0', '9'))); $aid = implode('', array_rand($charset, 10));Hope u can help me with that.
// Hys