How would I combine these two scripts?

[Lyco]

I know this involves MySQL, but it's mostly PHP, so I figured it should go here, forgive me if I posted in the wrong section, though.

 

Anyway! Let's get down to it. I'd like to combine these two scripts (below). I want the questionnaire script to be a signup requirement in the signup script, and I want it to log the questionnaire into my MySQL database as usual, then prompt the user with a successful sign up.

 

I'm still really new to PHP and I'm just testing to see if this'll work. How would I go about doing this? Thanks a LOT guys.

 

Questionnaire:

 

<?php
  // Start the session
  require_once('startsession.php');

  // Insert the page header
  $page_title = 'Questionnaire';
  require_once('header.php');

  require_once('appvars.php');
  require_once('connectvars.php');

  // Make sure the user is logged in before going any further.
  if (!isset($_SESSION['user_id'])) 
  {
    echo '<p class="login">Please <a href="login.php">log in</a> to access this page.</p>';
    exit();
  }

  // Show the navigation menu
  require_once('navmenu.php');

  // Connect to the database
  $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);

  // If this user has never answered the questionnaire, insert empty responses into the database
  $query = "SELECT * FROM mismatch_response WHERE user_id = '" . $_SESSION['user_id'] . "'";
  $data = mysqli_query($dbc, $query);
  if (mysqli_num_rows($data) == 0) 
  {
    // First grab the list of topic IDs from the topic table
    $query = "SELECT topic_id FROM mismatch_topic ORDER BY category_id, topic_id";
    $data = mysqli_query($dbc, $query);
    $topicIDs = array();
    while ($row = mysqli_fetch_array($data)) 
{
      array_push($topicIDs, $row['topic_id']);
    }

    // Insert empty response rows into the response table, one per topic
    foreach ($topicIDs as $topic_id) 
{
      $query = "INSERT INTO mismatch_response (user_id, topic_id) VALUES ('" . $_SESSION['user_id']. "', '$topic_id')";
      mysqli_query($dbc, $query);
    }
  }

  // If the questionnaire form has been submitted, write the form responses to the database
  if (isset($_POST['submit'])) 
  {
    // Write the questionnaire response rows to the response table
    foreach ($_POST as $response_id => $response) 
{
      $query = "UPDATE mismatch_response SET response = '$response' WHERE response_id = '$response_id'";
      mysqli_query($dbc, $query);
    }
    echo '<p>Your responses have been saved.</p>';
  }

  // Grab the response data from the database to generate the form
  $query = "SELECT mr.response_id, mr.topic_id, mr.response, " .
    "mt.name AS topic_name, mc.name AS category_name " .
"FROM mismatch_response AS mr " .
"INNER JOIN mismatch_topic AS mt USING (topic_id) " .
"INNER JOIN mismatch_category AS mc USING (category_id) " .
"WHERE mr.user_id = '". $_SESSION['user_id'] . "'";
$data = mysqli_query ($dbc, $query);
$responses = array();
while ($row = mysqli_fetch_array($data)) 
{
  array_push($responses, $row);
}
  
  mysqli_close($dbc);

  // Generate the questionnaire form by looping through the response array
  echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';
  echo '<p>How do you feel about each topic?</p>';
  $category = $responses[0]['category_name'];
  echo '<fieldset><legend>' . $responses[0]['category_name'] . '</legend>';
  foreach ($responses as $response) 
  {
    // Only start a new fieldset if the category has changed
    if ($category != $response['category_name']) 
{
      $category = $response['category_name'];
      echo '</fieldset><fieldset><legend>' . $response['category_name'] . '</legend>';
    }

    // Display the topic form field
    echo '<label ' . ($response['response'] == NULL ? 'class="error"' : '') . ' for="' . $response['response_id'] . '">' . $response['topic_name'] . ':</label>';
    echo '<input type="radio" id="' . $response['response_id'] . '" name="' . $response['response_id'] . '" value="1" ' . ($response['response'] == 1 ? 'checked="checked"' : '') . ' />Love ';
    echo '<input type="radio" id="' . $response['response_id'] . '" name="' . $response['response_id'] . '" value="2" ' . ($response['response'] == 2 ? 'checked="checked"' : '') . ' />Hate<br />';
  }
  echo '</fieldset>';
  echo '<input type="submit" value="Save Questionnaire" name="submit" />';
  echo '</form>';

  // Insert the page footer
  require_once('footer.php');
?>

 

 

Signup:

<?php
  // Insert the page header
  $page_title = 'Sign Up';
  require_once('header.php');

  require_once('appvars.php');
  require_once('connectvars.php');

  // Connect to the database
  $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);

  if (isset($_POST['submit'])) {
    // Grab the profile data from the POST
    $username = mysqli_real_escape_string($dbc, trim($_POST['username']));
    $password1 = mysqli_real_escape_string($dbc, trim($_POST['password1']));
    $password2 = mysqli_real_escape_string($dbc, trim($_POST['password2']));

    if (!empty($username) && !empty($password1) && !empty($password2) && ($password1 == $password2)) {
      // Make sure someone isn't already registered using this username
      $query = "SELECT * FROM mismatch_user WHERE username = '$username'";
      $data = mysqli_query($dbc, $query);
      if (mysqli_num_rows($data) == 0) {
        // The username is unique, so insert the data into the database
        $query = "INSERT INTO mismatch_user (username, password, join_date) VALUES ('$username', SHA('$password1'), NOW())";
        mysqli_query($dbc, $query);

        // Confirm success with the user
        echo '<p>Your new account has been successfully created. You\'re now ready to <a href="login.php">log in</a>.</p>';

        mysqli_close($dbc);
        exit();
      }
      else {
        // An account already exists for this username, so display an error message
        echo '<p class="error">An account already exists for this username. Please use a different address.</p>';
        $username = "";
      }
    }
    else {
      echo '<p class="error">You must enter all of the sign-up data, including the desired password twice.</p>';
    }
  }

  mysqli_close($dbc);
?>

  <p>Please enter your username and desired password to sign up to Mismatch.</p>
  <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
    <fieldset>
      <legend>Registration Info</legend>
      <label for="username">Username:</label>
      <input type="text" id="username" name="username" value="<?php if (!empty($username)) echo $username; ?>" /><br />
      <label for="password1">Password:</label>
      <input type="password" id="password1" name="password1" /><br />
      <label for="password2">Password (retype):</label>
      <input type="password" id="password2" name="password2" /><br />
    </fieldset>
    <input type="submit" value="Sign Up" name="submit" />
  </form>

<?php
  // Insert the page footer
  require_once('footer.php');
?>

 

 

And here are the pastebins in case you prefer those:

 

http://pastebin.com/pTXGSMT9 - Questionnaire

 

http://pastebin.com/28jZhYyY - Signup

 

Thanks!

[Lyco]

Forgive me if I'm not allowed to do this... I checked everywhere and it said "Do not bump your post if it is still on the first page."

 

But it was on the second page, so I'm going to bump it. Please let me know if I'm not allowed to do this. Thanks!

 

[fortnox007]

Well It's a bit of a long read, but I would just start of with your second form as a startingpoint.  And do two things.

 

First of I would alter the html form and add the new fields (the ones from your first script) you would like to have.

 

Secondly above the form I would add the necessary logic from your first script. Quite some parts you can leave out of course since you only need to include headers 1 time, need 1 database connection etc.

 

I also saw some conditional stuff to output a form as well. I assume you can strip those conditions also because it's not needed any more since everyone has to fill it in.

 

So in a nut shell:

add extra form fields, and add additional checks for empty values, and of course add additional sanitizing. But you already have all those things already

 

- edit: in the end I think you should have 1 insert query with all the values, and 1 large if statement to check if one has pressed submit and if the values are as you expected them. And sanitize before insert.

[Lyco]

Well It's a bit of a long read, but I would just start of with your second form as a startingpoint.  And do two things.

 

First of I would alter the html form and add the new fields (the ones from your first script) you would like to have.

 

Secondly above the form I would add the necessary logic from your first script. Quite some parts you can leave out of course since you only need to include headers 1 time, need 1 database connection etc.

 

I also saw some conditional stuff to output a form as well. I assume you can strip those conditions also because it's not needed any more since everyone has to fill it in.

 

So in a nut shell:

add extra form fields, and add additional checks for empty values, and of course add additional sanitizing. But you already have all those things already

 

- edit: in the end I think you should have 1 insert query with all the values, and 1 large if statement to check if one has pressed submit and if the values are as you expected them. And sanitize before insert.

 

Thanks a lot! I'll test this and let you know how it goes. I've only been doing PHP for like 2 weeks, heh.