Jump to content

PHP form not submitting to database

JJ76

By JJ76
in PHP Coding Help

 Share

Recommended Posts

JJ76 Newbie

JJ76

Posted
Posted

I have  PHP forms that are not submitting to my database. I think it is something minor but I just can't see it! Can anyone help?

 

At the beginning of index.php, the page holding the forms,  I have this:

 

[b]<?php include("functions/globals.php"); ?>
<?php include("functions/userfunctions.php"); ?>[/b]

[b]Here are these pages:[/b]

[b]globals.php[/b]

<?php ob_start();//Required for the redirect to work?>
<?php include("loginstatus.php");?>
<?php session_start(); ?>

[b]((Here's loginstatus.php for good measure:[/b]

<?php
  class cUser
  {
     public $username = "";//The User Name
     public $userid = "";//The User ID
     public $type = "";//The Type Of User 
  }
?> [b]))[/b]

[b]And here is userfunctions.php[/b]

<?php 
include_once("databasefunctions.php"); (this holds the connection)

$userdbtable = "users";

function GetHeaders()
{
        $headers  = 'MIME-Version: 1.0' . "\r\n";
        $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
        // Additional headers
        $headers .= "To: {$username} <{$email}>" . "\r\n";
        $headers .= 'From: My Website <[email]noreply@myswebsite.com[/email]>' . "\r\n";
        return $headers;
}
function CreateAccount($firstname, $lastname, $username, $password, $email, $type)
{
    global $userdbtable;
    openDatabase();
   $firstname = mysql_real_escape_string($firstname);
    $lastname = mysql_real_escape_string($lastname);
    $username = mysql_real_escape_string($username);
    $password = mysql_real_escape_string($password);
    $email = mysql_real_escape_string($email);
    $type = mysql_real_escape_string($type);
    
    $nonencrypted = $password;
    $password = sha1($password);
    $result = QuickQuery("INSERT INTO {$userdbtable}(firstname, lastname, username, password, email, type) 
                          VALUES('{$firstname}','{$lastname}','{$username}','{$password}','{$email}',{$type}')");
    if($result)
    {
        $headers = GetHeaders();
        $message = "\"Welcome to my website!\"<br />
        <br />
        Your username is: {$username}<br />
        Your password is: {$nonencrypted}<br />
        <br />
        Signed,<br />
        <br />
       Me
        ";
        mail($email, "Account Creation", $message, $headers);
        mail("[email]myemailaddress@me.com[/email]", "Account Created", "{$username} has created a new account", $headers);
    }
}

function ValidateUser($username, $password)
{
    global $userdbtable;
    openDatabase();
    $username = mysql_real_escape_string($username);
    $password = mysql_real_escape_string($password);
    $result = QuickQuery("SELECT * FROM {$userdbtable} WHERE username = '{$username}'");
    
    closeDatabase();

    if(!mysql_result($result,0,"username"))//Make sure the user exists
        return "User Does Not Exist";
    
    $temppwd=mysql_result($result,0,"password");//Make sure the passwords match
    if(sha1($password) != $temppwd)
        return "Password Does Not Match";
    
    return 1;
}

function GetUserID($username)
{
    global $userdbtable;
    openDatabase();
    $username = mysql_real_escape_string($username);
    $result = QuickQuery("SELECT id FROM {$userdbtable} WHERE username = '{$username}'");
    closeDatabase();
   
   if($result)
    return(mysql_result($result,0,"id"));//Get the user id
else
    return 0;

    return(mysql_result($result,0,"id"));//Get the UserID
}

function GetUserType($username)
{
    global $userdbtable;
    openDatabase();
    $username = mysql_real_escape_string($username);
    $result = QuickQuery("SELECT type FROM {$userdbtable} where username = '{$username}'");
    closeDatabase();
    
    return(mysql_result($result,0,"type"));//Get the user type
}

function GetUserEmail($username)
{
    global $userdbtable;
    openDatabase();
    $username = mysql_real_escape_string($username);
    $result = QuickQuery("SELECT email FROM {$userdbtable} WHERE username = '{$username}'");
    closeDatabase();
    
    return(mysql_result($result,0,"email"));//Get the user email
}

function ConfirmPassword($id, $password)
{
    global $userdbtable;
    openDatabase();
    $password = mysql_real_escape_string($password);
    $password = sha1($password);
    $result = QuickQuery("SELECT * FROM {$userdbtable} WHERE id = '{$id}' AND password = '{$password}'");
    closeDatabase();

    if(!$result)
        return 0;
    else
        return 1;
}

function ChangePassword($id, $password)
{
    global $userdbtable;
    openDatabase();
    $password = mysql_real_escape_string($password);
    $password = sha1($password);
   return QuickQuery("UPDATE {$userdbtable} SET password='{$password}' WHERE id={$id}");
}

function ResetPassword($email)
{
    global $userdbtable;
    openDatabase();
    $email = mysql_real_escape_string($email);
    $result = QuickQuery("SELECT * FROM {$userdbtable} WHERE email = '{$email}'");
    
    $num = mysql_numrows($result);
    if(!$num)
        return 0;
    $user = mysql_result($result, 0, "username");
    $email = mysql_result($result, 0, "email");
    $randompwd = RandomPwd();
    $temp = sha1($randompwd);
    $headers = GetHeaders();
    mail($email, "Blah blah blah.  Your newusername is: {$user}, and your new password is: {$randompwd}. ", $headers);
    if(QuickQuery("UPDATE {$userdbtable} SET password='{$temp}' WHERE email='{$email}'"))
        return 1;
}

function RandomPwd()
{
    $length = 10;
    $characters = '0123456789abcdefghijklmnopqrstuvwxyz';
    $string = "";    

    for ($p = 0; $p < $length; $p++) {
        $string .= $characters[mt_rand(0, strlen($characters))];
    }

    return $string;
}
?>


[b]Here is the info on index.php for login and registration[/b]

[b]Login:[/b]

    <?php
        if($_GET['logout'] == 'logout')
        {
        session_destroy();
        Redirect("index.php");
        }
        if($_POST['submitted'] == "login")
        {
//      echo ValidateUser("Jimmy", "password");
        //CreateAccount($name, $password, $email, $type);
        if(ValidateUser($_POST['username'], $_POST['password']) == 1)
        {
        $_SESSION['user'] = new cUser;
        $_SESSION['user']->username = $_POST['username'];
        $_SESSION['user']->usertype = GetUserType($_POST['username']);
        $_SESSION['user']->userid = GetUserID($_POST['username']);
        Redirect("index.php");
        }
//      CreateAccount("test", "test", "[email]me@website.com[/email]", "user");
        }
        ?>

[b]Registration[/b]

   <?php
        if($_POST['submitted'] == "register")
        {
      $firstname = $_POST['firstname'];
        $lastname = $_POST['lastname'];   
        $username = $_POST['username'];
        $email = $_POST['email'];
        $password = $_POST['password'];
        $confirmpwd = $_POST['confirmpwd'];
        if(!$firstname)
        $error = "Invalid First Name";
        else
        if(!$lastname)
        $error = "Invalid Last Name";
        else      
      if(!$username)
        $error = "Invalid User Name";
        else
        if(!$email)
        $error = "Invalid Email";
        else
        if(!$password)
        $error = "Invalid Password";
        }
        ?>

    <?php
        if($_POST['submitted'] && !$error)
        {
        $result = QuickQuery("SELECT username FROM users WHERE username='{$username}'");
        if(mysql_numrows($result) > 0)
        $error = "Be More Creative. Someone Already is Using That Username.";
        else
        {
        $result = QuickQuery("SELECT email FROM users WHERE email='{$email}'");
        if(mysql_numrows($result) > 0)
        $error = "Email Already Being Used.  Maybe you already registered.";
        else
        if($confirmpwd != $password)
        $error = "Matching passwords means the second password must be exactly like this first.";
        else
        {
        CreateAccount($firstname, $lastname, $username, $password, $email, "user");
        }
        }
        }
        ?>

[b]Both forms are here[/b]

<div class="btn-show">
<p>Login</p>
</div>

<div class="pushup-form">
<div class="btn-close">
Close
</div>
<div class="clear">
</div>
               
                
                     <form action="index.php" method="post">
                    <p style="font-size:14px">Login</p> 
                    <p>Username:<input type="text" name="username" style="font-size:12px;"/></p>
                    <p>Password:<input type="password" name="password" style="font-size:12px;"/></p>
                    <p><input class="login" type="submit" name="submitted" value="login" /></p> 
                    <p><a href="pwd.php?pwd=lostpwd" style="font-size:10px">Forgot Username or Password?</a></p>
                    </form>
                    
                    <div class="panel">
                    <form action="index.php" method="post">
                    <p>First Name:<input type="text" name="firstname" value="<?php echo $firstname;?>" /></p>
                    <p>Last Name:<input type="text" name="lastname" value="<?php echo $lastname;?>" /></p>
                    <p>Username:<input type="text" name="username" value="<?php echo $username;?>" /></p>
                    <p>Email:<input type="text" name="email" class="clear" value="<?php echo $email;?>" /></p>
                    <p>Password:<input type="password" name="password" value="<?php echo $password;?>" /></p>
                    <p>Confirm Password:<input type="password" name="confirmpwd" value="<?php echo $confirmpwd;?>" /></p>
                    <p class="clear">
                    <p><input class="register" type="submit" name="submitted" value="register"/></p>
                    </p>
                    </form>
                    </div>
                    <p style="text-align:center;" class="flip">Need to Register?</p>
                    </div>
[code]

These forms open from the right side of my website by clicking "Register." The top of the form has an option for login and by clicking "Need to Register?" The rest of the form expands.

Any ideas? My database is set up correctly.


MOD EDIT: code tags added.

Link to comment
Share on other sites
JJ76 Newbie

JJ76

Posted
  • Author
Posted

Long post!!!  :-\ without looking at it too deeply - I notice you used:

 

ob_start();

 

without a

 

ob_flush();

 

anywhere??

 

I gave a long post because I wanted to give all of the info which could be relevant so I could get the help that I needed. I've used the code without 

ob_flush

before with no issues. Not sure what that does or where it should go.

 

Are you able to check your logs?

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.