Ampboy Posted January 30, 2012 Share Posted January 30, 2012 I am a newbie to php.. Used to do work in Cold Fusion and I cannot figure out what I am doing with a registration page I have created. I am looking to have the page insert into two databases, which it is doing, and then redirect to the main member's page. I have been looking for something and have not found anything here or online that works for me. I understand that you cannot use header() after any type of html or echo, but I have tried .js and other methods. I am not throwing errors, just no redirect... Also I am interested in hearing how bad my code is... any positive criticism is appreciated, as I am still learning Here is my code: <?php include("dbc.php"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Registration Page</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link rel="stylesheet" href="style.css" type="text/css" charset="utf-8"> <link rel="stylesheet" href="styles.css" type="text/css" charset="utf-8"> //Some Javascript... </script> </head> <body> //Some Styling... <!-- content goes here --> <h1>Register</h1> <?php ob_start(); error_reporting(0); $_POST = array_map('secure', $_POST); if($_POST['submit']) { $user_name = mysql_real_escape_string($_POST['user_name']); $query = mysql_query("SELECT * FROM xxxxusers WHERE user_name='$user_name'"); $query = mysql_query("SELECT * FROM xxxusers WHERE user_name='$user_name'"); if(mysql_num_rows($query) != 0) { echo "<div style="font-size: 9pt; font-weight: bold;color: red;">Username already exists</div>"; } else { $user_password = mysql_real_escape_string($_POST['user_password']); $user_pass = mysql_real_escape_string($_POST['user_pass']); $user_email = $_POST['user_email']; $query = mysql_query("SELECT * FROM xxxxusers WHERE user_email='$user_email'"); $query = mysql_query("SELECT * FROM xxxusers WHERE user_email='$user_email'"); if(mysql_num_rows($query) != 0) { echo "<div style="font-size: 9pt; font-weight: bold;color: red;">Email already exists</div>"; } else { $enc_password = md5($user_password); $enc_password = md5($user_pass); if($user_name && $user_password && $user_pass && $user_email) { if (strlen($user_name)>20) { echo "<div style="font-size: 9pt; font-weight: bold;color: red;">Your Name is Too Long</div>"; } $email = htmlspecialchars($_POST['user_email']); if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email)) { echo "<div style="font-size: 9pt; font-weight: bold;color: red;">E-mail address not valid</div>"; } { require "dbc.php"; mysql_query("INSERT INTO xxxxusers stuff....) VALUES(stuff....) ") or die(mysql_error()); mysql_query("INSERT INTO xxxusers stuff....) VALUES(stuff....) ") or die(mysql_error()); } } else echo "<div style="font-size: 9pt; font-weight: bold;color: red;">All Fields Are Required</div>"; } } } ob_end_flush(); ?> <form action="register.php" method="post"> <table align="left" border="0" cellspacing="0" cellpadding="3"> <tr> <td>Username:</td> <td><input type="text" name="user_name" maxlength="30" value="<?php echo "$user_name"; ?>"></td> </tr> <tr> <td>Password:</td> <td><input type="password" name="user_password" maxlength="30" value=""></td> </tr> <tr> <td>Confirm password:</td> <td><input type="password" name="user_pass" maxlength="30" value=""></td> </tr> <tr> <td>Email address:</td> <td><input type="text" name="user_email" maxlength="50" value=""<?php echo "$user_email"; ?>""></td </tr> <tr><td colspan="2" align="right"> <input type="submit" value="Register!" id="submit" name="submit"></td></tr> <tr><td colspan="2" align="left"><a href="index.php">Back to Home Page</a></td></tr> </table> </form> Quote Link to comment Share on other sites More sharing options...
scootstah Posted January 30, 2012 Share Posted January 30, 2012 This is why you want to separate business from presentation. You would need to completely re-write that with that in mind. But if you want a band-aid, move your ob_start() to the very top of the page and ob_end_flush() to the very bottom. Then your header() should work. Quote Link to comment Share on other sites More sharing options...
Ampboy Posted January 30, 2012 Author Share Posted January 30, 2012 This is why you want to separate business from presentation. You would need to completely re-write that with that in mind. But if you want a band-aid, move your ob_start() to the very top of the page and ob_end_flush() to the very bottom. Then your header() should work. Thank you for the quick reply. I truly appreciate it. Not sure what you mean about the business from presentation... Can you expand? Not looking for a band-aid fix per se, but trying to learn what I am doing. I will take your advice and work on a re-write based on thoughts you may have Quote Link to comment Share on other sites More sharing options...
scootstah Posted January 30, 2012 Share Posted January 30, 2012 This is presentation: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Registration Page</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link rel="stylesheet" href="style.css" type="text/css" charset="utf-8"> <link rel="stylesheet" href="styles.css" type="text/css" charset="utf-8"> //Some Javascript... </script> </head> <body> //Some Styling... <!-- content goes here --> <h1>Register</h1> This is business: ob_start(); error_reporting(0); $_POST = array_map('secure', $_POST); if($_POST['submit']) { $user_name = mysql_real_escape_string($_POST['user_name']); $query = mysql_query("SELECT * FROM xxxxusers WHERE user_name='$user_name'"); $query = mysql_query("SELECT * FROM xxxusers WHERE user_name='$user_name'"); if(mysql_num_rows($query) != 0) { echo "<div style="font-size: 9pt; font-weight: bold;color: red;">Username already exists</div>"; } else { $user_password = mysql_real_escape_string($_POST['user_password']); $user_pass = mysql_real_escape_string($_POST['user_pass']); $user_email = $_POST['user_email']; $query = mysql_query("SELECT * FROM xxxxusers WHERE user_email='$user_email'"); $query = mysql_query("SELECT * FROM xxxusers WHERE user_email='$user_email'"); if(mysql_num_rows($query) != 0) { echo "<div style="font-size: 9pt; font-weight: bold;color: red;">Email already exists</div>"; } else { $enc_password = md5($user_password); $enc_password = md5($user_pass); if($user_name && $user_password && $user_pass && $user_email) { if (strlen($user_name)>20) { echo "<div style="font-size: 9pt; font-weight: bold;color: red;">Your Name is Too Long</div>"; } $email = htmlspecialchars($_POST['user_email']); if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email)) { echo "<div style="font-size: 9pt; font-weight: bold;color: red;">E-mail address not valid</div>"; } { require "dbc.php"; mysql_query("INSERT INTO xxxxusers stuff....) VALUES(stuff....) ") or die(mysql_error()); mysql_query("INSERT INTO xxxusers stuff....) VALUES(stuff....) ") or die(mysql_error()); } } else echo "<div style="font-size: 9pt; font-weight: bold;color: red;">All Fields Are Required</div>"; } } } ob_end_flush(); They shouldn't be intertwined together. It makes things hard to follow and maintain. Ideally, they shouldn't even be in the same file. Or directory. Keep all the business in one place, keep all the presentation in another place. Use a function to call upon presentation files when you need them. Presentation files (or templates if you prefer) should only contain HTML and light PHP usage if needed. Things like variables, flow control (if/else) and loops (foreach, while) are all considered okay (as long as it's fairly light). Take a look at the MVC pattern to get a better idea what I am talking about. I'm not saying you have to fully implement the MVC pattern, but simply separating business from presentation will go a long way in making your code more efficient and easier to read and maintain. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted January 30, 2012 Share Posted January 30, 2012 Also by setting - error_reporting(0); in your code, any php detected errors won't be reported anyway. You need to have php's error_reporting set to E_ALL (or even better a -1) and display_errors set to ON in your master php.ini on your development system so that all the php detected errors will be reported and displayed. By setting these in the master php.ini on your development system, fatal parse errors in your main file will be reported and you won't need to remember to put error_reporting/display_errors settings into your files for debugging or remove them when you put the code onto a live site. You should aways have error_reporting set to E_ALL and for development display_errors should be ON and on a live site, display_errors should be off and log_errors should be ON. Quote Link to comment Share on other sites More sharing options...
Ampboy Posted January 30, 2012 Author Share Posted January 30, 2012 Also by setting - error_reporting(0); in your code, any php detected errors won't be reported anyway. I forgot that was in the code :-\ Thanks for that! Also scootstah.... Thank you VERY MUCH for your help and explanation. I have used includes and templates in CF so I understand now what you were talking about. I appreciate all the help from this board. Thank you both again! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.