darrenwindle Posted May 11, 2012 Share Posted May 11, 2012 Hi, Im currently working on a website for a friend. The whole system works but registration is a bit dodgy. most of the time I have to add users via the backend as it throws up error messages. Can some one please look through my code and tell me what im doing wrong. <?php session_start(); $page_title = 'Register'; include("includes/header.php");?> <!--main Nav--> <?php include('includes/mainNav.php'); ?> <!--Section Title--> <h1><?php echo $page_title; ?></h1> <!--primary Content--> <div id="primaryContent"> <h2><span class="RedGbColor">Subscribe Now</span></h2> <p><br /> Register here and create your profile and to attend an event of your choice (link please).<br /> </p> </div> <!--Main Content--> <div id="mainContent"> <?php $username = $_SESSION['cre_email']; $idg = $_GET['id']; $ids = $idg; $_SESSION['id'] = $ids; //grabs the variables $title = $_POST['title']; $gender = $_POST['gender']; $fname = $_POST['fname']; $lname = $_POST['lname']; $mobile = $_POST['mobile']; $email = $_POST['email']; $password = $_POST['password']; $cpassword = $_POST['cpassword']; $add1 = $_POST['add1']; $add2 = $_POST['add2']; $add3 = $_POST['add3']; $add4 = $_POST['add4']; $pcode = $_POST['pcode']; $dd = $_POST['day']; $mm = $_POST['month']; $yyyy = $_POST['year']; $news = $_POST['newsopt']; $market = $_POST['market']; $today = date(mdY); $tmp = explode(':', $title); $cust_gender = $tmp[0]; $cust_title = $tmp[1]; $male_status = $_POST[male_status]; $female_status = $_POST[female_status]; //debug info //error_reporting(E_ALL); //print_r($_GET); //print_r($_POST); //print_r($_SESSION); if ($_SESSION['loggedin'] == 1) { // logged in echo "<script language=\"JavaScript\">window.location='index.php'</script>"; exit(); } else { $month = array( array("01","Jan"), array("02","Feb"), array("03","Mar"), array("04","Apr"), array("05","May"), array("06","Jun"), array("07","Jul"), array("08","Aug"), array("09","Sep"), array("10","Oct"), array("11","Nov"), array("12","Dec") ); echo (' <h2><span class=\"RedGbColor\">Please take a few minutes to register.</span></h2> <div id=\"form1\"> <form action='validFormRegister.php?id=$idg' method=\"post\" enctype=\"multipart/form-data\"> <table width=\"380\"> <tr class=\"formText\"> <td width=\"152\" valign='bottom' style='padding-top:4px;'><label class=\"small\" for='gender'>Gender:</label><em>*</em></td> <td width=\"222\" class='small' style='padding-top:4px;'><input type='radio' name='gender' value='m' $male_status tabindex=\"1\">male <input type='radio' name='gender' value='f' $female_status>female </td> </tr> <tr class=\"formText\"> <td> <label class=\"small\" for='fname'>First Name:</label><em>*</em></td> <td><input name=\"fname\" size=\"25\" tabindex=\"2\" maxlength=\"25\" class=\"txtbx\" value=\"$fname\"></td> </tr> <tr class=\"formText\"> <td> <label class=\"small\" for='lname'>Last Name:</label><em>*</em></td><td><input name=\"lname\" value='$lname' size=\"30\" maxlength=\"30\" tabindex=\"3\" class=\"txtbx\"> </td> <tr> <td height=\"29\" colspan=\"2\"><hr /></td> </tr> <tr class=\"formText\"> <td> <label class=\"small\" for='mobile'>Mobile/Phone:</label><em>*</em></td><td><input name=\"mobile\" value='$mobile' size=\"12\" tabindex=\"4\" maxlength=\"12\" class=\"txtbx\"></td> </tr> <tr class=\"formText\"> <td> <label class=\"small\" for=\"email\">Email Address:</label><em>*</em> </td> <td><input name=\"email\" size=\"25\" tabindex=\"5\" value='$email' maxlength=\"100\" class=\"txtbx\"> </td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"password\">Password:</label><em>*</em></td><td><input type=\"password\" name=\"password\" size=\"12\" maxlength=\"14\" tabindex=\"6\" class=\"txtbx\"> <a href=\"javascript:alert('Your password must be between 4 and 14 characters long.')\"><small>HELP</small></a> </td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"cpassword\">Confirm Password:</label><em>*</em></td><td><input type=\"password\" name=\"cpassword\" size=\"12\" maxlength=\"14\" tabindex=\"7\" class=\"txtbx\"> <a href=\"javascript:alert('Your password must be between 4 and 14 characters long.')\"><small>HELP</small></a> </td> </tr> <tr> <td height=\"29\" colspan=\"2\"><hr /></td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"add1\">House Name:</label> </td> <td><input name=\"add1\" type=\"text\" tabindex=\"8\" class=\"txtbx\" value='$add1' /></td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"add2\">Street Address:</label> </td> <td><input name=\"add2\" type=\"text\" tabindex=\"9\" class=\"txtbx\" value='$add2' /></td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"add3\">Town:</label> </td> <td><input name=\"add3\" type=\"text\" tabindex=\"10\" class=\"txtbx\" value='$add3' /></td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"add4\">County:</label> </td> <td><input name=\"add4\" type=\"text\" tabindex=\"11\" class=\"txtbx\" value='$add4' /></td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"pcode\">Post Code:</label> </td> <td><input name=\"pcode\" type=\"text\" tabindex=\"12\" class=\"txtbx\" value='$pcode' /></td> </tr> <tr> <td height=\"29\" colspan=\"2\"><hr /></td> </tr> <tr class=\"formText\"> <td><label class=\"small\" for=\"market\">How did you hear of us?</label> </td> <td><select name=\"market\" id=\"market\" tabindex=\"13\"> <option value='$market' selected>$market</option> <option value='internet'>Internet search</option> <option value='friend'>Friend recommended</option> <option value='dating site'>Dating site</option> <option value='Gay press'>Gay press</option> <option value='Time Out'>Time Out</option> <option value='Flyer'>Flyer</option> <option value='previous customer'>Previous attendance</option> <option value='other'>Other</option> </select></td> <td> </td> </tr> <tr class=\"formText\"><td><label class=\"small\" for=\"day\">Date </label><label class=\"small\" for=\"Month\"> of </label><label class=\"small\" for=\"Year\"> Birth:</label></td> <td> <select name=\"day\" id=\"day\" tabindex=\"14\"> <option value='$dd'>$dd</option> "); for($i=1; $i<32; $i++) { echo "<option value=\"".$i."\">".$i."\n"; } echo (" </select> <select name=\"month\" id=\"month\" tabindex=\"15\"> <option value='$mm'>$mm</option> "); for($i=0; $i<12; $i++) { echo "<option value=\"".$month[$i][0]."\">".$month[$i][1]."\n"; } echo (" </select> <select name=\"year\" id=\"year\" tabindex=\"16\"> <option value='$yyyy'>$yyyy</option> "); for($i=1944; $i<1991; $i++) { echo "<option value=\"".$i."\">".$i."\n"; } echo (" </select> </td> <td> </td> </tr> <tr class=\"formText\"> <td><label for=\"photo\">Upload a photo</label></td> <td><input name=\"photo\" type=\"file\" tabindex=\"17\"></td> <tr> <td></td> <td>MAX FILE SIZE : 1MB <a href=\"javascript:alert('Please upload a photo of yourself. Optimum size is 640 pixels wide by 480 pixels high. Maximum file size of 1MB.')\"><small>HELP</small></a><br /><br /> </td> <tr class=\"formText\"> <td><label for=\"newsopt\">I wish to receive newsletters</label> </td> <td> <input name=\"newsopt\" type=\"checkbox\" tabindex=\"18\" id=\"newsOpt\" value='1' checked /> </td> <td> </td> </tr> <tr> <td> </td> <td> <input type=\"submit\" tabindex=\"19\" value=\"Continue\" class=\"btn_sm_left\" id=\"submitBtn\" onclick='this.disabled=true;this.value=\"Please Wait\";document.forms[1].submit();' style='width:120px;'/> <input type=\"reset\" value=\"Reset\" class=\"btn_sm_left\" /></td> <td> </td> </tr> </table> </form> <p class='pink2'><strong>Note</strong>: Fields marked with an <em>asterix (*)</em> are required.</p> '); } ?> </div> </div> <!--primary Content--> <div id="primaryContent"> <!--Login--> <?php include('includes/login.php'); ?> </div> <!--Footer--> <?php include('includes/footer.php'); ?> </div> </div> </body> </html> Quote Link to comment Share on other sites More sharing options...
Drummin Posted May 11, 2012 Share Posted May 11, 2012 Move all processing to top of page. Sessions need to be set before output is sent to browser. Quote Link to comment Share on other sites More sharing options...
darrenwindle Posted May 11, 2012 Author Share Posted May 11, 2012 ill look at doing that but heres the page that validates it <?php session_start(); $page_title = 'Booking an event'; include("includes/header.php");?> <!--main Nav--> <?php include('includes/mainNav.php'); ?> <!--Section Title--> <h1><?php echo $page_title; ?></h1> <!--primary Content--> <div id="primaryContent"> <h2><span class="RedGbColor">Subscribe Now</span></h2> <p><br /> Register here and create your profile and to attend an event of your choice (link please).<br /> </p> </div> <!--Main Content--> <div id="mainContent"> <?php //grab variables $gender = $_POST["gender"]; $fname = $_POST["fname"]; $lname = $_POST["lname"]; $mobile = $_POST["mobile"]; $email = strtolower($_POST["email"]); $password = $_POST["password"]; $cpassword = $_POST["cpassword"]; $add1 = $_POST["add1"]; $add2 = $_POST["add2"]; $add3 = $_POST["add3"]; $add4 = $_POST["add4"]; $pcode = $_POST["pcode"]; $dd = $_POST["day"]; $mm = $_POST["month"]; $yyyy = $_POST["year"]; $news = $_POST["newsopt"]; $today = date('Y-m-d H:i:s'); $cust_gender = $gender; $username = $_POST["email"]; $id = $_GET["id"]; //error_reporting(E_ALL); $error = array(); include("dbconn2.php"); include("functions.php"); $query1 = "Select cre_email from ".pd_credentials." where cre_email = '$email'"; $result1 = mysql_query($query1); $row = mysql_fetch_array($result1); if($row['cre_email'] == $email) { if($row['cre_email'] <> '') { $error[7] = "<li>supplied email address already exists - please telephone if you have forgotten your password or click here to have your password emailed to your registered email address <form action='/pwreminder.php?id=$id' method='post'><input type='hidden' name='email' value='$email' /><input type='submit' name='submit' value='Email me' /></form></li>"; } } echo mysql_error(); mysql_close(); list($user, $mailDomain) = split("@", $email); if (checkdnsrr($mailDomain, "MX")) { $msg = 1; } if(!isset($_POST['gender'])) { $error[0] = "<li>Please supply your gender</li>"; } if(strlen($_POST['fname']) > "30" || strlen($_POST['fname']) < "1" || trim($_POST['fname']) == '') { $error[1] = "<li>Please supply your first name.</li>"; } if(strlen($_POST['lname']) > "10" || strlen($_POST['lname']) < "1" || trim($_POST['lname']) == '') { $error[2] = "<li>Please supply your last name</li>"; } if(preg_match('/^[\(\. ]?\d{4}[\)\. -]*\d{1}[\. -]*\d{6}$/', $_POST['mobile']) === 0) { $error[3] = "<li>Please check you have entered a valid mobile number</li>"; } if ($msg != 1) { $error[4] = "<li>There is an error with the email address $email you supplied</li>"; } if(trim($_POST['password']) != trim($_POST['cpassword'])) { $error[5] = "<li>supplied passwords do not match</li>"; } if(strlen($_POST['password']) < "4" || strlen($_POST['password']) > "14" || trim($_POST['password']) == '') { $error[6] = "<li>Your password was not 4 - 14 characters long</li>"; } if(strlen($_POST['day']) > "1" || strlen($_POST['month']) > "1" || strlen($_POST['year']) > "1") { if(checkdate($mm , $dd , $yyyy) != "false") { $error[9] = "<li>Please check your date of birth</li>"; } } if ($_FILES['photo']['type']<>"" && $_FILES['photo']['type'] <> "image/jpg" && $_FILES['photo']['type'] <> "image/jpeg" && $_FILES['photo']['type'] <> "image/pjpeg") { $error[10] = "<li>Invalid photo type. JPG only.</li>"; } // Enter the maximum file size in bytes (1 MB) $max_size = 1048576; if (($_FILES['photo']['size'] > $max_size || $_FILES['photo']['size']==0) && ($_FILES['photo']['name']<>"")) { $error[11] = "<li>Invalid photo size. Limit 1MB.</li>"; } if(count($error) > 0) { echo ("Sorry $fname $lname there seems to be some sort of problem with your Data Input.<br />Please correct the errors listed below. <ul>" . $error[0] . "" . $error[1] . "" . $error[2] . "" . $error[3] . "" . $error[4] . "" . $error[5] . "" . $error[6] . "" . $error[7] . "" . $error[8] . "" . $error[9] . "" . $error[10] . "" . $error[11] . "</ul></div>"); // this will print the errors that occurred $male_status = 'unchecked'; $female_status = 'unchecked'; $selected_radio = $_POST['gender']; if ($selected_radio == 'm') { $male_status = 'checked'; } else if ($selected_radio == 'f') { $female_status = 'checked'; } echo (" <div id='middlerightpad'> <form action='register.php?id=$id' method='post'> <input type='hidden' name='male_status' value='$male_status' /> <input type='hidden' name='female_status' value='$female_status' /> <input type='hidden' name='fname' value='$fname' /> <input type='hidden' name='lname' value='$lname' /> <input type='hidden' name='mobile' value='$mobile' /> <input type='hidden' name='email' value='$email' /> <input type='hidden' name='password' value='$password' /> <input type='hidden' name='cpassword' value='$cpassword' /> <input type='hidden' name='add1' value='$add1' /> <input type='hidden' name='add2' value='$add2' /> <input type='hidden' name='add3' value='$add3' /> <input type='hidden' name='add4' value='$add4' /> <input type='hidden' name='pcode' value='$pcode' /> <input type='hidden' name='day' value='$dd' /> <input type='hidden' name='month' value='$mm' /> <input type='hidden' name='year' value='$yyyy' /> <input type='hidden' name='newsopt' value='$news' /> <label for='submit' class='pinkSH'>Go back to Booking</label> <input type='submit' name='submit' value='Booking' class='btn_sm' /> </form> "); } if(count($error) < 1) { $_SESSION['loggedin'] = 1; $_SESSION['cre_email'] = $username; if(($yyyy<>"" )&&($mm<>"")&&($dd<>"")) { $dob = "'".$yyyy."/".$mm."/".$dd."'"; } else { $dob = "null"; } $today = mysql_escape_string(trim($today)); $cust_gender = mysql_escape_string(trim($_POST['gender'])); $fname = mysql_escape_string(trim($_POST['fname'])); $lname = mysql_escape_string(trim($_POST['lname'])); $mobile = mysql_escape_string(trim($_POST['mobile'])); $email = mysql_escape_string(trim($_POST['email'])); $password = mysql_escape_string(trim($_POST['password'])); $add1 = mysql_escape_string(trim($_POST['add1'])); $add2 = mysql_escape_string(trim($_POST['add2'])); $add3 = mysql_escape_string(trim($_POST['add3'])); $add4 = mysql_escape_string(trim($_POST['add4'])); $pcode = mysql_escape_string(trim($_POST['pcode'])); $news = mysql_escape_string(trim($_POST['newsopt'])); $market = mysql_escape_string(trim($_POST['market'])); include("dbconn2.php"); $query1 = "SELECT MAX(cust_id) as id FROM pd_customers"; $result1 = mysql_query($query1); while($row = mysql_fetch_array($result1)) { $newID = $row['id'] + 1; } $_SESSION["cust_id"] = $newID; $hasphoto = 0; $url = $_FILES['photo']['name']; if($url<>"") {$hasphoto = 1;} include("dbconn2.php"); $addcust = MYSQL_QUERY("INSERT INTO pd_customers (cust_id,cust_email,cust_surname,cust_title,cust_first_names,cust_mobile,cust_gender,cust_dob,cust_line_1,cust_line_2,cust_line_3,cust_line_4,cust_post_code,cust_country,cust_landline,cust_news,cust_contact, photo)". "VALUES ('$newID', '$email', '$lname', '', '$fname', '$mobile', '$cust_gender', $dob, '$add1', '$add2', '$add3', '$add4', '$pcode', '', '', '$news', '$market', $hasphoto)"); echo(mysql_error()); mysql_close(); include("dbconn2.php"); $addlog = MYSQL_QUERY("INSERT INTO pd_credentials (cre_email,cre_cust_id,cre_password,cre_activated,cre_last_login,cre_disabled,cre_role)". "VALUES ('$email', $newID, '$password', '$today', '$today', '0', 'user')"); echo(mysql_error()); mysql_close(); //success... //now upload the image if it exists $msg = " NEW MEMBER @PINKDATE <br/> <br/> A new member has signed up at PinkDate. <br/><br/> Name: $fname $lname <br/><br/> "; if($hasphoto==1) { $msg.="This member has uploaded a new photo. Login then <a href='http://www.pinkdate.co.uk/adminupdc.php?email=$email'/>click here</a> to view and approve it.<br/><br/>"; $idir = realpath("./photos/"); // Path To Images Directory $tdir = realpath("./photos/thumbs/"); // Path To Thumbnails Directory $twidth = "100"; // Maximum Width For Thumbnail Images $theight = "125"; // Maximum Height For Thumbnail Images $file_ext = strrchr($_FILES['photo']['name'], '.'); // Get The File Extention In The Format Of , For Instance, .jpg, .gif or .php $copy = copy($_FILES['photo']['tmp_name'], "/home/www/pinkdate/photos/photo$newID.jpg"); // Move Image From Temporary Location To Permanent Location if ($copy) { // If The Script Was Able To Copy The Image To It's Permanent Location $simg = imagecreatefromjpeg("/home/www/pinkdate/photos/photo$newID.jpg"); // Make A New Temporary Image To Create The Thumbanil From $currwidth = imagesx($simg); // Current Image Width $currheight = imagesy($simg); // Current Image Height if ($currheight > $currwidth) { // If Height Is Greater Than Width $zoom = $twidth / $currheight; // Length Ratio For Width $newheight = $theight; // Height Is Equal To Max Height $newwidth = $currwidth * $zoom; // Creates The New Width } else { // Otherwise, Assume Width Is Greater Than Height (Will Produce Same Result If Width Is Equal To Height) $zoom = $twidth / $currwidth; // Length Ratio For Height $newwidth = $twidth; // Width Is Equal To Max Width $newheight = $currheight * $zoom; // Creates The New Height } $dimg = imagecreate($newwidth, $newheight); // Make New Image For Thumbnail imagetruecolortopalette($simg, false, 256); // Create New Color Pallete $palsize = ImageColorsTotal($simg); for ($i = 0; $i < $palsize; $i++) { // Counting Colors In The Image $colors = ImageColorsForIndex($simg, $i); // Number Of Colors Used ImageColorAllocate($dimg, $colors['red'], $colors['green'], $colors['blue']); // Tell The Server What Colors This Image Will Use } imagecopyresized($dimg, $simg, 0, 0, 0, 0, $newwidth, $newheight, $currwidth, $currheight); // Copy Resized Image To The New Image (So We Can Save It) imagejpeg($dimg, "/home/www/pinkdate/photos/thumbs/photo$newID.jpg"); // Saving The Image imagedestroy($simg); // Destroying The Temporary Image imagedestroy($dimg); // Destroying The Other Temporary Image } else { print '<font color="#FF0000">ERROR: Unable to upload image.</font>'; // Error Message If Upload Failed } } $message = " <p>Hi $fname</p> <p>Thank you for joining Pinkdate</p> <p>Your user name is your email address<strong> "; $message .= $email; $message .= "</strong></p>"; $message .= "<p>Your password is <strong>"; $message .= $password; $message .= "</strong></p><br />"; $message .= "<p><font size=\"-2\">You can change your details in My Account after you have logged in. If there are any problems please"; $message .= " do not hesitate to get in touch on 08444 930615."; include("email.php"); sendEmail($email, "Your PinkDate Membership", $message); $msg.= "To view the members details, <a href='http://www.pinkdate.co.uk/adminupdc.php?email=$email'/>click here</a>.<br/><br/>"; sendEmail("bookings@pinkdate.co.uk", "New PinkDate Membership", $msg); echo "<script language=\"JavaScript\">window.location='pd_register-confo.php'</script>"; } ?> </div> <!--primary Content--> <div id="primaryContent"> </div> <!--Footer--> <?php include('includes/footer.php'); ?> </div> </div> </body> </html> Quote Link to comment Share on other sites More sharing options...
Drummin Posted May 11, 2012 Share Posted May 11, 2012 Yep. same situation on this page. Can't set any sessions after sending anything to browser. Quote Link to comment Share on other sites More sharing options...
darrenwindle Posted May 11, 2012 Author Share Posted May 11, 2012 Sorry for being a bit dumb here... can you please elaborate more for me. As I am still quite new to php. I learnt as I went along building the site. could you highlight the sessions and processing for me..... not a big problem if not though as I know it a long bit of code and can take a lot of time. Quote Link to comment Share on other sites More sharing options...
Drummin Posted May 11, 2012 Share Posted May 11, 2012 Well anytime you set a session= value this has to be done before <html>. Here's a quick reorganization of your page, moving processing above include("includes/header.php"); No way for me to test how this changes things for you, but it looks right. <?php session_start(); $page_title = 'Booking an event'; //grab variables $gender = $_POST["gender"]; $fname = $_POST["fname"]; $lname = $_POST["lname"]; $mobile = $_POST["mobile"]; $email = strtolower($_POST["email"]); $password = $_POST["password"]; $cpassword = $_POST["cpassword"]; $add1 = $_POST["add1"]; $add2 = $_POST["add2"]; $add3 = $_POST["add3"]; $add4 = $_POST["add4"]; $pcode = $_POST["pcode"]; $dd = $_POST["day"]; $mm = $_POST["month"]; $yyyy = $_POST["year"]; $news = $_POST["newsopt"]; $today = date('Y-m-d H:i:s'); $cust_gender = $gender; $username = $_POST["email"]; $id = $_GET["id"]; //error_reporting(E_ALL); $error = array(); include("dbconn2.php"); include("functions.php"); $query1 = "Select cre_email from ".pd_credentials." where cre_email = '$email'"; $result1 = mysql_query($query1); $row = mysql_fetch_array($result1); if($row['cre_email'] == $email) { if($row['cre_email'] <> '') { $error[7] = "<li>supplied email address already exists - please telephone if you have forgotten your password or click here to have your password emailed to your registered email address <form action='/pwreminder.php?id=$id' method='post'><input type='hidden' name='email' value='$email' /><input type='submit' name='submit' value='Email me' /></form></li>"; } } echo mysql_error(); mysql_close(); list($user, $mailDomain) = split("@", $email); if (checkdnsrr($mailDomain, "MX")) { $msg = 1; } if(!isset($_POST['gender'])) { $error[0] = "<li>Please supply your gender</li>"; } if(strlen($_POST['fname']) > "30" || strlen($_POST['fname']) < "1" || trim($_POST['fname']) == '') { $error[1] = "<li>Please supply your first name.</li>"; } if(strlen($_POST['lname']) > "10" || strlen($_POST['lname']) < "1" || trim($_POST['lname']) == '') { $error[2] = "<li>Please supply your last name</li>"; } if(preg_match('/^[\(\. ]?\d{4}[\)\. -]*\d{1}[\. -]*\d{6}$/', $_POST['mobile']) === 0) { $error[3] = "<li>Please check you have entered a valid mobile number</li>"; } if ($msg != 1) { $error[4] = "<li>There is an error with the email address $email you supplied</li>"; } if(trim($_POST['password']) != trim($_POST['cpassword'])) { $error[5] = "<li>supplied passwords do not match</li>"; } if(strlen($_POST['password']) < "4" || strlen($_POST['password']) > "14" || trim($_POST['password']) == '') { $error[6] = "<li>Your password was not 4 - 14 characters long</li>"; } if(strlen($_POST['day']) > "1" || strlen($_POST['month']) > "1" || strlen($_POST['year']) > "1") { if(checkdate($mm , $dd , $yyyy) != "false") { $error[9] = "<li>Please check your date of birth</li>"; } } if ($_FILES['photo']['type']<>"" && $_FILES['photo']['type'] <> "image/jpg" && $_FILES['photo']['type'] <> "image/jpeg" && $_FILES['photo']['type'] <> "image/pjpeg") { $error[10] = "<li>Invalid photo type. JPG only.</li>"; } // Enter the maximum file size in bytes (1 MB) $max_size = 1048576; if (($_FILES['photo']['size'] > $max_size || $_FILES['photo']['size']==0) && ($_FILES['photo']['name']<>"")) { $error[11] = "<li>Invalid photo size. Limit 1MB.</li>"; } if(count($error) < 1) { $_SESSION['loggedin'] = 1; $_SESSION['cre_email'] = $username; if(($yyyy<>"" )&&($mm<>"")&&($dd<>"")) { $dob = "'".$yyyy."/".$mm."/".$dd."'"; } else { $dob = "null"; } $today = mysql_escape_string(trim($today)); $cust_gender = mysql_escape_string(trim($_POST['gender'])); $fname = mysql_escape_string(trim($_POST['fname'])); $lname = mysql_escape_string(trim($_POST['lname'])); $mobile = mysql_escape_string(trim($_POST['mobile'])); $email = mysql_escape_string(trim($_POST['email'])); $password = mysql_escape_string(trim($_POST['password'])); $add1 = mysql_escape_string(trim($_POST['add1'])); $add2 = mysql_escape_string(trim($_POST['add2'])); $add3 = mysql_escape_string(trim($_POST['add3'])); $add4 = mysql_escape_string(trim($_POST['add4'])); $pcode = mysql_escape_string(trim($_POST['pcode'])); $news = mysql_escape_string(trim($_POST['newsopt'])); $market = mysql_escape_string(trim($_POST['market'])); include("dbconn2.php"); $query1 = "SELECT MAX(cust_id) as id FROM pd_customers"; $result1 = mysql_query($query1); while($row = mysql_fetch_array($result1)) { $newID = $row['id'] + 1; } $_SESSION["cust_id"] = $newID; $hasphoto = 0; $url = $_FILES['photo']['name']; if($url<>"") {$hasphoto = 1;} include("dbconn2.php"); $addcust = MYSQL_QUERY("INSERT INTO pd_customers (cust_id,cust_email,cust_surname,cust_title,cust_first_names,cust_mobile,cust_gender,cust_dob,cust_line_1,cust_line_2,cust_line_3,cust_line_4,cust_post_code,cust_country,cust_landline,cust_news,cust_contact, photo)". "VALUES ('$newID', '$email', '$lname', '', '$fname', '$mobile', '$cust_gender', $dob, '$add1', '$add2', '$add3', '$add4', '$pcode', '', '', '$news', '$market', $hasphoto)"); echo(mysql_error()); mysql_close(); include("dbconn2.php"); $addlog = MYSQL_QUERY("INSERT INTO pd_credentials (cre_email,cre_cust_id,cre_password,cre_activated,cre_last_login,cre_disabled,cre_role)". "VALUES ('$email', $newID, '$password', '$today', '$today', '0', 'user')"); echo(mysql_error()); mysql_close(); //success... //now upload the image if it exists $msg = " NEW MEMBER @PINKDATE <br/> <br/> A new member has signed up at PinkDate. <br/><br/> Name: $fname $lname <br/><br/> "; if($hasphoto==1) { $msg.="This member has uploaded a new photo. Login then <a href='http://www.pinkdate.co.uk/adminupdc.php?email=$email'/>click here</a> to view and approve it.<br/><br/>"; $idir = realpath("./photos/"); // Path To Images Directory $tdir = realpath("./photos/thumbs/"); // Path To Thumbnails Directory $twidth = "100"; // Maximum Width For Thumbnail Images $theight = "125"; // Maximum Height For Thumbnail Images $file_ext = strrchr($_FILES['photo']['name'], '.'); // Get The File Extention In The Format Of , For Instance, .jpg, .gif or .php $copy = copy($_FILES['photo']['tmp_name'], "/home/www/pinkdate/photos/photo$newID.jpg"); // Move Image From Temporary Location To Permanent Location if ($copy) { // If The Script Was Able To Copy The Image To It's Permanent Location $simg = imagecreatefromjpeg("/home/www/pinkdate/photos/photo$newID.jpg"); // Make A New Temporary Image To Create The Thumbanil From $currwidth = imagesx($simg); // Current Image Width $currheight = imagesy($simg); // Current Image Height if ($currheight > $currwidth) { // If Height Is Greater Than Width $zoom = $twidth / $currheight; // Length Ratio For Width $newheight = $theight; // Height Is Equal To Max Height $newwidth = $currwidth * $zoom; // Creates The New Width } else { // Otherwise, Assume Width Is Greater Than Height (Will Produce Same Result If Width Is Equal To Height) $zoom = $twidth / $currwidth; // Length Ratio For Height $newwidth = $twidth; // Width Is Equal To Max Width $newheight = $currheight * $zoom; // Creates The New Height } $dimg = imagecreate($newwidth, $newheight); // Make New Image For Thumbnail imagetruecolortopalette($simg, false, 256); // Create New Color Pallete $palsize = ImageColorsTotal($simg); for ($i = 0; $i < $palsize; $i++) { // Counting Colors In The Image $colors = ImageColorsForIndex($simg, $i); // Number Of Colors Used ImageColorAllocate($dimg, $colors['red'], $colors['green'], $colors['blue']); // Tell The Server What Colors This Image Will Use } imagecopyresized($dimg, $simg, 0, 0, 0, 0, $newwidth, $newheight, $currwidth, $currheight); // Copy Resized Image To The New Image (So We Can Save It) imagejpeg($dimg, "/home/www/pinkdate/photos/thumbs/photo$newID.jpg"); // Saving The Image imagedestroy($simg); // Destroying The Temporary Image imagedestroy($dimg); // Destroying The Other Temporary Image } else { print '<font color="#FF0000">ERROR: Unable to upload image.</font>'; // Error Message If Upload Failed } } $message = " <p>Hi $fname</p> <p>Thank you for joining Pinkdate</p> <p>Your user name is your email address<strong> "; $message .= $email; $message .= "</strong></p>"; $message .= "<p>Your password is <strong>"; $message .= $password; $message .= "</strong></p><br />"; $message .= "<p><font size=\"-2\">You can change your details in My Account after you have logged in. If there are any problems please"; $message .= " do not hesitate to get in touch on 08444 930615."; include("email.php"); sendEmail($email, "Your PinkDate Membership", $message); $msg.= "To view the members details, <a href='http://www.pinkdate.co.uk/adminupdc.php?email=$email'/>click here</a>.<br/><br/>"; sendEmail("bookings@pinkdate.co.uk", "New PinkDate Membership", $msg); echo "<script language=\"JavaScript\">window.location='pd_register-confo.php'</script>"; } include("includes/header.php");?> <!--main Nav--> <?php include('includes/mainNav.php'); ?> <!--Section Title--> <h1><?php echo $page_title; ?></h1> <!--primary Content--> <div id="primaryContent"> <h2><span class="RedGbColor">Subscribe Now</span></h2> <p><br /> Register here and create your profile and to attend an event of your choice (link please).<br /> </p> </div> <!--Main Content--> <div id="mainContent"> <?php if(count($error) > 0) { echo ("Sorry $fname $lname there seems to be some sort of problem with your Data Input.<br />Please correct the errors listed below. <ul>" . $error[0] . "" . $error[1] . "" . $error[2] . "" . $error[3] . "" . $error[4] . "" . $error[5] . "" . $error[6] . "" . $error[7] . "" . $error[8] . "" . $error[9] . "" . $error[10] . "" . $error[11] . "</ul></div>"); // this will print the errors that occurred $male_status = 'unchecked'; $female_status = 'unchecked'; $selected_radio = $_POST['gender']; if ($selected_radio == 'm') { $male_status = 'checked'; } else if ($selected_radio == 'f') { $female_status = 'checked'; } echo (" <div id='middlerightpad'> <form action='register.php?id=$id' method='post'> <input type='hidden' name='male_status' value='$male_status' /> <input type='hidden' name='female_status' value='$female_status' /> <input type='hidden' name='fname' value='$fname' /> <input type='hidden' name='lname' value='$lname' /> <input type='hidden' name='mobile' value='$mobile' /> <input type='hidden' name='email' value='$email' /> <input type='hidden' name='password' value='$password' /> <input type='hidden' name='cpassword' value='$cpassword' /> <input type='hidden' name='add1' value='$add1' /> <input type='hidden' name='add2' value='$add2' /> <input type='hidden' name='add3' value='$add3' /> <input type='hidden' name='add4' value='$add4' /> <input type='hidden' name='pcode' value='$pcode' /> <input type='hidden' name='day' value='$dd' /> <input type='hidden' name='month' value='$mm' /> <input type='hidden' name='year' value='$yyyy' /> <input type='hidden' name='newsopt' value='$news' /> <label for='submit' class='pinkSH'>Go back to Booking</label> <input type='submit' name='submit' value='Booking' class='btn_sm' /> </form> "); } ?> </div> <!--primary Content--> <div id="primaryContent"> </div> <!--Footer--> <?php include('includes/footer.php'); ?> </div> </div> </body> </html> Quote Link to comment Share on other sites More sharing options...
darrenwindle Posted May 12, 2012 Author Share Posted May 12, 2012 hey thanks for that. Ill look into that more asap and let u know the results. Quote Link to comment Share on other sites More sharing options...
darrenwindle Posted May 12, 2012 Author Share Posted May 12, 2012 ok... ive changed the code in my pages but im still getting the same error popping up in 2 out 3 registrations. the error is below. Sorry test testingagai there seems to be some sort of problem with your Data Input. Please correct the errors listed below. •Please supply your last name •There is an error with the email address test@testemail.co.uk you supplied This is really starting to annoy me now. Thanks in advance. Quote Link to comment Share on other sites More sharing options...
DavidAM Posted May 13, 2012 Share Posted May 13, 2012 Sorry test testingagai there seems to be some sort of problem with your Data Input. Please correct the errors listed below. •Please supply your last name •There is an error with the email address test@testemail.co.uk you supplied These errors are messages generated by your code. Search through your source and find where they are assigned and then figure out why. if(strlen($_POST['lname']) > "10" || strlen($_POST['lname']) < "1" || trim($_POST['lname']) == '') { $error[2] = "<li>Please supply your last name</li>"; } Does not allow the last name to be more than 10 characters: "testingagai" is 11 list($user, $mailDomain) = split("@", $email); if (checkdnsrr($mailDomain, "MX")) { $msg = 1; } # ... more code here ... if ($msg != 1) { $error[4] = "<li>There is an error with the email address $email you supplied</li>"; } Checks for an MX record for the email's domain: "test@testemail.co.uk" is probably not a valid email domain. @Drummin: You can assign a value to a the $_SESSION super-global array at any time after the call to session_start(), even if something has already been sent to the browser. It is the session_start() call that must occur before anything is sent to the browser. Quote Link to comment Share on other sites More sharing options...
Jessica Posted May 13, 2012 Share Posted May 13, 2012 You're seriously trying to limit people to 10 characters for their last name? That's awfully... I can't even come up with a word for it. Stupid maybe. Quote Link to comment Share on other sites More sharing options...
darrenwindle Posted May 13, 2012 Author Share Posted May 13, 2012 You're seriously trying to limit people to 10 characters for their last name? That's awfully... I can't even come up with a word for it. Stupid maybe. Umm remember im still quite a noob to php as I stated earlier in this post. So before trying to put people down for their coding techniques read first. I have got the problem solved and have now increased the amount of characters allowed in the name to 30. This must have been a typo at my end. The database allowed 30 to start off with but the code only allowed 10. The only thing I really want to do now is remove the bit where it checks the email with an MX entry but it breaks when i remove it. Any help there would be great. Quote Link to comment Share on other sites More sharing options...
Jessica Posted May 13, 2012 Share Posted May 13, 2012 It's not a coding technique, it's a really bad policy. Most people with a hyphenated last name would agree. It's nothing to do with how you programmed it, but what you chose to do. Just comment out the parts you don't want, and explain what "it breaks" means. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.