thientanchuong
01-04-2010, 12:30 PM
I already test all validation functions, it is about 80 % working. The rest is my problem about duplicate user name or email.
You can try my demo:
http://yoongda.com/customer/include/register.php
My code: register.php
<?php
require_once ('../../library/config.php');
function protect ($string)
{
$string = mysql_real_escape_string ($string);
$string = strip_tags ($string);
$string = addslashes ($string);
return $string;
}
if (!isset($_POST['submit']))
{
echo "<table border=\"0\">";
echo"<form action=\"register.php\" method=\"post\">";
echo"<tr></td></td></tr>";
echo"<tr><td>Username:</td><td>";
echo"<input type=\"text\" name=\"username\" maxlength=\"60\" />";
echo"</td></tr>";
echo"<tr><td>Password:</td><td>";
echo"<input type=\"password\" name=\"pass1\" maxlength=\"10\">";
echo"</td></tr>";
echo"<tr><td>Confirm Password:</td><td>";
echo"<input type=\"password\" name=\"pass2\" maxlength=\"10\">";
echo"</td></tr>";
echo"<tr><td>Email:</td><td>";
echo"<input type=\"text\" name=\"email\" maxlength=\"10\" id=\"email\">";
echo"</td></tr>";
echo"<tr><th colspan=\"2\"><input type=\"submit\" name=\"submit\" value=\"Register\"></th></tr> ";
echo"</form>";
echo"</table>";
} else
{
$username = protect($_POST['username']);
$password = protect($_POST['pass1']);
$confirm = protect($_POST['pass2']);
$email = protect($_POST['email']);
$errors = array();
if (!$username)
{
$errors[]= "You should enter your user name";
}
if ($username)
{
if (!ctype_alnum($username))
{
$errors[]= "User name can only contain letters and numbers";
}
$range = range(1,20);
if (!in_array(strlen($username),$range))
{
$errors[]= "User name must be between 1 and 20 characters";
}
}
if ($username)
{
$sql = "SELECT `customer_id` FROM `tbl_customer` WHERE `customer_name`= '($username)'";
$reg = mysql_query($sql) or die (mysql_error());
if (mysql_num_rows($reg)>0)
{
$errors[]="The user name <strong>($username)</strong> is already registered";
}
}
if (!$password)
{
$errors[]= "You should enter your password";
}
if ($password)
{
if (!$confirm)
{
$errors[]= "You should enter the confirmed password";
}
}
if ($password && $confirm)
{
if($password != $confirm)
{
$errors[]= "Passwords do not match";
}
}
if (!$email)
{
$errors[]= "You should enter email";
}
if($email)
{
$checkemail = "/^[a-z0-9]+([_\\.-][a-z0-9]+)*@([a-z0-9]+([\.-][a-z0-9]+)*)+\\.[a-z]{2,}$/i";
if(!preg_match($checkemail, $email)){
$errors[] = "E-mail is not valid, must be name@server.tld!";
}
}
if ($email)
{
$sql2 = "SELECT * FROM `tbl_customer` WHERE email ='($email)'";
$reg2= mysql_query ($sql2) or die(mysql_error());
if (mysql_num_rows ($reg2) >0)
{
$errors[]= "The email: <strong> ($email) </strong> is already registered";
}
}
if (count($errors) >0)
{
foreach ($errors as $error)
{
echo $error . "<br>";
}
?>
<table width="200" border="0">
<form action="register.php" method="post">
<tr><td>Username:</td><td>
<input type="text" name="username" id="username" />
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass1" id="pass1" />
</td></tr>
<tr><td>Confirm Password:</td><td>
<input type="password" name="pass2" id="pass2" />
</td></tr>
<tr><td>Email:</td><td>
<input type="text" name="email" id="email" />
</td></tr>
<tr>
<td colspan="2" align="center"><input type="submit" name="submit" value="Register"></td>
</tr>
</form>
</table>
<?php
}else {
$sql3 = "INSERT INTO `tbl_customer`
(`customer_name`,`customer_password`,`email`,`customer_regdate`)VALUES
('$username','".md5($password)."','$email',NOW());";
$reg3 = mysql_query ($sql3) or die (mysql_error());
echo "Thank you for registering at Yoongda.com, you can login now for shopping.";
}
}
?>
my idea is If user register the same name or the same email, it should display these error messages
The username: <strong> ($email) </strong> is already registered
The email: <strong> ($email) </strong> is already registered
However, when I test, if I register the same user name , it will display:
Duplicate entry 'hung' for key 2
if the same email, it will be inserted into databse without validating
Can you help fix the code, please ?
thanks
Mong bạn kiểm tra và fix code dùm
You can try my demo:
http://yoongda.com/customer/include/register.php
My code: register.php
<?php
require_once ('../../library/config.php');
function protect ($string)
{
$string = mysql_real_escape_string ($string);
$string = strip_tags ($string);
$string = addslashes ($string);
return $string;
}
if (!isset($_POST['submit']))
{
echo "<table border=\"0\">";
echo"<form action=\"register.php\" method=\"post\">";
echo"<tr></td></td></tr>";
echo"<tr><td>Username:</td><td>";
echo"<input type=\"text\" name=\"username\" maxlength=\"60\" />";
echo"</td></tr>";
echo"<tr><td>Password:</td><td>";
echo"<input type=\"password\" name=\"pass1\" maxlength=\"10\">";
echo"</td></tr>";
echo"<tr><td>Confirm Password:</td><td>";
echo"<input type=\"password\" name=\"pass2\" maxlength=\"10\">";
echo"</td></tr>";
echo"<tr><td>Email:</td><td>";
echo"<input type=\"text\" name=\"email\" maxlength=\"10\" id=\"email\">";
echo"</td></tr>";
echo"<tr><th colspan=\"2\"><input type=\"submit\" name=\"submit\" value=\"Register\"></th></tr> ";
echo"</form>";
echo"</table>";
} else
{
$username = protect($_POST['username']);
$password = protect($_POST['pass1']);
$confirm = protect($_POST['pass2']);
$email = protect($_POST['email']);
$errors = array();
if (!$username)
{
$errors[]= "You should enter your user name";
}
if ($username)
{
if (!ctype_alnum($username))
{
$errors[]= "User name can only contain letters and numbers";
}
$range = range(1,20);
if (!in_array(strlen($username),$range))
{
$errors[]= "User name must be between 1 and 20 characters";
}
}
if ($username)
{
$sql = "SELECT `customer_id` FROM `tbl_customer` WHERE `customer_name`= '($username)'";
$reg = mysql_query($sql) or die (mysql_error());
if (mysql_num_rows($reg)>0)
{
$errors[]="The user name <strong>($username)</strong> is already registered";
}
}
if (!$password)
{
$errors[]= "You should enter your password";
}
if ($password)
{
if (!$confirm)
{
$errors[]= "You should enter the confirmed password";
}
}
if ($password && $confirm)
{
if($password != $confirm)
{
$errors[]= "Passwords do not match";
}
}
if (!$email)
{
$errors[]= "You should enter email";
}
if($email)
{
$checkemail = "/^[a-z0-9]+([_\\.-][a-z0-9]+)*@([a-z0-9]+([\.-][a-z0-9]+)*)+\\.[a-z]{2,}$/i";
if(!preg_match($checkemail, $email)){
$errors[] = "E-mail is not valid, must be name@server.tld!";
}
}
if ($email)
{
$sql2 = "SELECT * FROM `tbl_customer` WHERE email ='($email)'";
$reg2= mysql_query ($sql2) or die(mysql_error());
if (mysql_num_rows ($reg2) >0)
{
$errors[]= "The email: <strong> ($email) </strong> is already registered";
}
}
if (count($errors) >0)
{
foreach ($errors as $error)
{
echo $error . "<br>";
}
?>
<table width="200" border="0">
<form action="register.php" method="post">
<tr><td>Username:</td><td>
<input type="text" name="username" id="username" />
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass1" id="pass1" />
</td></tr>
<tr><td>Confirm Password:</td><td>
<input type="password" name="pass2" id="pass2" />
</td></tr>
<tr><td>Email:</td><td>
<input type="text" name="email" id="email" />
</td></tr>
<tr>
<td colspan="2" align="center"><input type="submit" name="submit" value="Register"></td>
</tr>
</form>
</table>
<?php
}else {
$sql3 = "INSERT INTO `tbl_customer`
(`customer_name`,`customer_password`,`email`,`customer_regdate`)VALUES
('$username','".md5($password)."','$email',NOW());";
$reg3 = mysql_query ($sql3) or die (mysql_error());
echo "Thank you for registering at Yoongda.com, you can login now for shopping.";
}
}
?>
my idea is If user register the same name or the same email, it should display these error messages
The username: <strong> ($email) </strong> is already registered
The email: <strong> ($email) </strong> is already registered
However, when I test, if I register the same user name , it will display:
Duplicate entry 'hung' for key 2
if the same email, it will be inserted into databse without validating
Can you help fix the code, please ?
thanks
Mong bạn kiểm tra và fix code dùm