zeeshan Posted February 12, 2008 Share Posted February 12, 2008 database.php<?php$conn = mysql_connect("localhost", "yourusername", "yourpassword") or die(mysql_error());mysql_select_db('your_database', $conn) or die(mysql_error());$query = sprintf("INSERT INTO users(username,password,email,pokemon) VALUES('%s','%s');", pg_escape_string($username), md5($password),($email),($Favorite pokemon));$query = sprintf("SELECT 1 FROM users WHERE username='%s' AND password='%s';", pg_escape_string($username), md5($password));$result = pg_query($connection, $query);if (pg_num_rows($result) > 0) { echo 'Welcome, $username!';} else { echo 'Authentication failed for $username.';} echo 'For further detail please contact the admin "zeeshan" at his e-mail zeeshanali_syed_1993@yahoo.co.in as soon as he get you message he will be responding you?> <?function confirmUser($username, $password){ global $conn; if(!get_magic_quotes_gpc()) {$username = addslashes($username); } $q = "select password from users where username = '$username'"; $result = mysql_query($q,$conn); if(!$result || (mysql_numrows($result) < 1)){ return 1; //Indicates username failure } $dbarray = mysql_fetch_array($result); $dbarray['password'] = stripslashes($dbarray['password']); $password = stripslashes($password); if($password == $dbarray['password']){ return 0; //Success! Username and password confirmed } else{ return 2; //Indicates password failure }}<form action= method="post"> Name: <input type="text" name="username" /><br /> password: <input type="text" name="password" /><br /> <input type="submit" name="submit" value="Login!" /></form><?log in.php signup.php<?session_start(); include("database.php");function usernameTaken($username){ global $conn; if(!get_magic_quotes_gpc()){ $username = addslashes($username); } $q = "select username from users where username = '$username'"; $result = mysql_query($q,$conn); return (mysql_numrows($result) > 0);}function addNewUser($username, $password){ global $conn; $q = "INSERT INTO users VALUES ('$username', '$password')"; return mysql_query($q,$conn);}function displayStatus(){ $uname = $_SESSION['reguname']; if($_SESSION['regresult']){?><h1>Registered!</h1><p>Thank you <b><? echo $username; ?></b>, your information has been added to the database, you may now <a href="main.php" title="Login">log in</a>.</p><? } else{?><h1>Registration Failed</h1><p>We're sorry, but an error has occurred and your registration for the username <b><? echo $uname; ?></b>, could not be completed.<br>Please try again at a later time.</p><h>Registeration</h><?<form action= method="post">Desired Username: <input type="text" name="username" /><br />Desired Password: <input type="text" name="username" /><br />Your age: <input type="text" name="username" /><br />Your Email: <input type="text" name="email" /><br />Your Favorite pokemon: <input type="text" name="email" /><br /><input type="submit" name="submit" value="Submit me!" /></form><? please tell me the error here iam a bigginer Link to comment Share on other sites More sharing options...
justsomeguy Posted February 12, 2008 Share Posted February 12, 2008 What error are you seeing? Please give more details. Link to comment Share on other sites More sharing options...
killboy Posted February 12, 2008 Share Posted February 12, 2008 What error are you seeing? Please give more details.I think that's what he wants us to do: run the code and tell him what errors it has Link to comment Share on other sites More sharing options...
justsomeguy Posted February 12, 2008 Share Posted February 12, 2008 He could do that for himself. I don't understand why people post something and ask if it works. Just run it, does it work? If not, what does it do or not do? I mean, wouldn't it be quicker to just run something versus post everything online and wait for someone else to run it? He didn't post the database structure, so if anyone is going to run it they will need to go through the code and figure out how the database needs to be set up. Link to comment Share on other sites More sharing options...
jhecht Posted February 12, 2008 Share Posted February 12, 2008 $query = sprintf("INSERT INTO users(username,password,email,pokemon) VALUES('%s','%s');", pg_escape_string($username), md5($password),($email),($Favorite pokemon));variables can only be one word, there can't be any spaces in a variable. $Favorite_pokemon, however, would be acceptable.And why are you making all of those functions? It would be easier to just run the code straight through considering you'll probably never need the usernameTaken function in your script again. Link to comment Share on other sites More sharing options...
justsomeguy Posted February 12, 2008 Share Posted February 12, 2008 It also looks like you're mixing MySQL and PostgreSQL functions, which database are you using? Link to comment Share on other sites More sharing options...
killboy Posted February 12, 2008 Share Posted February 12, 2008 $query = sprintf("INSERT INTO users(username,password,email,pokemon) VALUES('%s','%s');",.... Can anyone tell me what those '%s' mean?? I've seen them a lot lately and I've never used them. Link to comment Share on other sites More sharing options...
justsomeguy Posted February 12, 2008 Share Posted February 12, 2008 Take a look at the documentation for sprintf.http://www.php.net/manual/en/function.sprintf.php Link to comment Share on other sites More sharing options...
zeeshan Posted February 14, 2008 Author Share Posted February 14, 2008 hi friends i learnt the database script from a manual downloaded from php.net ok. i have just made few changes can u tell r they crrect now signup.php<?session_start(); include("database.php");function usernameTaken($username){ global $conn; if(!get_magic_quotes_gpc()){ $username = addslashes($username); } $q = "select username from users where username = '$username'"; $result = mysql_query($q,$conn); return (mysql_numrows($result) > 0);}function addNewUser($username, $password){ global $conn; $q = "INSERT INTO registered_members ('$username', '$password','$Confirm password',$Email',$confirm email,$Trainers title)"; return mysql_query($q,$conn);}function displayStatus(){ $uname = $_SESSION['registerd username']; if($_SESSION['regresult']){?><h1>Registered!</h1><p>Thank you <b><? echo $username; ?></b>, your information has been added to the database, you may now <a href="login.php" title="Login">log in</a>.</p><? } else{?><h1>Registration Failed</h1><p>We're sorry, but an error has occurred and your registration for the username <b><? echo $username; ?></b>, could not be completed.There must be some problem in the database the Pokemoncratoz team must be working on it.please contact the admin at zeeshanali_syed_1993@yahoo.co.in for further details<br>Please try again at a later time.</p><? } unset($_SESSION['reguname']); unset($_SESSION['registered']); unset($_SESSION['regresult']);}if(isset($_SESSION['registered'])){?><html><title>Registration </title><body><? displayStatus(); ?></body></html><? return;}if(isset($_POST['subjoin'])){ if(!$_POST['user'] || !$_POST['password']){ die('You didn\'t fill in a required field.'); } $_POST['user'] = trim($_POST['user']); if(strlen($_POST['user']) > 30){ die("Sorry, the username is longer than 30 characters, please shorten it."); } if(usernameTaken($_POST['user'])){ $use = $_POST['user']; die("Sorry, the username: <strong>$username</strong> is already taken, please pick another one."); } $md5pass = md5($_POST['password']); $_SESSION['registration username'] = $_POST['user']; $_SESSION['registrationresult'] = addNewUser($_POST['user'], $md5pass); $_SESSION['registered'] = true; echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">"; return;}else{?><html><title>Registration </title><body><h1>Register</h1><form action="database.php" method="post"><table align="left" border="0" cellspacing="0" cellpadding="3"><tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr><tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr><tr><td>confirm Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr><tr><td>Email:</td><td><input type="text" name="Email" maxlength="30"></td></tr><tr><td>Confirm email:</td><td><input type="text" name="confirm email" maxlength="30"></td></tr><tr><td>Trainer's title:</td><td><input type="text" name="Trainer's title" maxlength="30"></td></tr><tr><td colspan="2" align="right"><input type="submit" name="subjoin" value="signup!"></td></tr></table></form></body></html><?}?> database.php<?$conn = mysql_connect("localhost", "pokemonrpg_zeeshan", "computerdgdds") or die(mysql_error());mysql_select_db('pokemon?zeeshan', $conn) or die(mysql_error());?>in the place of local host what should i write there i am unable to understand . and when i try to sign up its unable to store the data in the database y is this problem occurring Link to comment Share on other sites More sharing options...
jhecht Posted February 14, 2008 Share Posted February 14, 2008 1. Don't make the functions if you're not going to call them. Just run the script straight through.2. Variables can only contain letters, numbers, and underscores. NOT spaces. This includes key names in arrays(i.e. $_SESSION['registered_users'] is fine, but $_SESSION['registered users']) is not(if it doesn't, then its just good practice to NOT put spaces in them).3. Don't post your login information to MySQL. Just put stars there. why don't you just upload this to a php server to test it out yourself? Link to comment Share on other sites More sharing options...
zeeshan Posted February 14, 2008 Author Share Posted February 14, 2008 i uploaded it there but when i try to test by putting an testing record then it says access denied to the users .and to conect this database and etc Link to comment Share on other sites More sharing options...
jhecht Posted February 14, 2008 Share Posted February 14, 2008 Well the database thing is probably coming up from the fact that you have a random ? in your database name. Instead of asking us if it works because you get errors, you should really just fix the issues on your own, or at least ask us what the errors mean. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.