Jump to content

Register System


Mencarta
 Share

Recommended Posts

I'm now trying to make a register system. Here are my pages:register.php

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html>	<head>		<title>$Prince Finance, Login</title>	</head>	<body>		<form action="doregister.php" method="post">			Username: <input type="text" name="username" maxlength="13" />			<br />			Password: <input type="password" name="password" maxlength="13" />			<br />			Email: <input type="text" name="email" maxlength="200" />			<br />			<input type="submit" value="Register" />		</form>	</body></html>

doregister.php

<?php	require_once("dbconnect.php"); //Include Database Connection Script	session_start();		//Check Fields	if (empty($_POST["username"]) || empty($_POST["password"]) || empty($_POST["email"])) {		echo "Please Fill Out All Fields";		exit;	}		$username = mysql_real_escape_string($_POST["username"]); //Escape Username	$password = mysql_real_escape_string($_POST["password"]); //Escape Password	$password = sha1($password); //Convert Password To Sha1	$email = mysql_real_escape_string($_POST["email"]); //Escape Email		$select = "SELECT * FROM users WHERE username='$username'";		$result = mysql_query($select);	if (mysql_num_rows($result) > 0) {		echo "That Username is already taken!";		exit;	}		$insert = "INSERT INTO `users` (`id` ,`username` ,'password` ,`email` ,`cash`) VALUES (NULL , '$username', '$password', '$email', '10000.00');";	$result2 = mysql_query($insert);	$_SESSION["username"] = $username;	header("Location: members.php");?>

Its not added into the database, though. Any suggestions?

Link to comment
Share on other sites

You can check for MySQL errors by echoing mysql_error().Note that if you hash something, you don't also need to sanitize it.

Link to comment
Share on other sites

Stay calm, we're not here all the time :)I meant, the mysql_real_escape_string() call is redundant (and potentially confusing) in the below code, because there won't be any offending characters in the hash and you risk modifying their password in the escaping call.

	$password = mysql_real_escape_string($_POST["password"]); //Escape Password	$password = sha1($password); //Convert Password To Sha1

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...