here is some code that I plan on using in a registration form for my site
<?php
session_start();
include ("includes/config.php");
if ($Authenticated == False) {
?>
<div id="register">
<form action="index.php?page=register" method="post">
<lable id="registerStuff"> Name: </>
<input id="registerIn" type='text' name='name' maxlength="20" />
<br/>
<lable id="registerStuff"> Surname: </>
<input id="registerIn" type='text' name='surname' maxlength="20" />
<br/>
<lable id="registerStuff"> Username: </>
<input id="registerIn" type='text' name='username' maxlength="20" />
<br/>
<lable id="registerStuff"> Password: </>
<input id="registerIn" type='password' name='password' maxlength="20" />
<br/>
<lable id="registerStuff"> Retype Password: </>
<input id="registerIn" type='password' name='passwordcheck' maxlength="20" />
<br/>
<input type='submit' value='Register'>
开发者_JAVA技巧 <br/>
</form>
</div>
<?php
$name = mysql_real_escape_string($_POST['name']);
$surname = mysql_real_escape_string($_POST['surname']);
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string(md5($_POST['password']));
$passwordcheck = mysql_real_escape_string(md5($_POST['passwordcheck']));
if ($username OR $password OR $passwordcheck != null) {
if ($password == $passwordcheck) {
$query = "INSERT INTO users (name, surname, username, password) VALUES ('" . $name . "', '" . $surname . "', '" . $username . "', '" . $password . "')";
$result = mysql_query($query);
if (!$result) {
echo "Username wrong";
}
} else {
echo "passwords didnt match";
}
}
}
if ($Authenticated == True) {
header("Location: index.php");
}
?>
I cant seem to get proper error messages working, I need to check if the 2 passwords entered are identical, I also need to make sure that no blanks can be entered into the DB. If anyone could help me at all it would be much appreciated
You made quite a common mistake I guess. Most beginners seem to want to write as little code as possible. However, in this case that doesn't work. You will have to check each variable for emptiness.
Your code would be correct when you changed your if construct:
if ($username != "" AND $password != "" AND $passwordcheck != "") {
}
However, to make the code look a bit slighter, it's probably best to just use the function empty() that returns TRUE if the variable is empty:
if (!empty($username) AND !empty($password) AND !empty($passwordcheck)) {
}
Very interesting code you have there. I would suggest, before asking people here to write more than half of your script, to Google "PHP Login Script" - this is the number one result and the answer to your question.
$sql="SELECT * FROM $tbl_name
WHERE username='$myusername' AND password='$mypassword'";
$result=mysql_query($sql);
With that said, this is the incorrect way of doing it and you should look into prepared statements. Since you're starting off, you probably should start of with a security mindset.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论