/    Sign up×
Community /Pin to ProfileBookmark

when registerd user logged in he can still view the register page L@@K & HELP?

Copy linkTweet thisAlerts:
Jul 05.2009

when i log in and click register i can see the register form but what i want it to do is recognize that im allready registerd and tell me that ‘You are allready registerd’ please help me?

heres my register.php

[code=php]<?PHP session_start();?>
<? include(“includes/connect.php”);?>
<title>Pulse-Box @ SALES</title>
<link rel=”stylesheet” href=”assets/css/style.css” type=”text/css” media=”all” />
</head>
<body align=”center”>

<div id=”wrapper”>

<?php include (‘header.php’); ?>

<div id=”nav”></div>

<?php include (‘leftbar.php’); ?>

<div id=”right”>
<h1><font size=”2″>» Member Registartion</font></h1>
<p>

<?PHP session_start();?>

<? include(“includes/connect.php”);?>

<? if($_POST[‘submit’]) { ?>

<?
// Get data sent by form
$fullname = $_POST[‘fullname’];
$gender = $_POST[‘gender’];
$email = $_POST[’email’];
$username = $_POST[‘username’];
$password = $_POST[‘password’];
$v_password = $_POST[‘v_password’];
$ip = $_SERVER[‘REMOTE_ADDR’];

// Check database for any usernames that are the same as the entered one.
$checkusername = “SELECT * from members where username=’$username'”;
$checkusername2 = mysql_query($checkusername) or die(“Unable to Query for Username”);
$checkusername3 = mysql_fetch_array($checkusername2);

// Check database for any email address’s that are the same as the entered one.
$checkemail = “SELECT * from members where email=’$email'”;
$checkemail2 = mysql_query($checkemail) or die(“Unable to Query for Email Address”);
$checkemail3 = mysql_fetch_array($checkemail2);
?>

<?
// Check if the fullname field is empty.
if(!$fullname) { ?>
Please enter your fullname.

<? }
// Check if they have entered both names.
else if(!strstr($fullname,” “)) { ?>
Please enter your fullname correctly.

<? }
// Check to make sure they have enter a gender
else if($gender != ‘Male’ && $gender != ‘Female’) { ?>
Please enter your gender.

<? }
// Check if the email field is empty.
else if(!$email) { ?>
Please enter your email address.

<? }
// Check if the email is longer than the minimum character needed.
else if(strlen($email) < 6) { ?>
Please enter your email address correctly.

<? }
// Check if the email has the required symbols @ and .
else if((!strstr($email , “@”)) || (!strstr($email , “.”))) { ?>
Please enter your email address correctly.

<? }
// Check to see if the email address entered is unique.
else if($checkemail3) { ?>
The email address entered has already been taken. Choose another.

<? }
// Check if the username field is empty.
else if(!$username) { ?>
Please enter a username.

<? }
// Check to make sure the username is equal to or longer than 5 characters.
else if(strlen($username) < 5) { ?>
Your username must be at least 5 characters in length.

<? }
// Check to make sure the username is equal to or less than 30 characters.
else if(strlen($username) > 30) { ?>
Your username can not be longer than 30 characters in length.

<? }
// Check to make sure the username entered is unique.
else if($checkusername3) { ?>
The username entered had already been taken. Choose another.

<? }
// Check to make sure they have entered a password.
else if(!$password) { ?>
Please enter a password.

<? }
// Check if the password is at least 5 characters in length, for security reasons.
else if(strlen($password) < 5) { ?>
Your password must be at least 5 characters in length. For security reasons.

<? }
// Check if the re-entered password field is empty.
else if(!$v_password) { ?>
Please re-enter your password.

<? }
// Check to make sure the password and re-entered passwords are the same.
else if($password != $v_password) { ?>
Your passwords don’t match. Please re-enter them.

<? }
// If all of the information is verified, register them.
else { ?>

<?
$new_member = “INSERT INTO `members` (`ip`, `fullname`, `gender`, `email`, `username`, `password`)
VALUES (‘$ip’, ‘$fullname’, ‘$gender’, ‘$email’, ‘$username’, ‘$password’)”;
mysql_query($new_member) or die(mysql_error());
?>

<? $_SESSION[‘new_reg’]=’Yes’; ?>

<script type=”text/javascript”>location.replace(“login.php”);</script>

<? } ?>

<? } else { ?>
<?//================================================================//?>
<form method=”POST” action=”register.php”>
<table cellpadding=”0″ cellspacing=”1″ border=”0″>

<tr>
<td><font size=”2″> Fullname </font></td>
<td> <input type=”text” name=”fullname” id=”fullname” value=””> </td>
</tr>

<tr>
<td><font size=”2″> Gender </font></td>
<td> <select class=”drop_down” name=”gender” id=”gender”> <option value=”Male”>Male</option> <option value=”Female”>Female</option> </select> </td>
</tr>

<tr>
<td><font size=”2″> E-mail Adress </font></td>
<td> <input type=”text” name=”email” id=”email” value=””> </td>
</tr>

<tr>
<td><font size=”2″> Username </font></td>
<td> <input type=”text” name=”username” id=”username” value=””> </td>
</tr>

<tr>
<td><font size=”2″> Password </font></td>
<td> <input type=”password” name=”password” id=”password” value=””> </td>
</tr>

<tr>
<td><font size=”2″> Re-Enter Password </font></td>
<td> <input type=”password” name=”v_password” id=”v_password” value=””> </td>
</tr>

<tr><td>
<input type=”submit” name=”submit” id=”submit” value=”Register!”>
</td></tr>
</table>
<?//================================================================//?>
<? } ?>

</div>
</div>

<?php include (‘footer.php’); ?>

</body>

[/code]

to post a comment
PHP

9 Comments(s)

Copy linkTweet thisAlerts:
@STREETRULEZJul 06.2009 — when i log in and click register i can see the register form but what i want it to do is recognize that im allready registerd and tell me that 'You are allready registerd' please help me?

[code=php]<?PHP session_start();?>

<? if($_POST['submit']) { ?>

[/code][/QUOTE]


you need to register a variable and write it next to post/submit 'cause, if you don't hit the submitbutton this will be false and you put out the registerform

try something like that:

[code=php]<? if($_POST['submit'] && !$_SESSION['userid']) { ?>[/code]
or
[code=php]<? if($_POST['submit'] && $_SESSION['userid'] < 1) { ?>[/code]
Copy linkTweet thisAlerts:
@Robert_ElsdonauthorJul 06.2009 — that didnt work ?
Copy linkTweet thisAlerts:
@DasherJul 06.2009 — Add a little code to remove the link to the register page if they are logged in. And / or add some code to redirect away from register page if they are logged in.

BTW why do you have PHP start stop i.e.


<? some code ; ?>

<? more code ; ?>

<? even more code ; ?>

Seems like a plan to over burden the php processor.

instead of

<?

code;

more code;

even more code;

hundreds of lines of code;

?>
Copy linkTweet thisAlerts:
@aj_nscJul 06.2009 — Edit: Nm
Copy linkTweet thisAlerts:
@SyCoJul 06.2009 — Your script is vulnerable to SQL injection. You need to read up on what that is and fix it. Renaming POSTed vars for no reason leads to vulnerabilities like this going unnoticed.
Copy linkTweet thisAlerts:
@MindzaiJul 06.2009 — Your script is vulnerable to SQL injection. You need to read up on what that is and fix it. Renaming POSTed vars for no reason leads to vulnerabilities like this going unnoticed.[/QUOTE]

I might make this into a sig, it gets said so many times!

I might also add the usual answer of "I'm not worrying about security now, I'll add that later"!
Copy linkTweet thisAlerts:
@SyCoJul 06.2009 — Lol, yep I've considered it too. How about this for a sig. I've lost count of how many times I type these.

[LIST]
  • [*]Your script is vulnerable to SQL injection. You need to read up on what that is and fix it.

  • [*]Renaming POSTed vars for no reason leads to vulnerabilities.

  • [*]What did you expect and what did you get?

  • [*]Use a transaction for multiple queries that rely on each other.

  • [*]Use error_reporting(E_ALL) and post you errors with you questions

  • [*]Indicate the line number of the error in your code.

  • [*]Add print_r($_POST) to the form's landing/action page.

  • [*]Post relevant code.

  • [*]Queries in loops are generally a bad idea!

  • [*]Tell us what happened when you tried my suggestion.

  • [*]Spend at least as long writing the question as you expect someone to when replying.

  • [*]Say thanks if you get help!

    • [/LIST]
    [/QUOTE]
    edit: forgot queries in loops!

    Well I don't post that last one but I do think it regularly!!
    Copy linkTweet thisAlerts:
    @brunoaisJul 07.2009 — in this linecode you have a bug.
    [code=php]$checkusername = "SELECT * from members where username='$username'"; [/code]
    This way you'll never be able to find what you want.

    What you are sending is this:
    SELECT * from members where username='$username'[/QUOTE]
    but what you want is to send the value of the variable. try something like this:
    [code=php]$checkusername = "SELECT * from members where username='".$username."'"; [/code]
    Copy linkTweet thisAlerts:
    @MindzaiJul 07.2009 — ^^^

    That is not correct. The line you mention is perfectly valid. Variables inside double quoted strings will be parsed as normal.
    ×

    Success!

    Help @Robert_Elsdon spread the word by sharing this article on Twitter...

    Tweet This
    Sign in
    Forgot password?
    Sign in with TwitchSign in with GithubCreate Account
    about: ({
    version: 0.1.9 BETA 5.28,
    whats_new: community page,
    up_next: more Davinci•003 tasks,
    coming_soon: events calendar,
    social: @webDeveloperHQ
    });

    legal: ({
    terms: of use,
    privacy: policy
    });
    changelog: (
    version: 0.1.9,
    notes: added community page

    version: 0.1.8,
    notes: added Davinci•003

    version: 0.1.7,
    notes: upvote answers to bounties

    version: 0.1.6,
    notes: article editor refresh
    )...
    recent_tips: (
    tipper: @AriseFacilitySolutions09,
    tipped: article
    amount: 1000 SATS,

    tipper: @Yussuf4331,
    tipped: article
    amount: 1000 SATS,

    tipper: @darkwebsites540,
    tipped: article
    amount: 10 SATS,
    )...