0

I'm simply trying to create a membership area with a sign-up form. However, it's not submitting. I have been through everything and I still can't figure this out. There appear to be no errors (except that it's not working!)

I'm running this locally.

config.php file

<?php session_start();

$connection = mysql_connect('localhost', 'root', '******');
mysql_select_db("members",$connection);

$mail_webmaster = '[email protected]';

$url_root = 'http://localhost/getmanaging/';

$url_home = 'index.php';

$design = 'default';
?>

Sign_up.php page:

    <?php
include('config.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
        <link href="<?php echo $design; ?>/style.css" rel="stylesheet" title="Style" />
        <title>Sign up</title>
    </head>
    <body>
        <div class="header">
            <a href="<?php echo $url_home; ?>"><img src="<?php echo $design; ?>/images/logo.png" alt="Members Area" /></a>
        </div>
<?php
//We check if the form has been sent
if(isset($_POST['username'], $_POST['firstname'], $_POST['surname'], $_POST['password'], $_POST['passverif'], $_POST['email'], $_POST['site_location'], $_POST['role']) and $_POST['username']!='')
{
    //We remove slashes depending on the configuration
    if(get_magic_quotes_gpc())
    {
        $_POST['username'] = stripslashes($_POST['username']);
        $_POST['firstname'] = stripslashes($_POST['firstname']);
        $_POST['surname'] = stripslashes($_POST['surname']);
        $_POST['password'] = stripslashes($_POST['password']);
        $_POST['passverif'] = stripslashes($_POST['passverif']);
        $_POST['email'] = stripslashes($_POST['email']);
        $_POST['site_location'] = stripslashes($_POST['site_location']);
        $_POST['role'] = stripslashes($_POST['role']);
    }
    //We check if the two passwords are identical
    if($_POST['password']==$_POST['passverif'])
    {
        //We check if the password has 6 or more characters
        if(strlen($_POST['password'])>=6)
        {
            //We check if the email form is valid
            if(preg_match('#^(([a-z0-9!\#$%&\\\'*+/=?^_`{|}~-]+\.?)*[a-z0-9!\#$%&\\\'*+/=?^_`{|}~-]+)@(([a-z0-9-_]+\.?)*[a-z0-9-_]+)\.[a-z]{2,}$#i',$_POST['email']))
            {
                //We protect the variables
                $username = mysql_real_escape_string($_POST['username']);
                $firstname = mysql_real_escape_string($_POST['firstname']);
                $surname = mysql_real_escape_string($_POST['surname']);
                $password = mysql_real_escape_string($_POST['password']);
                $email = mysql_real_escape_string($_POST['email']);
                $site_location = mysql_real_escape_string($_POST['site_location']);
                $role = mysql_real_escape_string($_POST['role']);
                //We check if there is no other user using the same username
                $dn = mysql_num_rows(mysql_query('select id from users where username="'.$username.'"'));
                if($dn==0)
                {
                    //We count the number of users to give an ID to this one
                    $dn2 = mysql_num_rows(mysql_query('select id from users'));
                    $id = $dn2+1;
                    //We save the informations to the databse
                    if(mysql_query('insert into users(id, username, firstname, surname, password, email, site_location, role, signup_date) values ('.$id.', "'.$username.'", "'.$firstname.'", "'.$surname.'", "'.$password.'", "'.$email.'", "'.$site_location.'", "'.$role.'", "'.time().'")'))
                    {
                        //We dont display the form
                        $form = false;
?>
<div class="message">You have successfuly been signed up. You can log in.<br />
<a href="connexion.php">Log in</a></div>
<?php
                    }
                    else
                    {
                        //Otherwise, we say that an error occured
                        $form = true;
                        $message = 'An error occurred while signing up.';
                    }
                }
                else
                {
                    //Otherwise, we say the username is not available
                    $form = true;
                    $message = 'The username you want to use is not available, please choose another one.';
                }
            }
            else
            {
                //Otherwise, we say the email is not valid
                $form = true;
                $message = 'The email you entered is not valid.';
            }
        }
        else
        {
            //Otherwise, we say the password is too short
            $form = true;
            $message = 'Your password must contain at least 6 characters.';
        }
    }
    else
    {
        //Otherwise, we say the passwords are not identical
        $form = true;
        $message = 'The passwords you entered are not identical.';
    }
}
else
{
    $form = true;
}
if($form)
{
    //We display a message if necessary
    if(isset($message))
    {
        echo '<div class="message">'.$message.'</div>';
    }
    //We display the form
?>
<div class="content">
    <form action="sign_up.php" method="post">
        Please fill the following form to sign up:<br />
        <div class="center">
            <label for="username">Username: </label><input type="text" name="username" value="<?php if(isset($_POST['username'])){echo htmlentities($_POST['username'], ENT_QUOTES, 'UTF-8');} ?>" /><br />
             <label for="firstname">First Name: </label><input type="text" name="firstname" value="<?php if(isset($_POST['firstname'])){echo htmlentities($_POST['firstname'], ENT_QUOTES, 'UTF-8');} ?>" /><br />
                   <label for="surname">Surame: </label><input type="text" name="surname" value="<?php if(isset($_POST['surname'])){echo htmlentities($_POST['surname'], ENT_QUOTES, 'UTF-8');} ?>" /><br />
            <label for="password">Password<span class="small">(6 characters min.): </span></label><input type="password" name="password" /><br />
            <label for="passverif">Password<span class="small">(verification): </span></label><input type="password" name="passverif" /><br />
            <label for="email">Email: </label><input type="text" name="email" value="<?php if(isset($_POST['email'])){echo htmlentities($_POST['email'], ENT_QUOTES, 'UTF-8');} ?>" /><br />
            <label for="site_location">Site Location: </label><input type="text" name="email" value="<?php if(isset($_POST['site_location'])){echo htmlentities($_POST['site_location'], ENT_QUOTES, 'UTF-8');} ?>" /><br />
             <label for="role">Role: </label><input type="text" name="role" value="<?php if(isset($_POST['role'])){echo htmlentities($_POST['role'], ENT_QUOTES, 'UTF-8');} ?>" /><br />
            <input type="submit" value="Sign up" />
        </div>
    </form>
</div>
<?php
}
?>
        <div class="foot"><a href="<?php echo $url_home; ?>">Go Home</a>
    </body>
</html>
Improve this question
8
  • add these in your config.php file ini_set('display_errors', 1); error_reporting(-1); and try submitting the form again. Commented Feb 8, 2013 at 11:30
  • dumping out the code wont help..and also use mysqli_()....mysql_() is going to be deprecated soon Commented Feb 8, 2013 at 11:31
  • How far does it get? "not submitting" is vague. Does the form actually post and you get the inputs? Does the db connection work? Does it get as far as the validation? Commented Feb 8, 2013 at 11:32
  • did you try your database connection? does it actually connect? Commented Feb 8, 2013 at 11:32
  • By "not submitting" I mean it doesn't post anything. The only thing that happens is text in some of the forms disappears. Commented Feb 8, 2013 at 11:36

3 Answers 3

Reset to default
1

If your file name is sign-up.php than maybe your problem lies in this line:

<form action="sign_up.php" method="post">

change it to:

<form action="sign-up.php" method="post">
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

My mistake in typing it here... It is sign_up.php. I edited it in the question now. Thanks!
0

Your "site location" field is misnamed ( name="email" ) hence isset returns always false, hence the php block is never executed.

Improve this answer

2 Comments

Btw. if you feel you know basic php you should start looking into frameworks - any decent framework with form validation would have revealed an error like that instantly (and it would be more secure and more convenient for you as developer).
That was the problem. Thank you! What framework do you suggest?
0

I think the problem could come from your query insert into users(id.... There is no interval after table name, but I can't be sure. You should set errors to work.

You shoudd add or die(mysql_error()); after every line with mysql_query to dump if there are any errors.

 //We count the number of users to give an ID to this one
               mysql_query('select id from users order by id dest limit 1')

A think this way of getting the last user id is better.

Also I think that, when you insert into db you should use INSERT INTO table SET id=1, name=Ivan, role=admin than INSET INTO table (...) VALUES(...), because that way it's clear to see what do you insert and it's ease to change some values.

action="sign_up.php" shuold be action="sign-up.php"

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.