I am trying to create a registration form that checks to see if the Email and passwords entered by the user match, if all forms are complete, and if the email has been previously used to register. When there is in fact an error, I would like the code to display the error message at the top of the registration form.
However, I cannon't figure out how to make the error message display above the registration inputs. Instead, what happens is that the error message replaces the registration inputs and appears alone (requiring the user to refresh the page to try registering again). This is my first post on stackoverflow, so please excuse me if my coding jargon is off! Below is the code I have been trying to use.
<?php
// Connect to database server
mysql_connect("localhost", "root") or die (mysql_error ());
// Select database
mysql_select_db("mydatabase") or die(mysql_error());
//Checks to make sure form has been submitted
if (isset($_POST['submit'])) {
//Checks to make sure all fields are complete
if (!$_POST['FirstName'] | !$_POST['LastName'] | !$_POST['Username']| !$_POST['Username2']| !$_POST['Password']| !$_POST['Password2'] ) {
die('You did not complete all of the required fields');
}
//Check to see if email has already been used to reigster
if (!get_magic_quotes_gpc()) {
$_POST['Username'] = addslashes($_POST['Username']);
}
$usercheck = $_POST['Username'];
$check = mysql_query("SELECT Username FROM people WHERE Username = '$usercheck'")
or die(mysql_error());
$check2 = mysql_num_rows($check);
//Email has already been used to register message
if ($check2 != 0) {
die('Sorry, the Email '.$_POST['Username'].' has already been used to register.');
}
//Confirm that Emails match
if ($_POST['Username'] != $_POST['Username2']) {
die('The Email addresses you entered do not match. ');
}
//Confirm that passwords match
if ($_POST['Password'] != $_POST['Password2']) {
die('The passwords you entered do not match. ');
}
//Encrypt the password and add slashes if needed
$_POST['Password'] = md5($_POST['Password']);
if (!get_magic_quotes_gpc()) {
$_POST['Password'] = addslashes($_POST['Password']);
$_POST['Username'] = addslashes($_POST['Username']);
}
// now we insert it into the database
$insert = "INSERT INTO people(FirstName,LastName,Username,Password) VALUES ('" . $_POST["FirstName"] . "','" . $_POST["LastName"] . "','" . $_POST["Username"] . "','" . $_POST["Password"] . "')";
$add_member = mysql_query($insert);
?>
Registered
Thank you, you have registered - you may now login.
<?php
}
else
{
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table border="0">
<tr><td>First Name:</td><td>
<input type="text" name="FirstName" maxlength="60">
</td></tr>
<tr><td>Last Name:</td><td>
<input type="text" name="LastName" maxlength="60">
</td></tr>
<tr><td>Email Address:</td><td>
<input type="text" name="Username" maxlength="60">
</td></tr>
<tr><td>Confirm Email Address:</td><td>
<input type="text" name="Username2" maxlength="60">
</td></tr>
<tr><td>Password (8 character minimum):</td><td>
<input type="password" name="Password">
</td></tr>
<tr><td>Confirm Password:</td><td>
<input type="password" name="Password2">
</td></tr>
<tr><th colspan=2>
<input type="submit" name="submit" value="Register"></th></tr> </table>
</form>
<?php
}
?>
mysql_*
functions in new code. They are no longer maintained and the deprecation process has begun, see the red box. Learn about prepared statements instead, and use PDO or MySQLi; this article will help you decide which. If you choose PDO, here is a good tutorial. – Geek Num 88