First, don't know if this is the right section if its not please move it Hey, i spent all day writting a register php code just for it not to register anything into the database, im getting no php errors so what could be the coruse? Any ideas, Thanks Heres the code 9:31 of part 3 Code: <?php echo "<h1>Register</h1>"; $submit = $_POST['submit']; //form data $username = strip_tags($_POST['username']); $password = strip_tags($_POST['password']); $repeatpassword = strip_tags($_POST['repeatpassword']); $date = date("y-m-d"); if ($submit) { ///check for existance if ($username&&$password&&$repeatpassword) { if ($password == $repeatpassword) { //check char mength of username and fullname if (strlen($username)>25||strlen($username)>25) { echo "Length of username or fullname is too long!"; } else // check password length if (strlen($password)>25||strlen($password)<6) { echo "Password must be beetween 6 and 25 charaters"; } else { //register the user // encrypt password $password = md5($password); //open database $connect = mysql_connect("localhost","root","") or die ("Error"); mysql_select_db("3dsrage"); //select database $result = mysql_query("SELECT * FROM users"); mysql_query("INSERT INTO users (username, password) VALUES ('$username', '$password',$date)"); echo ("You have been registred"); } } else echo "Your Passwords do not match!"; } else echo "Please fill in <b>all</b> fields!"; } ?> <html> <p> <form action='register.php' method='POST'> <table> <tr> <tr> <td> Choose a username </td> <td> <input type='text' name='username' value='<?php echo $username; ?>'> </td> </tr> <tr> <td> Choose a password </td> <td> <input type='password' name='password'> </td> </tr> <tr> <td> Repeat your Password </td> <td> <input type='password' name='repeatpassword'> </td> </tr> </table> <p> <input type='submit' name='submit' Value='Register'> </form> Ive tried a public server (admintalk.net) and my local server (My Computer) but nothing works felt like i wasted a whole day :angry: Hope yous can adjust this code to actually submit something into the database Thanks, Spuduster PS: i could of been working on my forum instead of this code hoping to get it working asap.
And yes thanks everyone for solving the login and register now i need permissions. Great thanks everyone for getting my login working. Now how do i make admin sessions. $_SESSION['username'] == false) A Normal Guest $_SESSION['username'] = Normal User I need $_SESSION['Admin'] which is only admins with this session can see this page. I learning
Can someone modfi this from using sessions to something more better, when i ban a user they wont be banned untill they login again, Need something that will say if theres 1 in the database for that user then kill the script, Next time they refresh the page, It be alot easier and better, or something that can destroy the sessions if it == 1 so they have to login again. Code: <?php session_start(); include ("connection.php"); if ($_SESSION['banned'] == 1) die ("Your Account Has Been Disabled, Please Contact An Administrator!"); ?>
You need to check the database each time there is a request and the user is logged in. So you need to do a query like : SELECT count(idUser) FROM users WHERE username = 'xyz' AND banned=0 if count <= 0, then the user is banned. By the way, you should read on SQL Injection, the code you posted in your first post is vulnerable.
To check if someone's banned, don't put it in a session.. When the user is logged in you could query their username and fetch an array... Example: PHP: $query = mysql_query("SELECT * FROM users WHERE username = '$_SESSION[username]'");$array = mysql_fetch_array($query); Then use PHP: if ($array[banned] == "1"){ // Put your banned code here... }
