php folder create

oliverjohnstone

hi

i have created a script that creates a user in a mysql db and i need it to create a folder for that user. the snipit of code that should do this i think is this

mkdir("/var/www/hosts/$full_name");

it is suposed to create a folder called the full name of a user entered into a form
can anyone please tell me what i am doing wrong
p.s i have made sure the perms are correct

Markus

Turn on debugging messages.

Also, post the code you use. It may be a problem elsewhere.

oliverjohnstone

sorry im relly new to php
heres the fulll code

Expand|Select|Wrap|Line Numbers

 
<?php 

session_start();
 
include ('dbc.php'); 
 
if ($_POST['Submit'] == 'Register')

{

   if (strlen($_POST['email']) < 5)

   {

    die ("Incorrect email. Please enter valid email address..");

    }

   if (strcmp($_POST['pass1'],$_POST['pass2']) || empty($_POST['pass1']) )

    { 

    //die ("Password does not match");

    die("ERROR: Password does not match or empty..");
 
    }

    if (strcmp(md5($_POST['user_code']),$_SESSION['ckey']))

    { 

             die("Invalid code entered. Please enter the correct code as shown in the Image");

          } 

    $rs_duplicates = mysql_query("select id from users where full_name='$_POST[full_name]'");

    $duplicates = mysql_num_rows($rs_duplicates);
 
    if ($duplicates > 0)

    {    

    //die ("ERROR: Account already exists.");

    header("Location: register.php?msg=ERROR: Account already exists..");

    exit();

    }
 
    $md5pass = md5($_POST['pass2']);

    $activ_code = rand(1000,9999);

    $server = $_SERVER['HTTP_HOST'];

    $host = ereg_replace('www.','',$server);

    mkdir("/var/www/hosts/.$full_name.");

    mysql_query("INSERT INTO users

                  (`user_email`,`user_pwd`,`country`,`joined`,`activation_code`,`full_name`)

                  VALUES

                  ('$_POST[email]','$md5pass','$_POST[country]',now(),'$activ_code','$_POST[full_name]')") or die(mysql_error());
 
    $message = 

"Thank you for registering an account with $server. Here are your login details...\n\n

Your domain: $_POST[full_name] \n

Password: As posted

Activation Code: $activ_code \n

____________________________________________

*** ACTIVATION LINK ***** \n

Activation Link: http://$server/activate.php?usr=$_POST[email]&code=$activ_code \n\n

_____________________________________________

Thank you. This is an automated response. PLEASE DO NOT REPLY.

";
 
    mail($_POST['email'] , "Login Activation", $message,

    "From: \"Auto-Response\" <notifications@$host>\r\n" .

     "X-Mailer: PHP/" . phpversion());

    unset($_SESSION['ckey']);

    echo("Registration was Successful! An activation code has been sent to your email address with an activation link...");    
 
    exit;

    }    
 
?>

here is the error msg i get

Quote:

Notice: Undefined variable: full_name in /var/www/hosts/www.easehosting.co.uk/docs/register.php on line 39

Warning: mkdir() [function.mkdir]: File exists in /var/www/hosts/www.easehosting.co.uk/docs/register.php on line 39

thank you

Atli

Hi.

Apparently, the $full_name variable is undefined, meaning that it doesn't exist before you try to use it.

If the value for this is coming from a HTML form, then you would most likely have to fetch it from the $_POST array before you use it. (Like your code does with all the other form values).

I would also advice you to validate the input before using it.
Currently you are simply passing the user input into your code without even checking to see if the values exist.
You should make sure the values exists, and that they are what you expect them to be, or your web will be vulnerable to all sorts of security threats. Like SQL Injection.

oliverjohnstone

thank you that was a big help

php folder create

re: php folder create

re: php folder create

re: php folder create

re: php folder create

Similar PHP bytes

/bytes/development

/bytes/it

/bytes/about