By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
437,751 Members | 1,216 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 437,751 IT Pros & Developers. It's quick & easy.

PHP Skipping validation

P: 2
Hi, I have the following form:

Expand|Select|Wrap|Line Numbers
  1. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  2. <?PHP
  3.         if (!isset($instructimg)) {  //changes the error message
  4.             $instructimg = 'instruct_1a.png';
  5.             }
  6.  
  7.         if (!isset($username)) {  //remembers username
  8.          $username="";
  9.          }
  10. ?>
  11.  
  12. <html xmlns="http://www.w3.org/1999/xhtml">
  13.     <head>
  14.         <meta http-equiv="content-type" content="text/html;charset=utf-8" />
  15.         <title>xxx</title>
  16.         <link href="../css/style.css" rel="stylesheet" type="text/css" media="all" />
  17.         <link href="../css/reg.css" rel="stylesheet" type="text/css" media="all" />
  18.     </head>
  19. <body>
  20.  <div id="container">
  21.         <div id="header"><a href="xxxxxx"><img src="../images/header_small.png" alt="xxx" /></a></div>
  22.         <div id="content_top"><img src="images/top_1.png" alt="Signup status." /></div>
  23.         <div id="content_main"><img id="instruct" src="images/<?php echo $instructimg; ?>" alt="Please enter your details" />
  24.         <div id="form">
  25.         <form action="step1_update.php" method="post" id="step1" name="step1" onsubmit="return VerifyData(this)">
  26.         <label for="Username"><img src="images/username.png" alt="Enter a username" /></label>
  27.         <input name="Username" type="text" id="Username" size="30" value="<?php echo $username; ?>" tabindex="1" class="border" language="javascript" onclick="return Username_onclick()"><br/>
  28.         <label for="Password"><img src="images/password.png" alt="Enter a password"></img></label><br/>
  29.           <input name="Password" type="password" id="Password" size="30" value="" tabindex="2" class="border"><br/>
  30.         <label for="Confirm"><img src="images/confirm.png" alt="Confirm your password"></label><br/>
  31.         <input name="Confirm" type="password" id="Confirm" size="30" value="" tabindex="3" class="border"><br />
  32.         <div id="nav"><input name="step2" type="image" src="images/next.png" alt="Next" class="next" tabindex="4" /></div>
  33.         </form>
  34.         </div>
  35.         </div>
  36.     <div id="footer">
  37.     <ul>
  38.         <li><a href="About.asp"><img src="../images/footer/footer1about.png" alt="About Us"></img></a></li>
  39.         <li><a href="help.asp"><img src="../images/footer/footer2faq.png" alt="Help"></img></a></li>
  40.         <li><a href="safety.asp"><img src="../images/footer/footer3safe.png" alt="Safety Online"></img></a></li>
  41.         <li><a href="privacy.asp"><img src="../images/footer/footer4privacy.png" alt="Privacy"></img></a></li>
  42.         <li><a href="tc.asp"><img src="../images/footer/footer6tc.png" alt="Terms and Conditions"></img></a></li>
  43.         <li><img src="../images/footer/footer5right_small.png" alt="xxxxxx"></img></li>
  44.     </ul>
  45.  
  46.     </div>
  47.  
  48. </div>
  49. </body>
  50. </html>
And then this PHP to validate and post it into my table:

Expand|Select|Wrap|Line Numbers
  1. <?php //step1_insert.php
  2.  
  3. include("my_config.php");
  4.  
  5. // connect to the mysql server
  6. $link = mysql_connect($dbhost, $dbuser, $dbpass)
  7. or die ("MySQL is Broke! It said: ".mysql_error());
  8.  
  9. // select the databases
  10. mysql_select_db($dbname)
  11. or die ("Can't find that database mate, MySQL said: ".mysql_error());
  12.  
  13. //get the data and store it as vars
  14. $username=$_POST["Username"];
  15. $password=$_POST["Password"];
  16. $confirm=$_POST["Confirm"];
  17.  
  18. //check whether username exists
  19. $checkuser = mysql_query("SELECT username FROM users WHERE username='$username'");
  20. $username_exist = mysql_num_rows($checkuser);
  21. if($username_exist > 0){
  22.     $instructimg = 'instruct_1b.png';
  23.     unset($username);
  24.     unset($password);
  25.     include 'step1.php';
  26.     exit();
  27.     }
  28. //make sure password match
  29. if ($password != $confirm) {
  30.  $instructimg = 'instruct_1c.png';
  31.     unset($password);
  32.     include 'step1.php';
  33.     exit();
  34. }
  35. //make sure passwords are a minimum of 5 letters.
  36. if(strlen($password) < 5 ){
  37.  $instructimg = 'instruct_1d.png';
  38.     unset($password);
  39.     include 'step1.php';
  40.     exit();
  41. }
  42. //Everything validated and all good, lets add this guy to the table!
  43. $date = date("Y-m-d G:i:s"); //Get the date
  44. $adduser= mysql_query("INSERT into MyUser
  45. (username, pwd, creationdate)VALUES('$username','$password','$date')")
  46. or die(mysql_error());
  47.  
  48.  
  49. printf ("it worked, you added your self! your id was", mysql_insert_id());
  50.  
  51. ?>
It all works pretty well (except the mysql_insert_id function, but thats not my main worry), except after inserting the new users deatils into the table, clicking back then submitting the form again bypasses the "check if existing user" bit.

It will insert the same user again.

Any idea please let me know. Thanks for your time = )

John.
Mar 1 '07 #1
Share this Question
Share on Google+
1 Reply


P: 2
Please ignore the above! I was checking one table, then inserting into a different table.

Right infront of my nose...
Mar 1 '07 #2

Post your reply

Sign in to post your reply or Sign up for a free account.