NiftyHost Forums (Archive)
Help with a PHP Register script! - Printable Version

+- NiftyHost Forums (Archive) (https://niftyhost.chary.us/support)
+-- Forum: Technology (https://niftyhost.chary.us/support/forum-7.html)
+--- Forum: Coding (https://niftyhost.chary.us/support/forum-12.html)
+--- Thread: Help with a PHP Register script! (/thread-373.html)

Pages: 1 2


Help with a PHP Register script! - Cameron - 07-07-2010

Hey guys, looking for a little help with a PHP script of mine.

Here's the code: http://niftyhost.pastebin.com/mDHdrqxg

When I visit the URL I get this error:

Parse error: syntax error, unexpected $end in /home/cameron/public_html/beta/register.php on line 97

The page handles both the registration and the HTML doc. Can't seem to figure out why this is happening, I tried a bunch of different things but nothing worked.


RE: Help with a PHP Register script! - Zach - 07-07-2010

You put {} at the end not }}.


RE: Help with a PHP Register script! - Cameron - 07-07-2010

I tried that too, nothing works
Still that 'Unexpected $end' .
Okay, I was able to clear the errors. But now the page only displays the header and not the table I had to organize the inputs. D:


RE: Help with a PHP Register script! - RichardGv - 07-07-2010

The reason that the form don't appear is so... Minor.
Line 78:
Code:
<input type='password' name='password' value='>
Pay attention that you forgot a single-quote after "value". I think that's the reason why it did not work on my Firefox.

Also, tidy format and clean indentations are important programming habits because they can save much time when debugging parsing errors, and accelerate the process of reading codes.

strip_tags does nothing to SQL injection, so you need to be a bit careful and make sure magic_quotes_gpc are enabled. Or you are probably going to have great fun:
[Image: exploits_of_a_mom.png]
(A comic about SQL Injection, from xkcd.com)

Your script lacks proper isset() / empty() tests to input variable, and that's going to cause a huge amount of annoying PHP warnings (Notice: Undefined index: XXX).

Give me a minute. I'm writing a refined version. I will update this post soon.
A refined version I wrote:
(Attention: I don't know that much about PHP and I cannot guarantee anything about this version.)
PHP Code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"
>

<
html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:lang="en-us">

<
head>
    <
title>Registration</title>
    
    <
meta http-equiv="content-type" content="application/xhtml+xml; charset=utf-8" />
    <
meta name="robots" content="noindex, nofollow" />
</
head>

<
body>
<?
php
define
('FULLNAME_MAX'25);
define('FULLNAME_MIN'3);
define('USERNAME_MAX'25);
define('USERNAME_MIN'3);
define('PASSWORD_MAX'25);
define('PASSWORD_MIN'6);

if(empty(
$_POST['submit'])
        || empty(
$_POST['fullname'])
        || empty(
$_POST['username'])
        || empty(
$_POST['password'])
        || empty(
$_POST['repeatpwd'])
        || !(
$fullname trim($_POST['fullname']))
        || !(
$username trim($_POST['username']))
        || !(
$password trim($_POST['password']))
        || !(
$repeatpwd trim($_POST['repeatpwd']))
        || 
$password != $repeatpwd
        
|| strlen($fullname) >= FULLNAME_MAX
        
|| strlen($fullname) <= FULLNAME_MIN
        
|| strlen($username) >= USERNAME_MAX
        
|| strlen($username) <= USERNAME_MIN
        
|| strlen($password) >= PASSWORD_MAX
        
|| strlen($password) <= PASSWORD_MIN
        
) {
?>
    <h2>Registration</h2>
    <form action='register.php' method='POST'>
        <table>
            <tr>
                <td>Full Name:</td>
                <td>
                    <input type='text' name='fullname' value='' />
                </td>
            </tr>
            <tr>
                <td>Username:</td>
                <td>
                    <input type='text' name='username' value='' />
                </td>
            </tr>
            <tr>
                <td>Password:</td>
                <td>
                    <input type='password' name='password' value='' />
                </td>
            </tr>
            <tr>
                <td>Repeat Password:</td>
                <td>
                    <input type='password' name='repeatpwd' />
                </td>
            </tr>
        </table>
        <p><input type='submit' name='submit' value='Register' /></p>
    </form>
<?php
}
else {
    if(!
get_magic_quotes_gpc()) {
        
$username addslashes(strip_tags($username));
        
$fullname addslashes(strip_tags($fullname));
    }
    
$date date ("Y-m-d");
    
$password md5($password);
    
    
$connect mysqli_connect ("localhost","cameron_cameron","MYPASSHERE"'cameron_user');
    if(
mysqli_connect_errno()) {
        
// Connection error handling
    
}
    
$result mysqli_query ($db,
    
"INSERT INTO users VALUES ('','$fullname','$username','$password','$date')"
    
);
    echo 
"<p>Congrats! You've been registered! You may now <a href='index.php'>login</a></p>";
}

?>
</body>

</html> 



RE: Help with a PHP Register script! - Cameron - 07-07-2010

I use MySQL not MySQLi. Dunno if there the same thing or not O.o


RE: Help with a PHP Register script! - RichardGv - 07-07-2010

(07-07-2010, 01:46 PM)Cameron Wrote: I use MySQL not MySQLi. Dunno if there the same thing or not O.o

Duh, please ask Wikipedia if you don't know.
https://secure.wikimedia.org/wikipedia/en/wiki/MySQLi
MySQLi is an improved version of MySQL PHP interface. It allows users to access the newly introduced functionalities since MySQL 4.1. It should work on most servers. I'm not sure about the differences, but they should be mostly the same. MySQLi is currently recommended by PHP developers, and the old MySQL PHP extension will no longer be supported in the future.
http://www.php.net/manual/en/book.mysqli.php
http://forge.mysql.com/wiki/Converting_to_MySQLi


RE: Help with a PHP Register script! - Cameron - 07-07-2010

Anyway your code was bust, got some syntax errors. I moved on to a different script I recieved from a friend. Thanks for the help though!


RE: Help with a PHP Register script! - RichardGv - 07-07-2010

(07-07-2010, 03:47 PM)Cameron Wrote: Anyway your code was bust, got some syntax errors. I moved on to a different script I recieved from a friend. Thanks for the help though!

Sorry, somehow I added an extra "(". The error has been corrected.
PHP Code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"
>

<
html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:lang="en-us">

<
head>
    <
title>Registration</title>
    
    <
meta http-equiv="content-type" content="application/xhtml+xml; charset=utf-8" />
    <
meta name="robots" content="noindex, nofollow" />
</
head>

<
body>
<?
php
define
('FULLNAME_MAX'25);
define('FULLNAME_MIN'3);
define('USERNAME_MAX'25);
define('USERNAME_MIN'3);
define('PASSWORD_MAX'25);
define('PASSWORD_MIN'6);

if(empty(
$_POST['submit'])
        || empty(
$_POST['fullname'])
        || empty(
$_POST['username'])
        || empty(
$_POST['password'])
        || empty(
$_POST['repeatpwd'])
        || !(
$fullname trim($_POST['fullname']))
        || !(
$username trim($_POST['username']))
        || !(
$password trim($_POST['password']))
        || !(
$repeatpwd trim($_POST['repeatpwd']))
        || 
$password != $repeatpwd
        
|| strlen($fullname) >= FULLNAME_MAX
        
|| strlen($fullname) <= FULLNAME_MIN
        
|| strlen($username) >= USERNAME_MAX
        
|| strlen($username) <= USERNAME_MIN
        
|| strlen($password) >= PASSWORD_MAX
        
|| strlen($password) <= PASSWORD_MIN
        
) {
?>
    <h2>Registration</h2>
    <form action='register.php' method='POST'>
        <table>
            <tr>
                <td>Full Name:</td>
                <td>
                    <input type='text' name='fullname' value='' />
                </td>
            </tr>
            <tr>
                <td>Username:</td>
                <td>
                    <input type='text' name='username' value='' />
                </td>
            </tr>
            <tr>
                <td>Password:</td>
                <td>
                    <input type='password' name='password' value='' />
                </td>
            </tr>
            <tr>
                <td>Repeat Password:</td>
                <td>
                    <input type='password' name='repeatpwd' />
                </td>
            </tr>
        </table>
        <p><input type='submit' name='submit' value='Register' /></p>
    </form>
<?php
}
else {
    if(!
get_magic_quotes_gpc()) {
        
$username addslashes(strip_tags($username));
        
$fullname addslashes(strip_tags($fullname));
    }
    
$date date ("Y-m-d");
    
$password md5($password);
    
    
$connect mysqli_connect ("localhost","cameron_cameron","MYPASSHERE"'cameron_user');
    if(
mysqli_connect_errno()) {
        
// Connection error handling
    
}
    
$result mysqli_query ($db,
    
"INSERT INTO users VALUES ('','$fullname','$username','$password','$date')"
    
);
    echo 
"<p>Congrats! You've been registered! You may now <a href='index.php'>login</a></p>";
}

?>
</body>

</html> 
It's absolutely a problem that you can fix easily, though, that every person knowing a bit about PHP can fix easily.


RE: Help with a PHP Register script! - Matt - 07-07-2010

Richard, I love your little PHP comic there ;)


RE: Help with a PHP Register script! - Cameron - 07-10-2010

Sorry I am like a week into PHP and was just looking for a little support.