Help with a PHP Register script!
07-07-2010, 08:56 AM,
#1
Help with a PHP Register script!
Hey guys, looking for a little help with a PHP script of mine.

Here's the code: http://niftyhost.pastebin.com/mDHdrqxg

When I visit the URL I get this error:

Parse error: syntax error, unexpected $end in /home/cameron/public_html/beta/register.php on line 97

The page handles both the registration and the HTML doc. Can't seem to figure out why this is happening, I tried a bunch of different things but nothing worked.
Hey.
Reply
07-07-2010, 09:38 AM,
#2
RE: Help with a PHP Register script!
You put {} at the end not }}.
Hi! I'm Zach, and I founded NiftyHost. If you need anything, just PM me! :)
Reply
07-07-2010, 09:44 AM, (This post was last modified: 07-07-2010, 09:55 AM by Cameron.)
#3
RE: Help with a PHP Register script!
I tried that too, nothing works
Still that 'Unexpected $end' .
Okay, I was able to clear the errors. But now the page only displays the header and not the table I had to organize the inputs. D:
Hey.
Reply
07-07-2010, 10:14 AM, (This post was last modified: 07-07-2010, 08:12 PM by RichardGv.)
#4
RE: Help with a PHP Register script!
The reason that the form don't appear is so... Minor.
Line 78:
Code:
<input type='password' name='password' value='>
Pay attention that you forgot a single-quote after "value". I think that's the reason why it did not work on my Firefox.

Also, tidy format and clean indentations are important programming habits because they can save much time when debugging parsing errors, and accelerate the process of reading codes.

strip_tags does nothing to SQL injection, so you need to be a bit careful and make sure magic_quotes_gpc are enabled. Or you are probably going to have great fun:
[Image: exploits_of_a_mom.png]
(A comic about SQL Injection, from xkcd.com)

Your script lacks proper isset() / empty() tests to input variable, and that's going to cause a huge amount of annoying PHP warnings (Notice: Undefined index: XXX).

Give me a minute. I'm writing a refined version. I will update this post soon.
A refined version I wrote:
(Attention: I don't know that much about PHP and I cannot guarantee anything about this version.)
PHP Code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"
>

<
html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:lang="en-us">

<
head>
    <
title>Registration</title>
    
    <
meta http-equiv="content-type" content="application/xhtml+xml; charset=utf-8" />
    <
meta name="robots" content="noindex, nofollow" />
</
head>

<
body>
<?
php
define
('FULLNAME_MAX'25);
define('FULLNAME_MIN'3);
define('USERNAME_MAX'25);
define('USERNAME_MIN'3);
define('PASSWORD_MAX'25);
define('PASSWORD_MIN'6);

if(empty(
$_POST['submit'])
        || empty(
$_POST['fullname'])
        || empty(
$_POST['username'])
        || empty(
$_POST['password'])
        || empty(
$_POST['repeatpwd'])
        || !(
$fullname trim($_POST['fullname']))
        || !(
$username trim($_POST['username']))
        || !(
$password trim($_POST['password']))
        || !(
$repeatpwd trim($_POST['repeatpwd']))
        || 
$password != $repeatpwd
        
|| strlen($fullname) >= FULLNAME_MAX
        
|| strlen($fullname) <= FULLNAME_MIN
        
|| strlen($username) >= USERNAME_MAX
        
|| strlen($username) <= USERNAME_MIN
        
|| strlen($password) >= PASSWORD_MAX
        
|| strlen($password) <= PASSWORD_MIN
        
) {
?>
    <h2>Registration</h2>
    <form action='register.php' method='POST'>
        <table>
            <tr>
                <td>Full Name:</td>
                <td>
                    <input type='text' name='fullname' value='' />
                </td>
            </tr>
            <tr>
                <td>Username:</td>
                <td>
                    <input type='text' name='username' value='' />
                </td>
            </tr>
            <tr>
                <td>Password:</td>
                <td>
                    <input type='password' name='password' value='' />
                </td>
            </tr>
            <tr>
                <td>Repeat Password:</td>
                <td>
                    <input type='password' name='repeatpwd' />
                </td>
            </tr>
        </table>
        <p><input type='submit' name='submit' value='Register' /></p>
    </form>
<?php
}
else {
    if(!
get_magic_quotes_gpc()) {
        
$username addslashes(strip_tags($username));
        
$fullname addslashes(strip_tags($fullname));
    }
    
$date date ("Y-m-d");
    
$password md5($password);
    
    
$connect mysqli_connect ("localhost","cameron_cameron","MYPASSHERE"'cameron_user');
    if(
mysqli_connect_errno()) {
        
// Connection error handling
    
}
    
$result mysqli_query ($db,
    
"INSERT INTO users VALUES ('','$fullname','$username','$password','$date')"
    
);
    echo 
"<p>Congrats! You've been registered! You may now <a href='index.php'>login</a></p>";
}

?>
</body>

</html> 
Gentoo Linux User (w/ fvwm) / Loyal Firefox User / Owner of a Stupid Old Computer - My PGP Public Key

No man is an island, entire of itself; every man is a piece of the continent, a part of the main; if a clod be washed away by the sea, Europe is the less, as well as if a promontory were, as well as if a manor of thy friends or of thine own were; any man's death diminishes me, because I am involved in mankind; and therefore never send to know for whom the bell tolls; it tolls for thee.
-- Devotions Upon Emergent Occasions (1624), John Donn
Reply
07-07-2010, 01:46 PM,
#5
RE: Help with a PHP Register script!
I use MySQL not MySQLi. Dunno if there the same thing or not O.o
Hey.
Reply
07-07-2010, 01:50 PM, (This post was last modified: 07-07-2010, 02:06 PM by RichardGv.)
#6
RE: Help with a PHP Register script!
(07-07-2010, 01:46 PM)Cameron Wrote: I use MySQL not MySQLi. Dunno if there the same thing or not O.o

Duh, please ask Wikipedia if you don't know.
https://secure.wikimedia.org/wikipedia/en/wiki/MySQLi
MySQLi is an improved version of MySQL PHP interface. It allows users to access the newly introduced functionalities since MySQL 4.1. It should work on most servers. I'm not sure about the differences, but they should be mostly the same. MySQLi is currently recommended by PHP developers, and the old MySQL PHP extension will no longer be supported in the future.
http://www.php.net/manual/en/book.mysqli.php
http://forge.mysql.com/wiki/Converting_to_MySQLi
Gentoo Linux User (w/ fvwm) / Loyal Firefox User / Owner of a Stupid Old Computer - My PGP Public Key

No man is an island, entire of itself; every man is a piece of the continent, a part of the main; if a clod be washed away by the sea, Europe is the less, as well as if a promontory were, as well as if a manor of thy friends or of thine own were; any man's death diminishes me, because I am involved in mankind; and therefore never send to know for whom the bell tolls; it tolls for thee.
-- Devotions Upon Emergent Occasions (1624), John Donn
Reply
07-07-2010, 03:47 PM,
#7
RE: Help with a PHP Register script!
Anyway your code was bust, got some syntax errors. I moved on to a different script I recieved from a friend. Thanks for the help though!
Hey.
Reply
07-07-2010, 08:12 PM, (This post was last modified: 07-07-2010, 11:35 PM by RichardGv.)
#8
RE: Help with a PHP Register script!
(07-07-2010, 03:47 PM)Cameron Wrote: Anyway your code was bust, got some syntax errors. I moved on to a different script I recieved from a friend. Thanks for the help though!

Sorry, somehow I added an extra "(". The error has been corrected.
PHP Code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"
>

<
html xmlns="http://www.w3.org/1999/xhtml" lang="en-us" xml:lang="en-us">

<
head>
    <
title>Registration</title>
    
    <
meta http-equiv="content-type" content="application/xhtml+xml; charset=utf-8" />
    <
meta name="robots" content="noindex, nofollow" />
</
head>

<
body>
<?
php
define
('FULLNAME_MAX'25);
define('FULLNAME_MIN'3);
define('USERNAME_MAX'25);
define('USERNAME_MIN'3);
define('PASSWORD_MAX'25);
define('PASSWORD_MIN'6);

if(empty(
$_POST['submit'])
        || empty(
$_POST['fullname'])
        || empty(
$_POST['username'])
        || empty(
$_POST['password'])
        || empty(
$_POST['repeatpwd'])
        || !(
$fullname trim($_POST['fullname']))
        || !(
$username trim($_POST['username']))
        || !(
$password trim($_POST['password']))
        || !(
$repeatpwd trim($_POST['repeatpwd']))
        || 
$password != $repeatpwd
        
|| strlen($fullname) >= FULLNAME_MAX
        
|| strlen($fullname) <= FULLNAME_MIN
        
|| strlen($username) >= USERNAME_MAX
        
|| strlen($username) <= USERNAME_MIN
        
|| strlen($password) >= PASSWORD_MAX
        
|| strlen($password) <= PASSWORD_MIN
        
) {
?>
    <h2>Registration</h2>
    <form action='register.php' method='POST'>
        <table>
            <tr>
                <td>Full Name:</td>
                <td>
                    <input type='text' name='fullname' value='' />
                </td>
            </tr>
            <tr>
                <td>Username:</td>
                <td>
                    <input type='text' name='username' value='' />
                </td>
            </tr>
            <tr>
                <td>Password:</td>
                <td>
                    <input type='password' name='password' value='' />
                </td>
            </tr>
            <tr>
                <td>Repeat Password:</td>
                <td>
                    <input type='password' name='repeatpwd' />
                </td>
            </tr>
        </table>
        <p><input type='submit' name='submit' value='Register' /></p>
    </form>
<?php
}
else {
    if(!
get_magic_quotes_gpc()) {
        
$username addslashes(strip_tags($username));
        
$fullname addslashes(strip_tags($fullname));
    }
    
$date date ("Y-m-d");
    
$password md5($password);
    
    
$connect mysqli_connect ("localhost","cameron_cameron","MYPASSHERE"'cameron_user');
    if(
mysqli_connect_errno()) {
        
// Connection error handling
    
}
    
$result mysqli_query ($db,
    
"INSERT INTO users VALUES ('','$fullname','$username','$password','$date')"
    
);
    echo 
"<p>Congrats! You've been registered! You may now <a href='index.php'>login</a></p>";
}

?>
</body>

</html> 
It's absolutely a problem that you can fix easily, though, that every person knowing a bit about PHP can fix easily.
Gentoo Linux User (w/ fvwm) / Loyal Firefox User / Owner of a Stupid Old Computer - My PGP Public Key

No man is an island, entire of itself; every man is a piece of the continent, a part of the main; if a clod be washed away by the sea, Europe is the less, as well as if a promontory were, as well as if a manor of thy friends or of thine own were; any man's death diminishes me, because I am involved in mankind; and therefore never send to know for whom the bell tolls; it tolls for thee.
-- Devotions Upon Emergent Occasions (1624), John Donn
Reply
07-07-2010, 11:00 PM,
#9
RE: Help with a PHP Register script!
Richard, I love your little PHP comic there ;)
Reply
07-10-2010, 02:11 PM,
#10
RE: Help with a PHP Register script!
Sorry I am like a week into PHP and was just looking for a little support.
Hey.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  [SOLV'D] PHP Login/Register Tutorial Soldier 9 3,185 12-04-2010, 02:31 AM
Last Post: Vanilla

Forum Jump: