PHP registration form question

[phpnewby]

I need help with this php registration form. The registration form works but I recently noticed I have been getting a bunch of bogus registered accounts. Is there a way to add the registered users ip address so that when I view the new registered accounts it will show their ip address.

I have added the ip value to the database as ip char (45) utf8_unicode_ci null=yes default=null   but can't seem to figure out what I need to add to this code to get the ip value to show. Any help is much appreciated.

PHP Code: [Select]

if(ereg("register.php",$_SERVER['PHP_SELF'])){

@header("Location:index.php");

die("<script>window.location='index.php';</script>"); //js redirect backup

}

//If form post => process form

if(isset($_POST['name']) && $_POST['name'] != ""){

//Validate Form Fields

require_once("classes/vImage.php");

$vImage = new vImage();

$vImage->loadCodes();

$error = array();

//verify image text

if($vImage->sessionCode != $vImage->postCode){

$error[] =  "Image Verification Text is Invalid\n";

}

//verify name

if(!isset($_POST['name']) || $_POST['name'] == ""){

$error[] =  "Enter Name\n";

}

//verify phone

if(!isset($_POST['phone']) || $_POST['phone'] == ""){

$error[] =  "Enter Phone\n";

}

//verify email

if(!validEmail($_POST['email'])){

$error[] =  "Enter Valid Email\n";

}

//verify confirm email

if(!isset($_POST['confirmemail']) || $_POST['confirmemail'] == ""){

$error[] =  "Enter Confirm Email\n";

}

//verify email equals confirm email

if($_POST['email'] != $_POST['confirmemail']){

$error[] =  "Confirm Email does not match\n";

}

//verify password

if(!isset($_POST['password']) || $_POST['password'] == ""){

$error[] =  "Enter Password\n";

}

//verify confirm password

if(!isset($_POST['confirmpassword']) || $_POST['confirmpassword'] == ""){

$error[] =  "Enter Confirm Password\n";

}

//verify password equals confirm password

if($_POST['password'] != $_POST['confirmpassword']){

$error[] =  "Confirm Password does not match\n";

}

//Verify email is not already registered

$sql = sprintf("select * from members where email LIKE '%s'", mysql_real_escape_string($_POST['email'], $mysql->conn));

$result = $mysql->exSql($sql) or die($mysql->debugPrint());

if(mysql_num_rows($result)>0){

$error[] = "Email address already registered\n";

}

//Display Error (if needed)

if(sizeof($error)>0){

for($i=0;$i<sizeof($error);$i++){

$xtpl->assign('error',$error[$i]);

$xtpl->parse('main.register.error');

}

}else{ //else no error => register member

$node = new sqlNode();

$node->table = "members";

$node->push("text","name",$_POST['name']);

$node->push("text","phone",$_POST['phone']);

$node->push("text","address",$_POST['address']);

$node->push("text","city",$_POST['city']);

$node->push("text","state",$_POST['state']);

$node->push("text","zip",$_POST['zip']);

$node->push("text","email",$_POST['email']);

$node->push("text","password",$_POST['password']);

$node->push("text","active","Yes"); //default

$node->push("defined","created","NOW()");

$result = $mysql->insert($node) or die($mysql->debugPrint());

$xtpl->parse('main.thankyou');

$xtpl->parse('main');

$xtpl->out('main');

[technobizzmo]

PHP Code: [Select]


<?php
$user_ip = $_SERVER['REMOTE_ADDR']
echo $user_ip;
?>


That will give you the users ip so then you just need to limit how many account each user can have.

Like in your error checking make sure each user has only so many account

[phpnewby]

Thank you for your help. I want to be able to have the ip address inserted into the database. What other code do I need?

[phpnewby]

This is the code I currently have. I am trying to get the users ip address inserted into the database.

PHP Code: [Select]

<?php

if(ereg("register.php",$_SERVER['PHP_SELF'])){

@header("Location:index.php");

die("<script>window.location='index.php';</script>"); //js redirect backup

}

//If form post => process form

if(isset($_POST['name']) && $_POST['name'] != ""){

//Validate Form Fields

require_once("classes/vImage.php");

$vImage = new vImage();

$vImage->loadCodes();

$error = array();

//verify image text

if($vImage->sessionCode != $vImage->postCode){

$error[] =  "Image Verification Text is Invalid\n";

}

//verify name

if(!isset($_POST['name']) || $_POST['name'] == ""){

$error[] =  "Enter Name\n";

}

//verify phone

if(!isset($_POST['phone']) || $_POST['phone'] == ""){

$error[] =  "Enter Phone\n";

}

//verify email

if(!validEmail($_POST['email'])){

$error[] =  "Enter Valid Email\n";

}

//verify confirm email

if(!isset($_POST['confirmemail']) || $_POST['confirmemail'] == ""){

$error[] =  "Enter Confirm Email\n";

}

//verify email equals confirm email

if($_POST['email'] != $_POST['confirmemail']){

$error[] =  "Confirm Email does not match\n";

}

//verify password

if(!isset($_POST['password']) || $_POST['password'] == ""){

$error[] =  "Enter Password\n";

}

//verify confirm password

if(!isset($_POST['confirmpassword']) || $_POST['confirmpassword'] == ""){

$error[] =  "Enter Confirm Password\n";

}

//verify password equals confirm password

if($_POST['password'] != $_POST['confirmpassword']){

$error[] =  "Confirm Password does not match\n";

}

//Verify email is not already registered

$sql = sprintf("select * from members where email LIKE '%s'", mysql_real_escape_string($_POST['email'], $mysql->conn));

$result = $mysql->exSql($sql) or die($mysql->debugPrint());

if(mysql_num_rows($result)>0){

$error[] = "Email address already registered\n";

}

// Get user ip 

$ip = $_SERVER['REMOTE_ADDR'];

//Display Error (if needed)

if(sizeof($error)>0){

for($i=0;$i<sizeof($error);$i++){

$xtpl->assign('error',$error[$i]);

$xtpl->parse('main.register.error');

}

}else{ //else no error => register member

$node = new sqlNode();

$node->table = "members";

$node->push("text","name",$_POST['name']);

$node->push("text","phone",$_POST['phone']);

$node->push("text","address",$_POST['address']);

$node->push("text","city",$_POST['city']);

$node->push("text","state",$_POST['state']);

$node->push("text","zip",$_POST['zip']);

$node->push("text","email",$_POST['email']);

$node->push("text","password",$_POST['password']);

$node->push("text","ip",$_POST['ip']);

$node->push("text","active","Yes"); //default

$node->push("defined","created","NOW()");

$result = $mysql->insert($node) or die($mysql->debugPrint());

$xtpl->parse('main.thankyou');

$xtpl->parse('main');

$xtpl->out('main');

//send emails of transaction

$emailXtpl =  new XTemplate("emailmessages/register.xtpl", SKIN);

$emailXtpl->assign('member',$member);

$emailXtpl->assign('settings',$settings);

if(validEmail($settings['email'])){

//send admin email

$to = $settings['email'];

$headers = sprintf("From: %s\r\nReply-To: noreply@%s\r\nX-Mailer: PHP/%s", $settings['email'], $settings['email'], phpversion());

$emailXtpl->parse('main.adminemail.subject');

$emailXtpl->parse('main.adminemail.body');

$subject = $emailXtpl->text('main.adminemail.subject');

$message = $emailXtpl->text('main.adminemail.body');

@mail($to,$subject,$message,$headers);

}

exit();

}

}

//Fetch county

$sql = "select * from counties order by title asc";

$result = $mysql->exSql($sql) or die($mysql->debugPrint());

if(mysql_num_rows($result)>0){

while($row = mysql_fetch_assoc($result)){

$row['selected'] = ($row['id'] == $_POST['countyid']?"selected":"");

$xtpl->assign('row',$row);

$xtpl->parse('main.register.localcounty.countyoptions');

}

$xtpl->parse('main.register.localcounty');

if(isset($_POST['city']) && $_POST['city'] != "" && isset($_POST['countyid']) && $_POST['countyid'] != ""){

$sql = sprintf("select * from city where countyID = %s order by title asc", intval($_POST['countyid']));

$result = $mysql->exSql($sql) or die($mysql->debugPrint());

while($row = mysql_fetch_assoc($result)){

$row['selected'] = ($row['title'] == $_POST['city']?"selected":"");

$xtpl->assign('row',$row);

$xtpl->parse('main.register.localcity.cityoption');

}

}

$xtpl->parse('main.register.localcity');

}else{

$xtpl->parse('main.register.county');

$xtpl->parse('main.register.city');

}

//Fetch States

$sql = "select * from `state` order by stitle asc";

$result = $mysql->exSql($sql) or die($mysql->debugPrint());

while($row = mysql_fetch_assoc($result)){

$row['selected'] = ($row['stitle'] == $_POST['state']?"selected":"");

$xtpl->assign('row',$row);

$xtpl->parse('main.register.state');

}

//Parse

$xtpl->parse('main.register');

?>
   

[technobizzmo]

I use a header file for my database take this code and save it as database.php

PHP Code: [Select]

<?PHP
if(!function_exists('connect'))
{
function connect()
{

$mysql_host = "localhost";
$mysql_user = "your_username";
$mysql_pass = "your_password";

if(! $linkid = mysql_connect("$mysql_host" , "$mysql_user",

     "$mysql_pass"))

{

echo "Error connecting to ".$mysql_host;

exit;

}

return $linkid;
}
}

if(!function_exists('send_sql'))
{
function send_sql($sql, $link, $db) {

if(!($succ = mysql_select_db($db))) {

echo mysql_error();

exit;

}

if(!($res = mysql_query($sql, $link))) {

echo mysql_error();

exit;

}

return $res;
}
}


?>



Then just enter the server the username and password to access the database

Then in your code just include the database.php and use its methods like this

PHP Code: [Select]

<?php
include("database.php");

$link = connect();
$db = "techbiz_trade";
$sql="INSERT INTO yourdatabase.yourtable(ip_address)

VALUES

('$ip_address')";
send_sql($sql, $link, $db);
?>


That should insert it for you. Oh and make sure you use escape_string on the ip address like this for security

PHP Code: [Select]


<?php
$ip_address = mysql_escape_string($_SERVER['REMOTE_ADDR']);
?>


[phpnewby]

Thank you for your help. I will try this out and see if I can get it to work.