Help with "If-Else" Statements in Relation to a Sign Up and Login Website Featur

General PHP Help
#1

Hi again. I need help with something I’m trying to do with my sign up form. Essentially, I need to have some sort of notification when people fail to complete the form (viewable on forensicoutreach.com/signup.php) or have typed in invalid characters into the field.

First, I tried to make it so that when a field was incomplete, it redirected to a page specific to what was missing or invalid. But as you might be able to make out below, this didn’t work because if an individual left the whole form blank, it would have already redirected to a page about only failing to complete the email address. I hope that makes sense.

What I was wondering was: is there anyway to make it so that the notification appears in the content area of the same page? If I only use the echo function to type in an error message in place of the redirects, it ruins the stablity of the entire page. Alternatively, any help in getting the redirects to work properly will also help.

Code is here, and I would very much appreciate any help!

[php]<?php // signup.php

// Include the configuration file and the HTML header.

require_once(‘includes/config.inc.php’);

$page_title = ‘Sign up’;

include(‘includes/header.html’);

// Create the conditional that checks for form submission + database connection script.

if (isset($_POST[‘submitted’])) {
require_once(‘includes/mysqli_connect.php’);

// Trim the incoming data and set some flag variables.

$trimmed = array_map(‘trim’, $_POST);
$fn = $ln = $e = $p = FALSE;

$fn = FALSE;
$ln = FALSE;
$e = FALSE;
$p = FALSE;

// Validate the first and last names.

if (preg_match (’/^[A-Z ‘.-]{2,20}$/i’, $trimmed[‘first_name’])) {
$fn = mysqli_real_escape_string($dbc, $trimmed[‘first_name’]);
} else {
ob_end_clean();
$url = BASE_URL . ‘noname.php’;
header(“Location: $url”);
}

if (preg_match (’/^[A-Z ‘.-]{2,40}$/i’, $trimmed[‘last_name’])) {
$ln = mysqli_real_escape_string($dbc, $trimmed[‘last_name’]);
} else {
ob_end_clean();
$url = BASE_URL . ‘noname.php’;
header(“Location: $url”);
}

// Validate the email address.

if (preg_match (’/^[\w.-]+@[\w.-]+.[A-Za-z]{2,6}$/’, $trimmed[‘email’])) {
$e = mysqli_real_escape_string($dbc, $trimmed[‘email’]);
} else {
ob_end_clean();
$url = BASE_URL . ‘noemail.php’;
header(“Location: $url”);
}

// Validate the passwords.

if (preg_match (’/^\w{4,20}$/’, $trimmed[‘password1’]) ) {
if ($trimmed[‘password1’] == $trimmed[‘password2’]) {
$p = mysqli_real_escape_string ($dbc, $trimmed[‘password1’]);
} else {
ob_end_clean();
$url = BASE_URL . ‘nopassword.php’;
header(“Location: $url”);
}

} else {
ob_end_clean();
$url = BASE_URL . ‘invalid.php’;
header(“Location: $url”);
}

// Is this a unique email address?

if ($fn && $ln && $e && $p) {
$q = “SELECT user_id FROM users WHERE email=’$e’”;
$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n
MYSQL Error: " . mysqli_error($dbc));

// If the email address is unused, register the user:

if (mysqli_num_rows($r) == 0) {
					
					$a = md5(uniqid(rand(), true));
					$q = "INSERT INTO users (email, pass, first_name, last_name, active, registration_date) VALUES ('$e', SHA1('$p'), '$fn', '$ln', '$a', NOW() )";
					$r = mysqli_query($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error:" . mysqli_error($dbc));
					
					// Send an email if the query worked.
					
					if (mysqli_affected_rows($dbc) == 1) {
						$body = "
						Welcome to Forensic Outreach. To activate your account, please click here:\n\n";
						$body .= BASE_URL . 'activate.php?x=' . urlencode($e) . "&y=$a";
						mail($trimmed['email'], 'Welcome to Forensic Outreach', $body, 'From: [email protected]');
						ob_end_clean();
						$url = BASE_URL . 'success.php';
						header("Location: $url");							
						include ('includes/footer.html');
						exit();
						
						// Print errors if the query failed.
						
					} else {
						ob_end_clean();
						$url = BASE_URL . 'error.php';
						header("Location: $url");
					}
					
					} else {
						ob_end_clean();
						$url = BASE_URL . 'unavailable.php';
						header("Location: $url");
						
					}

} else {

ob_end_clean();
$url = BASE_URL . 'unavailable.php';
header("Location: $url");;

}

mysqli_close($dbc);

} // End of the main submit conditional.

?>

Sign Up 
  <div class="content">
  
  <div class="leftc">
  
  
    <h1>Sign Up</h1>
    <h2>Start downloading worksheets, lesson plans and more.</h2>
    <p>Already signed up? <a href="login.php"><strong>Login</strong></a> now.
    
    <div class="leftcolc">
    
    </div>
    
    
    <div class="leftcolc">
        <h2>It's easy and free.</h2>
        
        <!-- Script for a login form --> 
        <form action="signup.php" method="post" ><fieldset>
        <p class="form">first name</p> <input type="text" name="first_name" size="20" maxlength="20" value="<?php if (isset($trimmed['first_name'])) echo $trimmed['first_name'];?>"/></p>
        <p class="form">last name</p> <input type="text" name="last_name" size="20" maxlength="40" value="<?php if (isset($trimmed['last_name'])) echo $trimmed['last_name'];?>"/></p>
        <p class="form">email</p> <input type="text" name="email" size="20" maxlength="80" value="<?php if (isset($trimmed['email'])) echo $trimmed['email'];?>"/></p>
        <p class="form">password</p> <input type="password" name="password1" size="20" maxlength="20"/></p>
        <p class="form">confirm password</p> <input type="password" name="password2" size="20" maxlength="20"/></p>
        
        <p><input type="submit" name="submit" value="Sign Up" />
        <input type="hidden" name="submitted" value="TRUE" />
        </fieldset>
        </form>
    </div>
    
    <div class="leftcolc">
    

    </div>
   
  
 
    <!--/content -->
   
  </div>

	<!--footer -->
<?php include('includes/footer.html'); ?> 
					[/php]
#2

Okay, instead of reading that whole horrible post; the question really is this. If you go to my sign-up page (www.forensicoutreach.com/signup.php), you’ll see that if you neglect to complete a field or type in a valid pw or email address, it creates an ugly series of errors that float near the top and don’t integrate in to the actual content of the design.

I tried to fix this problem through redirects to nicer pages (code above) but I wonder if there is a way to fix this code so the “echoed” error statements can become part of the page instead of floating right under the nav bar.

Code for the current page is here:

[php]<?php // signup.php

// Include the configuration file and the HTML header.

require_once(‘includes/config.inc.php’);

$page_title = ‘Sign up’;

include(‘includes/header.html’);

// Create the conditional that checks for form submission + database connection script.

if (isset($_POST[‘submitted’])) {
require_once(‘includes/mysqli_connect.php’);

// Trim the incoming data and set some flag variables.

$trimmed = array_map(‘trim’, $_POST);
$fn = $ln = $e = $p = FALSE;

$fn = FALSE;
$ln = FALSE;
$e = FALSE;
$p = FALSE;

// Validate the first and last names.

if (preg_match (’/^[A-Z ‘.-]{2,20}$/i’, $trimmed[‘first_name’])) {
$fn = mysqli_real_escape_string($dbc, $trimmed[‘first_name’]);
} else {
echo ‘

Please enter your first name.

’;
}

if (preg_match (’/^[A-Z ‘.-]{2,40}$/i’, $trimmed[‘last_name’])) {
$ln = mysqli_real_escape_string($dbc, $trimmed[‘last_name’]);
} else {
echo ‘

Please enter your last name.

’;
}

// Validate the email address.

if (preg_match (’/^[\w.-]+@[\w.-]+.[A-Za-z]{2,6}$/’, $trimmed[‘email’])) {
$e = mysqli_real_escape_string($dbc, $trimmed[‘email’]);
} else {
echo ‘

Please enter your email address.

’;
}

// Validate the passwords.

if (preg_match (’/^\w{4,20}$/’, $trimmed[‘password1’]) ) {
if ($trimmed[‘password1’] == $trimmed[‘password2’]) {
$p = mysqli_real_escape_string ($dbc, $trimmed[‘password1’]);
} else {

echo '<p>Your passwords did not match.</p>';

}

} else {
echo ‘

You have entered an invalid password.

’;
}

// Is this a unique email address?

if ($fn && $ln && $e && $p) {
$q = “SELECT user_id FROM users WHERE email=’$e’”;
$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n
MYSQL Error: " . mysqli_error($dbc));

// If the email address is unused, register the user:

if (mysqli_num_rows($r) == 0) {
					
					$a = md5(uniqid(rand(), true));
					$q = "INSERT INTO users (email, pass, first_name, last_name, active, registration_date) VALUES ('$e', SHA1('$p'), '$fn', '$ln', '$a', NOW() )";
					$r = mysqli_query($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error:" . mysqli_error($dbc));
					
					// Send an email if the query worked.
					
					if (mysqli_affected_rows($dbc) == 1) {
						$body = "
						Welcome to Forensic Outreach. To activate your account, please click here:\n\n";
						$body .= BASE_URL . 'activate.php?x=' . urlencode($e) . "&y=$a";
						mail($trimmed['email'], 'Welcome to Forensic Outreach', $body, 'From: [email protected]');
						ob_end_clean();
						$url = BASE_URL . 'success.php';
						header("Location: $url");							
						include ('includes/footer.html');
						exit();
						
						// Print errors if the query failed.
						
					} else {
						echo '<p>You could not be registered.</p>';
					}
					
					} else {
						echo '<p>Email has already been registered.</p>';
						
					}

} else {

echo '<p>Please reenter your passwords and try again.</p>';

}

mysqli_close($dbc);

} // End of the main submit conditional.

?>

Sign Up 
  <div class="content">
  
  <div class="leftc">
  
  
    <h1>Sign Up</h1>
    <h2>Start downloading worksheets, lesson plans and more.</h2>
    <p>Already signed up? <a href="login.php"><strong>Login</strong></a> now.
    
    <div class="leftcolc">
    
    </div>
    
    
    <div class="leftcolc">
        <h2>It's easy and free.</h2>
        
        <!-- Script for a login form --> 
        <form action="signup.php" method="post" ><fieldset>
        <p class="form">first name</p> <input type="text" name="first_name" size="20" maxlength="20" value="<?php if (isset($trimmed['first_name'])) echo $trimmed['first_name'];?>"/></p>
        <p class="form">last name</p> <input type="text" name="last_name" size="20" maxlength="40" value="<?php if (isset($trimmed['last_name'])) echo $trimmed['last_name'];?>"/></p>
        <p class="form">email</p> <input type="text" name="email" size="20" maxlength="80" value="<?php if (isset($trimmed['email'])) echo $trimmed['email'];?>"/></p>
        <p class="form">password</p> <input type="password" name="password1" size="20" maxlength="20"/></p>
        <p class="form">confirm password</p> <input type="password" name="password2" size="20" maxlength="20"/></p>
        
        <p><input type="submit" name="submit" value="Sign Up" />
        <input type="hidden" name="submitted" value="TRUE" />
        </fieldset>
        </form>
    </div>
    
    <div class="leftcolc">
    

    </div>
   
  
 
    <!--/content -->
   
  </div>

	<!--footer -->
<?php include('includes/footer.html'); ?> 
					[/php]
#3

can i see the contents of login.php… ;D

Sponsor our Newsletter | Privacy Policy | Terms of Service