below is the code for a registration form. It “works”,I mean that the insert query is being performed, some error messages appear. the problem is, i don’t understand how “root” is being automatically sent to the database as a username.
when logging into phpmyadmin, the username root appears because it is on autofill. but, i don’t get why it’s filling the registration form with root. i don’t see “root” entered on the form, but, after registering, it says “Congratulations root!”. If i leave the form blank, i don’t get the error message for blank username either.
i’ve just started learning php,so i guess something might be wrong with the code.
any help, plz?
<html>
<head>
<link rel="stylesheet" type="text/css" href="reset.css" media="screen" />
<link rel="stylesheet" type="text/css" href="style.css" media="screen" />
<title>Register</title>
</head>
<body>
<div id="layout_wrapper">
<div id="layout_container">
<div id="layout_content">
<div id="site_title">
<h1><a href="home.html">WEBSITE</a></h1>
<h2>WEBSITE DESCRI</h2>
</div>
<div id="header_image"></div>
<div class="clearer"> </div>
</div>
<div id="main">
<div class="post">
<div class="post_top">
<div class="post_title"><h2>REGISTER</h2></div>
</div>
<div class="post_body">
<?php
$error_stat=0;
$errorMsg='';
if (isset ($_POST['submit'])){
$username = $_POST['username'];
$gender = preg_replace('#[^a-z]#i', '', $_POST['gender']);
$b_m = preg_replace('#[^0-9]#i', '', $_POST['birth_month']);
$b_d = preg_replace('#[^0-9]#i', '', $_POST['birth_day']);
$b_y = preg_replace('#[^0-9]#i', '', $_POST['birth_year']);
$email1 = $_POST['email1'];
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
$email1 = stripslashes($email1);
$pass1 = stripslashes($pass1);
$email2 = stripslashes($email2);
$pass2 = stripslashes($pass2);
$email1 = strip_tags($email1);
$pass1 = strip_tags($pass1);
$email2 = strip_tags($email2);
$pass2 = strip_tags($pass2);
include_once "../scripts/connect_to_mysql.php";
$emailCHecker = mysql_real_escape_string($email1);
$emailCHecker = str_replace("`", "", $emailCHecker);
$sql_uname_check = mysql_query("SELECT user_name FROM tbl_user WHERE user_name='$username'");
$uname_check = mysql_num_rows($sql_uname_check);
$sql_email_check = mysql_query("SELECT email FROM tbl_user WHERE email='$emailCHecker'");
$email_check = mysql_num_rows($sql_email_check);
if ((!$username) || (!$gender) || (!$b_m) || (!$b_d) || (!$b_y) || (!$email1) || (!$pass1) || (!$pass2)) {
$error_stat=1;
$errorMsg = 'ERROR: You did not submit the following required information:<br /><br />';
if(!$username){
$errorMsg .= ' * User Name<br />';
}
if(!$gender){
$errorMsg .= ' * Sex <br />';
}
if(!$b_m){
$errorMsg .= ' * Birth Month<br />';
}
if(!$b_d){
$errorMsg .= ' * Birth Day<br />';
}
if(!$b_y){
$errorMsg .= ' * Birth year<br />';
}
if(!$email1){
$errorMsg .= ' * Email Address<br />';
}
if(!$pass1){
$errorMsg .= ' * Login Password<br />';
}
if(!$pass2){
$errorMsg .= ' * Confirm Login Password<br />';
}
} else if ($pass1 != $pass2) {
$errorMsg = 'ERROR: Your Password fields below do not match<br />';
} else if (strlen($username) < 4) {
$errorMsg = "<u>ERROR:</u><br />Your User Name is too short. 4 - 20 characters please.<br />";
} else if (strlen($username) > 20) {
$errorMsg = "<u>ERROR:</u><br />Your User Name is too long. 4 - 20 characters please.<br />";
} else if ($uname_check > 0){
$errorMsg = "<u>ERROR:</u><br />Your User Name is already in use inside of our system. Please try another.<br />";
} else if ($email_check > 0){
$errorMsg = "<u>ERROR:</u><br />Your Email address is already in use inside of our system. Please use another.<br />";
} else {
$email1 = mysql_real_escape_string($email1);
$pass1 = mysql_real_escape_string($pass1);
$full_birthday = "$b_y-$b_m-$b_d";
$sql = mysql_query("INSERT INTO tbl_user (user_name, sex, dob, date_joined,email, password)
VALUES('$username','$gender','$full_birthday', now(),'$email1', '$pass1')")
or die (mysql_error());
$id = mysql_insert_id();
echo "<h2>Registration Successful!</h2>";
echo "<p>Congratulations <b>$username</b>, your registration was successful. Your account has now been created with the following details:</p>";
echo "<p><b>Username:</b> $username</p>";
echo "<p><b>Password:</b> $pass1</p>";
echo "<p><b>Sex:</b> $gender</p>";
echo "<p><b>Email:</b> $email1</p>";
echo "<p><b>DOB:</b> $full_birthday</p>";
echo "<p>You may now login.</p>";
} // Close else after duplication checks
}
if (!isset($_POST['submit']) || $error_stat==1) {
?>
<?php echo $errorMsg;?>
<form method="POST" action="">
<table>
<tr>
<td width="114" bgcolor="#FFFFFF">User Name: *</span></td>
<td width="452" bgcolor="#FFFFFF"><input name="username" type="text" id="username " size="32" maxlength="20" />
<span id="nameresponse">Alphanumeric Characters Only</span></td>
</tr>
<tr>
<td bgcolor="#EFEFEF">Sex:*</span></td>
<td bgcolor="#EFEFEF"><label>
<input name="gender" type="radio" id="gender" value="m" checked="checked" />Male
<input type="radio" name="gender" id="gender" value="f" />Female
</label></td>
</tr>
<tr>
<td bgcolor="#FFFFFF">Date of Birth:*</span></td>
<td bgcolor="#FFFFFF">
<select name="birth_month" id="birth_month">
<option value="01">January</option>
<option value="02">February</option>
<option value="03">March</option>
<option value="04">April</option>
<option value="05">May</option>
<option value="06">June</option>
<option value="07">July</option>
<option value="08">August</option>
<option value="09">September</option>
<option value="10">October</option>
<option value="11">November</option>
<option value="12">December</option>
</select>
<select name="birth_day" id="birth_day">
<option value="01">1</option>
<option value="02">2</option>
<option value="03">3</option>
<option value="04">4</option>
<option value="05">5</option>
<option value="06">6</option>
<option value="07">7</option>
<option value="08">8</option>
<option value="09">9</option>
<option value="10">10</option>
<option value="11">11</option>
<option value="12">12</option>
<option value="13">13</option>
<option value="14">14</option>
<option value="15">15</option>
<option value="16">16</option>
<option value="17">17</option>
<option value="18">18</option>
<option value="19">19</option>
<option value="20">20</option>
<option value="21">21</option>
<option value="22">22</option>
<option value="23">23</option>
<option value="24">24</option>
<option value="25">25</option>
<option value="26">26</option>
<option value="27">27</option>
<option value="28">28</option>
<option value="29">29</option>
<option value="30">30</option>
<option value="31">31</option>
</select>
<select name="birth_year" id="birth_year">
<option value="2010">2010</option>
<option value="2009">2009</option>
<option value="2008">2008</option>
<option value="2007">2007</option>
<option value="2006">2006</option>
<option value="2005">2005</option>
<option value="2004">2004</option>
<option value="2003">2003</option>
<option value="2002">2002</option>
<option value="2001">2001</option>
<option value="2000">2000</option>
<option value="1999">1999</option>
<option value="1998">1998</option>
<option value="1997">1997</option>
<option value="1996">1996</option>
<option value="1995">1995</option>
<option value="1994">1994</option>
<option value="1993">1993</option>
<option value="1992">1992</option>
<option value="1991">1991</option>
<option value="1990">1990</option>
<option value="1989">1989</option>
<option value="1988">1988</option>
<option value="1987">1987</option>
<option value="1986">1986</option>
<option value="1985">1985</option>
<option value="1984">1984</option>
<option value="1983">1983</option>
<option value="1982">1982</option>
<option value="1981">1981</option>
<option value="1980">1980</option>
<option value="1979">1979</option>
<option value="1978">1978</option>
<option value="1977">1977</option>
<option value="1976">1976</option>
<option value="1975">1975</option>
<option value="1974">1974</option>
<option value="1973">1973</option>
<option value="1972">1972</option>
<option value="1971">1971</option>
<option value="1970">1970</option>
<option value="1969">1969</option>
<option value="1968">1968</option>
<option value="1967">1967</option>
<option value="1966">1966</option>
<option value="1965">1965</option>
<option value="1964">1964</option>
<option value="1963">1963</option>
<option value="1962">1962</option>
<option value="1961">1961</option>
<option value="1960">1960</option>
<option value="1959">1959</option>
<option value="1958">1958</option>
<option value="1957">1957</option>
<option value="1956">1956</option>
<option value="1955">1955</option>
<option value="1954">1954</option>
<option value="1953">1953</option>
<option value="1952">1952</option>
<option value="1951">1951</option>
<option value="1950">1950</option>
<option value="1949">1949</option>
<option value="1948">1948</option>
<option value="1947">1947</option>
<option value="1946">1946</option>
<option value="1945">1945</option>
<option value="1944">1944</option>
<option value="1943">1943</option>
<option value="1942">1942</option>
<option value="1941">1941</option>
<option value="1940">1940</option>
<option value="1939">1939</option>
<option value="1938">1938</option>
<option value="1937">1937</option>
<option value="1936">1936</option>
<option value="1935">1935</option>
<option value="1934">1934</option>
<option value="1933">1933</option>
<option value="1932">1932</option>
<option value="1931">1931</option>
<option value="1930">1930</option>
<option value="1929">1929</option>
<option value="1928">1928</option>
<option value="1927">1927</option>
<option value="1926">1926</option>
<option value="1925">1925</option>
<option value="1924">1924</option>
<option value="1923">1923</option>
<option value="1922">1922</option>
<option value="1921">1921</option>
<option value="1920">1920</option>
<option value="1919">1919</option>
<option value="1918">1918</option>
<option value="1917">1917</option>
<option value="1916">1916</option>
<option value="1915">1915</option>
<option value="1914">1914</option>
<option value="1913">1913</option>
<option value="1912">1912</option>
<option value="1911">1911</option>
<option value="1910">1910</option>
<option value="1909">1909</option>
<option value="1908">1908</option>
<option value="1907">1907</option>
<option value="1906">1906</option>
<option value="1905">1905</option>
<option value="1904">1904</option>
<option value="1903">1903</option>
<option value="1902">1902</option>
<option value="1901">1901</option>
<option value="1900">1900</option>
</select>
</td>
</tr>
<tr>
<td bgcolor="#EFEFEF">Email Address:*</span></td>
<td bgcolor="#EFEFEF"><input name="email1" type="text" id="email1" size="32" maxlength="48" /></td>
</tr>
<tr>
<td bgcolor="#FFFFFF">Create Password:*</span></td>
<td bgcolor="#FFFFFF"><input name="pass1" type="password" id="pass1" size="32" maxlength="16" />
<span>Alphanumeric Characters Only</span></td>
</tr>
<tr>
<td bgcolor="#EFEFEF">Confirm Password: *</span></td>
<td bgcolor="#EFEFEF"><input name="pass2" type="password" id="pass2" size="32" maxlength="16" />
<span>Alphanumeric Characters Only</span></td>
</tr>
<tr>
<td><input type="submit" name="submit" value="Sign Up!" /></td>
</tr>
</table>
</form>
<?php
}
?>
</div>
<div id="footer">
<div class="left">© 2011</div>
<div class="right"><a href="#">....</a><a href="#">....</a></div>
<div class="clearer"> </div>
</div>
</div>
</div>
</div>
</body>
</html>