Hi, I am re-learning PHP on my own and am doing a login custom login system from scratch. What I am trying to acheive with the code below is this:
I have one table that holds the user information (username, password, etc). On my login page at the moment I have a registration form that will create a new entry to said table but will check first if the username and/or email already exists. If it does exist, a string variable will be displayed with the correct error returned and the page reloaded with the appended username or email. This all works but…
Problem: When I enter a username or password that is already been used, I have my message displaying in my html, that works but the problem I am having is if I do that first then enter a valid information after, the error message still appears on my page and the last incorrect username or password is still appended to the url at the top of the page.
How would I go about and clear my error message string and my appended text to my url once the user creates a new correct user account?
Thanks!
Code:
[php]<?php require_once('Connections/connCLShub.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
// *** Redirect if username exists
$MM_flag="MM_insert";
if (isset($_POST[$MM_flag])) {
$MM_dupKeyRedirect="login.php";
$loginUsername = $_POST['username'];
$LoginRS__query = sprintf("SELECT username FROM users WHERE username=%s", GetSQLValueString($loginUsername, "text"));
mysql_select_db($database_connCLShub, $connCLShub);
$LoginRS=mysql_query($LoginRS__query, $connCLShub) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
//if there is a row in the database, the username was found - can not add the requested username
if($loginFoundUser){
$MM_qsChar = "?";
//append the username to the redirect page
if (substr_count($MM_dupKeyRedirect,"?") >=1) $MM_qsChar = "&";
$MM_dupKeyRedirect = $MM_dupKeyRedirect . $MM_qsChar ."requsername=".$loginUsername;
header ("Location: $MM_dupKeyRedirect");
exit;
}
}
// Check email
if (isset($_POST[$MM_flag])) {
$MM_dupKeyRedirect="login.php";
$loginEmail = $_POST['emailAdress'];
$LoginRS__query = sprintf("SELECT emailAdress FROM users WHERE emailAdress=%s", GetSQLValueString($loginEmail, "text"));
mysql_select_db($database_connCLShub, $connCLShub);
$LoginRS=mysql_query($LoginRS__query, $connCLShub) or die(mysql_error());
$loginFoundEmail = mysql_num_rows($LoginRS);
//if there is a row in the database, the username was found - can not add the requested username
if($loginFoundEmail){
$MM_qsChar = "?";
//append the username to the redirect page
if (substr_count($MM_dupKeyRedirect,"?") >=1) $MM_qsChar = "&";
$MM_dupKeyRedirect = $MM_dupKeyRedirect . $MM_qsChar ."reqemail=".$loginEmail;
header ("Location: $MM_dupKeyRedirect");
exit;
}
}
// check appended username query
$varError = '';
if (isset($_GET['requsername'])) {
$varError = "*Error: Username " .$_GET['requsername'] ." is already in use.";
}
if (isset($_GET['reqemail'])) {
$varError = "*Error: E-mail adress " .$_GET['reqemail'] ." has already been registered.";
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "RegisterForm")) {
$insertSQL = sprintf("INSERT INTO users (username, password, firstName, lastName, emailAdress) VALUES (%s, %s, %s, %s, %s)",
GetSQLValueString($_POST['username'], "text"),
GetSQLValueString($_POST['password'], "text"),
GetSQLValueString($_POST['firstName'], "text"),
GetSQLValueString($_POST['lastName'], "text"),
GetSQLValueString($_POST['emailAdress'], "text"));
mysql_select_db($database_connCLShub, $connCLShub);
$Result1 = mysql_query($insertSQL, $connCLShub) or die(mysql_error());
$insertGoTo = "login.php";
if (isset($_SERVER['QUERY_STRING'])) {
$varError = '';
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}
?>[/php]
[code]
CLS Canada Hub
Login In
Register a new account
| Username: |
|
| Password: |
|
| First Name: |
|
| Last Name: |
|
| E-mail Adress: |
|
| |
|
<?php
if($varError != '')
echo $varError;
?>
[/code]
