PHP registration form question

General PHP Help
#1

I need help with this php registration form. The registration form works but I recently noticed I have been getting a bunch of bogus registered accounts. Is there a way to add the registered users ip address so that when I view the new registered accounts it will show their ip address.

I have added the ip value to the database as ip char (45) utf8_unicode_ci null=yes default=null but can’t seem to figure out what I need to add to this code to get the ip value to show. Any help is much appreciated.

[php]if(ereg(“register.php”,$_SERVER[‘PHP_SELF’])){
@header(“Location:index.php”);
die(“”); //js redirect backup
}

//If form post => process form
if(isset($_POST['name']) && $_POST['name'] != ""){
	//Validate Form Fields
	require_once("classes/vImage.php");
	$vImage = new vImage();		
	$vImage->loadCodes();
	$error = array();
	//verify image text
	if($vImage->sessionCode != $vImage->postCode){
		$error[] =  "Image Verification Text is Invalid\n";
	}
	//verify name
	if(!isset($_POST['name']) || $_POST['name'] == ""){
		$error[] =  "Enter Name\n";
	}
	//verify phone
	if(!isset($_POST['phone']) || $_POST['phone'] == ""){
		$error[] =  "Enter Phone\n";
	}
	//verify email
	if(!validEmail($_POST['email'])){
		$error[] =  "Enter Valid Email\n";
	}
	//verify confirm email
	if(!isset($_POST['confirmemail']) || $_POST['confirmemail'] == ""){
		$error[] =  "Enter Confirm Email\n";
	}
	//verify email equals confirm email
	if($_POST['email'] != $_POST['confirmemail']){
		$error[] =  "Confirm Email does not match\n";
	}		
	//verify password
	if(!isset($_POST['password']) || $_POST['password'] == ""){
		$error[] =  "Enter Password\n";
	}		
	//verify confirm password
	if(!isset($_POST['confirmpassword']) || $_POST['confirmpassword'] == ""){
		$error[] =  "Enter Confirm Password\n";
	}						
	//verify password equals confirm password
	if($_POST['password'] != $_POST['confirmpassword']){
		$error[] =  "Confirm Password does not match\n";
	}
	//Verify email is not already registered
	$sql = sprintf("select * from members where email LIKE '%s'", mysql_real_escape_string($_POST['email'], $mysql->conn));
	$result = $mysql->exSql($sql) or die($mysql->debugPrint());
	if(mysql_num_rows($result)>0){
		$error[] = "Email address already registered\n";
	}
	//Display Error (if needed)
	if(sizeof($error)>0){
		for($i=0;$i<sizeof($error);$i++){
			$xtpl->assign('error',$error[$i]);
			$xtpl->parse('main.register.error');
		}
	}else{ //else no error => register member
		$node = new sqlNode();
		$node->table = "members";
		$node->push("text","name",$_POST['name']);
		$node->push("text","phone",$_POST['phone']);
		$node->push("text","address",$_POST['address']);
		$node->push("text","city",$_POST['city']);
		$node->push("text","state",$_POST['state']);
		$node->push("text","zip",$_POST['zip']);
		$node->push("text","email",$_POST['email']);
		$node->push("text","password",$_POST['password']);
		$node->push("text","active","Yes"); //default
		$node->push("defined","created","NOW()");
		
		$result = $mysql->insert($node) or die($mysql->debugPrint());
		
		$xtpl->parse('main.thankyou');
		$xtpl->parse('main');
		$xtpl->out('main');[/php]
#2

[php]

<?php $user_ip = $_SERVER['REMOTE_ADDR'] echo $user_ip; ?>

[/php]

That will give you the users ip so then you just need to limit how many account each user can have.

Like in your error checking make sure each user has only so many account

#3

Thank you for your help. I want to be able to have the ip address inserted into the database. What other code do I need?

#4

This is the code I currently have. I am trying to get the users ip address inserted into the database.

[php]<?php

if(ereg("register.php",$_SERVER['PHP_SELF'])){
	@header("Location:index.php");
	die("<script>window.location='index.php';</script>"); //js redirect backup
}

//If form post => process form
if(isset($_POST['name']) && $_POST['name'] != ""){
	//Validate Form Fields
	require_once("classes/vImage.php");
	$vImage = new vImage();		
	$vImage->loadCodes();
	$error = array();
	//verify image text
	if($vImage->sessionCode != $vImage->postCode){
		$error[] =  "Image Verification Text is Invalid\n";
	}
	//verify name
	if(!isset($_POST['name']) || $_POST['name'] == ""){
		$error[] =  "Enter Name\n";
	}
	//verify phone
	if(!isset($_POST['phone']) || $_POST['phone'] == ""){
		$error[] =  "Enter Phone\n";
	}
	//verify email
	if(!validEmail($_POST['email'])){
		$error[] =  "Enter Valid Email\n";
	}
	//verify confirm email
	if(!isset($_POST['confirmemail']) || $_POST['confirmemail'] == ""){
		$error[] =  "Enter Confirm Email\n";
	}
	//verify email equals confirm email
	if($_POST['email'] != $_POST['confirmemail']){
		$error[] =  "Confirm Email does not match\n";
	}		
	//verify password
	if(!isset($_POST['password']) || $_POST['password'] == ""){
		$error[] =  "Enter Password\n";
	}		
	//verify confirm password
	if(!isset($_POST['confirmpassword']) || $_POST['confirmpassword'] == ""){
		$error[] =  "Enter Confirm Password\n";
	}						
	//verify password equals confirm password
	if($_POST['password'] != $_POST['confirmpassword']){
		$error[] =  "Confirm Password does not match\n";
	}
	//Verify email is not already registered
	$sql = sprintf("select * from members where email LIKE '%s'", mysql_real_escape_string($_POST['email'], $mysql->conn));
	$result = $mysql->exSql($sql) or die($mysql->debugPrint());
	if(mysql_num_rows($result)>0){
		$error[] = "Email address already registered\n";
	}
	// Get user ip 
	$ip = $_SERVER['REMOTE_ADDR'];

	//Display Error (if needed)
	if(sizeof($error)>0){
		for($i=0;$i<sizeof($error);$i++){
			$xtpl->assign('error',$error[$i]);
			$xtpl->parse('main.register.error');
		}
	}else{ //else no error => register member
		$node = new sqlNode();
		$node->table = "members";
		$node->push("text","name",$_POST['name']);
		$node->push("text","phone",$_POST['phone']);
		$node->push("text","address",$_POST['address']);
		$node->push("text","city",$_POST['city']);
		$node->push("text","state",$_POST['state']);
		$node->push("text","zip",$_POST['zip']);
		$node->push("text","email",$_POST['email']);
		$node->push("text","password",$_POST['password']);
		$node->push("text","ip",$_POST['ip']);
		$node->push("text","active","Yes"); //default
		$node->push("defined","created","NOW()");
		
		$result = $mysql->insert($node) or die($mysql->debugPrint());
		
		$xtpl->parse('main.thankyou');
		$xtpl->parse('main');
		$xtpl->out('main');
		
		//send emails of transaction
$emailXtpl =  new XTemplate("emailmessages/register.xtpl", SKIN);		

$emailXtpl->assign('member',$member);
$emailXtpl->assign('settings',$settings);	

if(validEmail($settings['email'])){

			
//send admin email
$to = $settings['email'];
$headers = sprintf("From: %s\r\nReply-To: noreply@%s\r\nX-Mailer: PHP/%s", $settings['email'], $settings['email'], phpversion());
$emailXtpl->parse('main.adminemail.subject');
$emailXtpl->parse('main.adminemail.body');
$subject = $emailXtpl->text('main.adminemail.subject');
$message = $emailXtpl->text('main.adminemail.body');			
@mail($to,$subject,$message,$headers);	
}
		exit();
	}
}	


//Fetch county
$sql = "select * from counties order by title asc";	
$result = $mysql->exSql($sql) or die($mysql->debugPrint());

if(mysql_num_rows($result)>0){	
	while($row = mysql_fetch_assoc($result)){
		$row['selected'] = ($row['id'] == $_POST['countyid']?"selected":"");
		$xtpl->assign('row',$row);
		$xtpl->parse('main.register.localcounty.countyoptions');
	}
	$xtpl->parse('main.register.localcounty');
	
	if(isset($_POST['city']) && $_POST['city'] != "" && isset($_POST['countyid']) && $_POST['countyid'] != ""){
		$sql = sprintf("select * from city where countyID = %s order by title asc", intval($_POST['countyid']));
		$result = $mysql->exSql($sql) or die($mysql->debugPrint());
		while($row = mysql_fetch_assoc($result)){
			$row['selected'] = ($row['title'] == $_POST['city']?"selected":"");
			$xtpl->assign('row',$row);
			$xtpl->parse('main.register.localcity.cityoption');
		}
	}
	
	$xtpl->parse('main.register.localcity');
}else{
	$xtpl->parse('main.register.county');
	$xtpl->parse('main.register.city');
}

//Fetch States	
$sql = "select * from `state` order by stitle asc";	
$result = $mysql->exSql($sql) or die($mysql->debugPrint());

while($row = mysql_fetch_assoc($result)){
	$row['selected'] = ($row['stitle'] == $_POST['state']?"selected":"");
	$xtpl->assign('row',$row);
	$xtpl->parse('main.register.state');
}

	
//Parse
$xtpl->parse('main.register');

?>
[/php]

#5

I use a header file for my database take this code and save it as database.php

[php]

<?PHP if(!function_exists('connect')) { function connect() { $mysql_host = "localhost"; $mysql_user = "your_username"; $mysql_pass = "your_password"; if(! $linkid = mysql_connect("$mysql_host" , "$mysql_user", "$mysql_pass")) { echo "Error connecting to ".$mysql_host; exit; } return $linkid; } } if(!function_exists('send_sql')) { function send_sql($sql, $link, $db) { if(!($succ = mysql_select_db($db))) { echo mysql_error(); exit; } if(!($res = mysql_query($sql, $link))) { echo mysql_error(); exit; } return $res; } } ?>

[/php]

Then just enter the server the username and password to access the database

Then in your code just include the database.php and use its methods like this

[php]

<?php include("database.php"); $link = connect(); $db = "techbiz_trade"; $sql="INSERT INTO yourdatabase.yourtable(ip_address) VALUES ('$ip_address')"; send_sql($sql, $link, $db); ?>

[/php]

That should insert it for you. Oh and make sure you use escape_string on the ip address like this for security

[php]

<?php $ip_address = mysql_escape_string($_SERVER['REMOTE_ADDR']); ?>

[/php]

#6

Thank you for your help. I will try this out and see if I can get it to work.

Sponsor our Newsletter | Privacy Policy | Terms of Service