This is my init.inc.php Page:
<?php
session_start();
$exceptions = array('register','login');
$page = substr(end(explode('/',$_SERVER['SCRIPT_NAME'])),0,-4);
if(in_array($page, $exceptions) === false){
if(isset($SESSION['username']) === false){
header('Location: login.php');
die();
}
}
mysql_connect('localhost','root','');
mysql_select_db('newlogin');
$path = dirname(__FILE__);
include("{$path}/inc/user.inc.php");
?>
this is my user.inc.php page:
<?php
// check is the given username exisits in the table
function user_exists($user){
$user = mysql_real_escape_string($user);
$total = mysql_query("SELECT COUNT('user_id') FROM 'user_tbl' WHERE 'user_name' = '{$user}'");
return (mysql_result($total, 0) == '1') ? true : false;
}
// checks is the username and password are valid
function valid_credentials($user, $pass){
$user = mysql_real_escape_string($user);
$pass = sha1($pass);
$total = mysql_query("SELECT COUNT('user_id') FROM 'user_tbl' WHERE 'user_name' = '{$user}' AND 'user_password' = '{$pass}'");
return (mysql_result($total, 0) == '1') ? true : false;
}
//adds user to the database
function add_user($user, $pass){
$user = mysql_real_escape_string(htmlentities($user));
$pass = sha1($pass);
mysql_query("INSERT INTO 'user_tbl' ('user_name', 'user_password') VALUES ('{$user}', '{$pass}')");
}
?>and finally this is my registration page:
<?php
error_reporting(0);
include('core/init.inc.php');
$errors = array();
if(isset($_POST['username'], $_POST['password'], $_POST['repeat_password'])){
if(empty($_POST['username'])){
$errors[] = "The username field cannot be empty!";
}
if(empty($_POST['password']) || empty($_POST['repeat_password'])){
$errors[] = "The password fields cannot be empty!";
}
if($_POST['password'] !== $_POST['repeat_password']){
$errors[] = "Password verification failed !";
}
if(user_exists($_POST['username'])){
$errors[] = "That username has already been taken!";
}
if(empty($errors)){
add_user($_POST['username'], $_POST['password']);
$_SESSION['username'] = htmlentities($_POST['username']);
header('Location: protected.php');
die();
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
<div>
<?php
if( empty($errors) === false){
?>
<ul>
<?php
foreach($errors as $error){
echo "<li>{$error}</li>";
}
?>
</ul>
<?php
}
?>
</div>
<form action="" method="post">
<p>
<label for="username"> Username:</label>
<input type="text" name="username" id="username" value="<?php if(isset($_POST['username'])) echo htmlentities($_POST['username']); ?>" />
</p>
<p>
<label for="password"> Password:</label>
<input type="password" name="password" id="password" />
</p>
<p>
<label for="repeat_password"> Repeat Password:</label>
<input type="password" name="repeat_password" id="repeat_password" />
</p>
<p>
<input type="submit" value="Register" />
</p>
</form>
</body>
</html>the issue im having its getting my new users to my data baseā¦
OpzMaster: Fixed errors in the implementation of the CODE tags.