Board index   FAQ   Search  
Register  Login
Board index php forum :: Database mySQL & php coding

NEED HELP ABOUT THIS CODE.. PLEASE PLEASE PLEASE

Codes here !

Moderators: macek, egami, gesf

NEED HELP ABOUT THIS CODE.. PLEASE PLEASE PLEASE

Postby vinsux » Wed Jun 20, 2012 6:37 am

In my code.. i have 2 tables, the faculty and student tables..

if the type is faculty, the registration will be placed in the faculty table,
if the type is student, the registration will be placed in the student table..

i'm debugging it since yesterday

pls. help this is for our thesis project and php is not my comfort zone in terms of programming...

please please pleaseeeee

Code: Select all
<?php
 
 mysql_connect("localhost","root","") or die(mysql_error());
 mysql_select_db("login") or die(mysql_error());

 if (isset($_POST['submit'])) {

 $typecheck = $_POST['type'];
 $tcheck2 = mysql_query("SELECT type FROM students, faculty WHERE type = '$typecheck'")
or die(mysql_error());
   
 $typecheck2 = mysql_num_rows($tcheck2);

 if ($typecheck2 != 0) {
   
     if (!$_POST['username'] | !$_POST['pass'] | !$_POST['pass2']| !$_POST['namelast']| !$_POST['namefirst']| !$_POST['namemi']
                | !$_POST['type']| !$_POST['gender']| !$_POST['course'] ) {
       die('You did not complete all of the required fields');
    }

    if (!get_magic_quotes_gpc()) {
       $_POST['username'] = addslashes($_POST['username']);
    }

    $usercheck = $_POST['username'];
    $check = mysql_query("SELECT fusername FROM faculty WHERE fusername = '$usercheck'")
      or die(mysql_error());
 
    $check2 = mysql_num_rows($check);

    if ($check2 == 1) {
       die('Sorry, the username '.$_POST['username'].' is already in use.');
             }

    if ($_POST['pass'] != $_POST['pass2']) {
       die('Your passwords did not match. ');
    }

    $_POST['pass'] = md5($_POST['pass']);

    if (!get_magic_quotes_gpc()) {
       $_POST['pass'] = addslashes($_POST['pass']);
       $_POST['username'] = addslashes($_POST['username']);
      $_POST['namelast'] = addslashes($_POST['namelast']);
      $_POST['namefirst'] = addslashes($_POST['namefirst']);
      $_POST['namemi'] = addslashes($_POST['namemi']);
      $_POST['type'] = addslashes($_POST['type']);
      $_POST['gender'] = addslashes($_POST['gender']);
      $_POST['course'] = addslashes($_POST['course']);
      
          }

    $insert = "INSERT INTO faculty (fusername, fpassword, fnamelast, fnamefirst, fnamemi, ftype, fgender, fcourse)
         VALUES ('".$_POST['username']."', '".$_POST['pass']."', '".$_POST['namelast']."', '".$_POST['namefirst']."', '".$_POST['namemi']."'
                  , '".$_POST['type']."', '".$_POST['gender']."', '".$_POST['course']."')";
    $add_member = mysql_query($insert);
    }
 
 if($typecheck2 == 0)
 
    {
     if (!$_POST['username'] | !$_POST['pass'] | !$_POST['pass2']| !$_POST['namelast']| !$_POST['namefirst']| !$_POST['namemi']
                | !$_POST['type']| !$_POST['gender']| !$_POST['course'] ) {
       die('You did not complete all of the required fields');
    }

    if (!get_magic_quotes_gpc()) {
       $_POST['username'] = addslashes($_POST['username']);
    }
   
   $usercheck = $_POST['username'];
    $check = mysql_query("SELECT fusername FROM faculty WHERE fusername = '$usercheck'")
      or die(mysql_error());
 
    $check2 = mysql_num_rows($check);

    if ($check2 != 0) {
       die('Sorry, the username '.$_POST['username'].' is already in use.');
             }

    if ($_POST['pass'] != $_POST['pass2']) {
       die('Your passwords did not match. ');
    }

    $_POST['pass'] = md5($_POST['pass']);

    if (!get_magic_quotes_gpc()) {
       $_POST['pass'] = addslashes($_POST['pass']);
       $_POST['username'] = addslashes($_POST['username']);
      $_POST['namelast'] = addslashes($_POST['namelast']);
      $_POST['namefirst'] = addslashes($_POST['namefirst']);
      $_POST['namemi'] = addslashes($_POST['namemi']);
      $_POST['type'] = addslashes($_POST['type']);
      $_POST['gender'] = addslashes($_POST['gender']);
      $_POST['course'] = addslashes($_POST['course']);
      
          }

    $insert = "INSERT INTO students (username, password, namelast, namefirst, namemi, type, gender, course)
         VALUES ('".$_POST['username']."', '".$_POST['pass']."', '".$_POST['namelast']."', '".$_POST['namefirst']."', '".$_POST['namemi']."'
                  , '".$_POST['type']."', '".$_POST['gender']."', '".$_POST['course']."')";
    $add_member = mysql_query($insert);
   
    }

    ?>
 
    <h1>Registered</h1>
    <p>Thank you, you have registered - you may now login</a>.</p>

    <?php
 }
    else
 {   
    ?>
 
 <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
 <table border="0">
 <tr><td>Username:</td><td>
 <input type="text" name="username" maxlength="60"><br /><br />
 </td></tr>
 <tr><td>Password:</td><td>
 <input type="password" name="pass" maxlength="10"><br /><br />
 </td></tr>
 <tr><td>Confirm Password:</td><td>
 <input type="password" name="pass2" maxlength="10"><br /><br />
 </td></tr>
</td></tr>
 <tr><td>Name:</td><td>
 <input type="text" name="namelast" maxlength="15">
  <input type="text" name="namefirst" maxlength="15">
   <input type="text" name="namemi" maxlength="15"><br />   
   Last&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
   &nbsp;&nbsp;&nbsp;First&nbsp;&nbsp;
   &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Middle Name<br /><br />
 </td></tr>
 <tr><td>Course:</td><td>
 <select name= "course">
       <option value="na">---N.A.----</option>
      <option value="bscs">B.S. Computer Science</option>
      <option value="bsit">B.S. Information Technology</option>   
        <option value="bsba">B.S. Business Administration</option>   
   </select><br/><br /><br />
<tr><td>Gender:</td><td>
 <select name= "gender">
      <option value="Male">Male</option>
      <option value="Female">Female</option>   
   </select><br/><br /><br />
 </td></tr>
 <tr><td>Type of Account:</td><td>
 <select name= "type">
      <option value="student">Student</option>
      <option value="teacher">Teacher</option>   
   </select><br/><br /><br />
 </td></tr>
 
  <tr><th colspan=2><input type="submit" name="submit" value="Register"></th></tr> </table>
 </form>

 <?php

 }
 ?>   </div>
vinsux
New php-forum User
New php-forum User
 
Posts: 9
Joined: Wed Jun 20, 2012 6:26 am

Re: NEED HELP ABOUT THIS CODE.. PLEASE PLEASE PLEASE

Postby egami » Wed Jun 20, 2012 9:02 am

What are you trying to do?

clean it up a bit..

Code: Select all

$mandatory 
= array('username','pass','pass2','namelast','namefirst','namemi','type','gender','course');

foreach(
$mandatory as $k => $v) { 
  if (!isset(
$_POST[$v])) { 
     
$error['isset'][$v] = "$v must be set.";
  } else { 
      if (
$_POST[$v] == '') {
        
$error['empty'][$v] = "$v cannot be empty.";
      } else { 
          
$_POST[$v] = trim(mysql_real_escape_string(strip_tags($_POST[$v])));
      }
  }
}

 


That's just to clean your vars..


Next:
What's this trying to do????
$tcheck2 = mysql_query("SELECT type FROM students, faculty WHERE type = '$typecheck'")
or die(mysql_error());

I'm a little dense on Wednesdays, so help me out a little..
What are you pulling from that table that you don't already know?

if your $_POST['type'] is 2, and you're querying the database for the number 2? or 1? or whatever the number is? This query isn't doing anything for you from what I can tell.

Then, if your number of rows returned then you decide on that number what the rest of your script does, which I don't believe is what you want it to do. I think you're trying to have a login form combined with a registration form, which is bad practice. Seperate the two, and you'll be much happier.
User avatar
egami
php-forum GURU
php-forum GURU
 
Posts: 2196
Joined: Wed Oct 06, 2010 11:19 am
Location: Happy Valley, UT


Return to mySQL & php coding

Who is online

Users browsing this forum: No registered users and 2 guests

Sponsored by Sitebuilder Web hosting and Traduzioni Italiano Rumeno and antispam for cPanel.