Home/ Questions/Q 7626877
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-31T05:23:06+00:00

(This is my first try with php) I have a very basic register page.

  • 0

(This is my first try with php)

I have a very basic register page.
http://graves-incorporated.com/test_sites/member_test/register/register.php

* I just remembered PHP code doesn’t show up in the source so here it is:

enter code here
<?php
include('connection.php');

if(isset($_POST['form'])){
    if(empty($_POST['username']) || empty($_POST['password']) || empty($_POST['conf_pass']) || empty($_POST['email'])){
        echo '<b>Please fill out all fields.</b>';

    }elseif($_POST['password'] != $_POST['conf_pass']){
        echo '<b>Your Passwords do not match.</b>';
    }else{
        $url = 'http://graves-incorporated.com/test_sites/plantation_park_2012/';
        echo '<META HTTP-EQUIV=Refresh CONTENT="2; URL='.$url.'">';
        echo '<b>Congrats, You are now Registered.</b>';
        mysql_query("INSERT INTO users VALUES(NULL, '$_POST[username]', '$_POST[password]', '$_POST[email]')");     
    }
}
?>

I want to make sure I don’t get duplicate users and/or email addresses in the database. I set up a Unique Key in MySQL for Username and Email, which prevents it, but the user on the actual form doesn’t know that, it still tells them “Congrats, you are signed up” or whatever it says… haha

So what can I add to the php code (and where in the code) that would prevent this?

Thanks for helping this major noob,
Dan Graves

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team
    <?php
include('connection.php');

if(isset($_POST['form'])){
    if(empty($_POST['username']) || empty($_POST['password']) || empty($_POST['conf_pass']) || empty($_POST['email'])){
        echo '<b>Please fill out all fields.</b>';

    }elseif($_POST['password'] != $_POST['conf_pass']){
        echo '<b>Your Passwords do not match.</b>';
    }else{

        $dup = mysql_query("SELECT username FROM users WHERE username='".$_POST['username']."'");
        if(mysql_num_rows($dup) >0){
            echo '<b>username Already Used.</b>';
        }
        else{
            $url = 'http://graves-incorporated.com/test_sites/plantation_park_2012/';
            echo '<META HTTP-EQUIV=Refresh CONTENT="2; URL='.$url.'">';

            $sql = mysql_query("INSERT INTO users VALUES(NULL, '$_POST[username]', '$_POST[password]', '$_POST[email]')");     
            if($sql){
                 echo '<b>Congrats, You are now Registered.</b>';
            }
            else{
                echo '<b>Error Registeration.</b>';
            }
        }
    }
}
?>
    • 0