This registration form worked like a charm for months. I have changed nothing. Now, it gets through all the conditionals of duplicate name, email, and the password check, and then fails to INSERT mysql and returns the "An error has occurred. Your account was not created." I don’t see why. Has syntax changed or what?
<div id="backdrop"></div>
<div id="register">
<img src="http://www.staketheclaim.com/wp-content/themes/retlehs-roots-c526a84/dropbox/2012/rotate/header<?php echo(rand(1,4)); ?>.png" style="margin-left: -25px;margin-top: -20px;" />
<div id="regi" style="width:400px;float: right;">
<?php
if ($username && $userid) {
echo "<div id='log-re' style='margin-left: 6px;width: 413px;'><h2>You must logout to register a new account. Not your Account?</h2>" . "<br /><br /><div id='cta'><a href='http://www.staketheclaim.com/logout/' class='button' style='padding-left: 36px;font-size: 24px;top: 2px;right: -160px;'>Logout Now</a></div></div>";
}
else {
if ($_POST['registerbtn']) {
$getuser = $_POST['user'];
$getemail = $_POST['email'];
$password = $_POST['pass'];
$getretypepass = $_POST['retypepass'];
if ($getuser) {
if(strpos($getuser, ' ') > 0 == false ){
if ($getemail) {
if ($password) {
if ($getretypepass) {
if ( $password === $getretypepass) {
if ( (strlen($getemail) >= 7) && (strstr($getemail, "@")) && (strstr($getemail, "."))){
require("base.php");
$query = mysql_query("SELECT * FROM users WHERE username='$getuser'");
$numrows = mysql_num_rows($query);
if ($numrows == 0) {
$query = mysql_query("SELECT * FROM users WHERE email='$getemail'");
$numrows = mysql_num_rows($query);
if ($numrows == 0) {
$password = md5(md5("ss3verds4g".$password."ss357rd5sg"));
$date = date("F d Y");
$code = md5(rand());
$bio = "Bio";
$location = "Location";
mysql_query("INSERT INTO users VALUES (
'','$getuser', '$password', '$getemail', '0', '$code', '$date', '$bio', '$location', '1'
)");
$query = mysql_query("SELECT * FROM users WHERE username='$getuser'");
$numrows = mysql_num_rows($query);
if ($numrows == 1){
$site = "http://www.staketheclaim.com";
$webmaster = "noreply <noreply@staketheclaim.com>";
$headers = "From: $webmaster";
$subject = "Activate Your Account";
$message = "Thanks for registering. Click the link below to activate your account.\n";
$message .= "$site/activate/?user=$getuser&code=$code\n";
$message .= "You must activate your account to login.";
if (mail($getemail, $subject, $message, $headers )) {
$errormsg = "You have been registered. You must activate your account from the activition link send to <b>$getemail</b>.";
$getuser = "";
$getemail = "";
}
else
else
$errormsg ="An error has occured. Your account was not created.";
}
else
$errormsg ="Their is already a user with that email.";
}
else
$errormsg ="Their is already a user with that username.";
mysql_close;
}
else
$errormsg = "You must enter a valid email address to register.";
}
else
$errormsg = "Your passwords did not match.";
} else
$errormsg = "You must retype you password to register.";
} else
$errormsg = "You must enter a password to register.";
} else
$errormsg = "You must enter you email to register.";
} else
$errormsg = "Your username cannot have any spaces.<br />";
} else
$errormsg = "You must enter a username to register.<br />";
} $form = "<form action='' method='post' style='margin-top:-20px;'>
<h2>Sign up for StakeTheClaim™.<br /> It's free!</h2>
<br />
<font color='red'>$errormsg</font>
<br />
<br />
Username:
<br />
<input type='text' name='user' value='$getuser' style='' />
<br />
<br />
Email:
<br />
<input type='text' name='email' value='$getemail' />
<br />
<br />
Password:
<br />
<input type='password' name='pass' value='' />
<br />
<br />
Re-Password:
<br />
<input type='password' name='retypepass' value='' />
<br />
<input type='submit' name='registerbtn' value='Register' />
</form>";
echo $form;
}
?></div></div>
It is possible this is a mysql data type issue (well, limit really). You say it fails on
updatebut I’m only seeing aninsertstatement.What are the column types on the table
userswhere the insert is being run?Basically, if you reach the limit of the column type, the insert will fail. This would be consistent with what you have said.
Edit: Also, PHP is depreciating
mysql_*calls. Shift to eithermysqli_*or another alternative likePDO. The shift tomysqlifor this code would be easy, but then your code needs for a full review, it is full of issues. What version of PHP are you running?