Welcome to the Virtual Pet List Community

Wanting to join the rest of our members? Feel free to sign up today. It is completely free and one of the most positive communities on the web! Come and join the fun!

Join VPL Today!
  1. Virtual Pets

    Welcome to the Virtual Pet list forum!

    We're a Virtual Pets and Sim Games Community. We have a lot of Virtual Pet Sites Owners and Sim Games Owners that frequently visit, along with Artists, Writers and Programmers that come here looking for work and games to work for. Our Artists sell art in our Art Marketplace and Programmers are allowed to sell scripts in the Programming Marketplace. We've been opened since 2011 and since then we've grown to well over 212k posts and almost 5k members. What are you waiting for, why don't you join today?

    Our List of Virtual Pet Sites has a lot of Sim Games listed as well. You are more than welcome to check out our directory of sites and find a new game to play. If you're still curious about a game to play, you can check out some of our Game Reviews and Interviews with Coders, Artists, Writers and Game Owners of the industry.
  2. Have you read and commented on any of our Interviews or Reviews yet?
    Are you ready for the return of Teripets?
    Paladore - Boopets - Icepets
    Virtual Pet Directory
    join mycena cave!

Starting a petsite - a basic registration page

Discussion in 'Guides' started by spektyr, Sep 11, 2011.

  1. spektyr
    Offline

    spektyr New Member VPL Member

    Joined:
    Mar 14, 2011
    Messages:
    51
    Likes Received:
    7
    Trophy Points:
    0
    This article is the first in a series of writing a basic pet site. The series is about writing a basic user system - the registration page, the login/logout pages, the user’s profile, avatars (basic animated form avatars; not human) and so on. It will cover the administrative side of pet sites as well, including warning, suspending, and banning users. I assume no knowledge of HTML or PHP/MySQL. I give partial code along the way, as well as the full code listing at the end of each article.

    As this is the very first article, let's start your site with a quick sketch of the required files.

    The Header
    This file is included at the top of all your files. It should look for and examine the user's cookie, display banners and layout images, sidebar links, and set commonly used variables related to the user or the user's environment. Anything which repeats on all pages should be defined and/or added to the page via the header.

    The Footer
    The footer closes the div (or table) of your main page and adds anything you want to show up at the bottom of all your pages.
    *NOTE: To use an analogy, your site is like a sandwich. All sandwiches consist of are ingredients between two slices of bread. For this analogy, all sandwiches have bread which encompasses the middle, keeping it in its place and forming a delicious environment for the ingredients. The header and footer are the same way. Together they create a template for the web page, whatever the contents are, to live. While the analogy falls down when you consider different types of bread, the basic idea stands.

    The Access file
    Often called access.inc.php, this file manages your database connection. It stores information separately from the header for several reasons:
    • You may need to give someone the header - a contract coder or layout artist - who does not need to see the password for your database.
    • Some files such as cron jobs should not load the entire header, but still need to connect to the database. While you can maintain the database information in both the header and a separate file, it is obviously cleaner and easier to maintain if the information resides in only one file.

    This file should be included in the header. The information in this file should like something like this:
    PHP:
    global $my_mysqli
    $my_mysqli 
    = new mysqli("localhost""your_user""your_password""_my_petsite");
    This information can most likely be obtained from tutorials about your hosting service.
    How to include files:
    PHP:
    require_once("inc/access.inc.php");
    This assumes that your included files (files that will be included in other files but not accessed directly by users) are put in one folder. In general, separating the two types of files is a good idea.

    Go ahead and create header.inc.php, footer.inc.php, and access.inc.php, and put them in a folder called "inc". Then create register.php and put it in the root folder, in the same folder that "inc" resides in. Using "require_once" include access.inc.php in your header, and both the header and footer in register.php. All PHP code needs to be surrounded by <?php and ?> tags. Don't worry if you don't understand what your files should look like. In a couple of steps I'll show you exactly what you should have.

    The Database
    Let's move on by creating a new database. This is the database that will store all of the information for your petsite, so name it something relevant. I'm guessing you'll want users, so go ahead and create a `users` table. Rule of thumb: Tables contain multiple rows, and so should be plural. Columns, on the other and, contain only one piece of information per row (in a well designed database, anyway), and so should be singular.

    For now, we'll stick with very simple information about each user: id, username, password, and email. Here's how to lay them out:
    id = int(11) // a typical size, set it to auto-increment
    username = varchar (32) // make it as long as you want usernames to be allowed to be
    password = varchar(64) // this is the length of the hash we're going to be using
    email = varchar(50) // or however long you think emails are going to be

    Go ahead and make the username column unique. If you don't want emails to be used more than once, make the email column unique as well.

    The Registration form - Step 1
    The first thing you'll need is a registration form. This tutorial will be far simpler if you are familiar with HTML, but in case you aren't I'll explain forms. A form has a beginning form tag and an ending form tag:
    HTML:
    <form action="register.php" method="post">
    </form>
    The action is the page the form will request to be loaded when the submit button is clicked. The form will pass all of the information that is entered into the &lt;input /&gt; fields. (w3schools, for more information: http://www.w3schools.com/html/html_forms.asp)
    Here is the registration form we'll work with:
    HTML:
    <form action="register.php" method="post">
    Username: <input type="text" name="user_name" /><br />
    Password: <input type="password" name="pass_1" /><br />
    Retype password: <input type="password" name="pass_2" /><br />
    Email: <input type="text" name="user_email" /><br />
    <input type="submit" name="register" value="Register!" /><br />
    </form>
    Go ahead and put this html in register.php.
    Here is what all of your files should look like: www.leslieapland.org/tutorial/1/step1/

    *Notice the "/>" at the end of the inputs: it's short form for &lt;/input&gt;. We do the same thing with the &lt;br / &gt; statement. Notice I didn't do it for the form tag because the form tag has an end tag.

    *When you add the "value" field, the field takes that text. Our submit button says "Register!", which is what you see on the page when you load "register.php". If you added a default value to the username input field, the field would have the default text you entered and the user would have to delete it before they entered their chosen username.

    So right now when you click the button, nothing happens. Great! Nothing is supposed to happen. We'll use this same file to process the user's submitted information, so first we need to separate the form into a different section. Right now it's the only thing in the file, but we want to add form checking code - but only run it if the form's button has been clicked. How do you know when the button has been clicked? We can access the variables submitted through method="post" and method="get" by using the super global arrays $_POST and $_GET respectively.

    ASIDE: We use "POST" as the method of sending because the data is creating a new user. When either creating, updating, or deleting data, use POST. When searching for or displaying data, use GET. When you use GET, the variables will be displayed in the url in a manner you're probably familiar with: register.php?id=1&user=you. GETs should be idempotent - that is, do the same thing every time. For example, deleting an object can only happen once. So if you hit the url delete_user.php?id=1, the first time you went there a user would be deleted. The following times something else would happen, such as getting a message that the user had already been deleted. So in the case of deleting use POST, while in the case of viewing a user’s profile, which changes no data, use GET.

    Try printing your post array to see what it looks like. Put
    PHP:
    <?php var_dump($_POST?>
    at the top of the page. When you first go to the page you see an empty array. Fill out and submit the form. Check out the POST array now. You can see that there is a variable called "register" and it's value is "Register!" That's the register button.

    So I said that we're going to have the "display a form" and the "submit the form" sections? To divide our code into two sections we'll use the "register" variable. If the variable is set, we'll examine the submitted user data. Otherwise, we'll display the register form:
    PHP:
    <?php
    if(isset($_POST['register'])) {
        echo 
    "Here are some variables: <br />";
        
    var_dump($_POST);
    } else {
        
    // the form
    }
    ?>
    Make sure that this works for you, then let's move on.

    Now that you have the basic framework, I'll show you how to the following things:
    1. Check that the user has entered all fields in the form
    2. Add the submitted user to the database
    3. Check the username for security/MySQL injection
    4. Check if the username is taken
    5. Check the length of the username and password
    6. Check the email for correct email formatting using regular expressions
    7. Compare, salt, and hash passwords

    1. Check that the user has entered all fields in the form
    You saw the method isset() earlier, which is used to check whether a variable has been set. Now we’re going to use “empty()†to check if a variable is an empty string, false, NULL, 0, or the string “0†(http://php.net/manual/en/function.empty.php). If we want to know whether the user’s usenrame, email, or password is empty, we do this:
    PHP:
    // Error checking
    $error_msg "";
    if(empty(
    $_POST['user_email'])) {
        
    $error_msg .= "You have not entered your email!<br />";
    }
    if(empty(
    $_POST['user_name'])) {
        
    $error_msg .= "You have not entered your username!<br />";
    }
    if(empty(
    $_POST['pass_1']) || !isset($_POST['pass_2'])) {
        
    $error_msg .= "You have not entered your both of the password fields!<br />";
    }

    echo 
    $error_msg;
    var_dump($_POST);
    Put this code at the top of your if statement.

    Run this code and make sure that it does not throw any errors, and that when you leave a field (or multiple fields) blank, it throws the correct errors.

    2. Add the submitted user to the database
    This part is very simple. I'm going to show you, very basically, with no security considerations, how to create a new user. Since we know the user entered all the fields, all we need is the mysqli query. Put this in the if statement below the error checking fields.
    PHP:
    if(!$error_msg) {
            
    $success $my_mysqli->query("INSERT INTO `users` (`username`, `password`, `email`) 
                    VALUES ('
    $_POST[user_name]', '$_POST[pass_1]', '$_POST[user_email]')");
            if(
    $success) {
                    echo 
    "You have registered successfully!<br />";
            } else {
                    echo 
    "Your registration failed: $my_mysqli->error<br />";
            }
    }
    There! You have a new user (unless your query failed, in which case the error should give you a place to start).
    Here is what your registration page should look like after these steps: http://www.leslieapland.org/tutorial/1/step2/register.txt

    3. Check the username for security/MySQL injection
    Typically, usernames are allowed to have numbers, letters, and underscores. I'm going to stick to that and show you a simple little regular expression (regex)(http://www.regular-expressions.info/) that will check the username for us.
    PHP:
    $user_name $_POST['user_name'];
    $user_email $_POST['user_email'];

    if (
    preg_match('/[^A-Za-z0-9_]/'$user_name)) {
        
    $error_msg .= "Usernames can only contain letters, numbers, and the underscore character.<br />";
    }
    Put this code after the code in Step 1.

    4. Check if the username exists already
    Finally we get to something interesting. Chances are you want your users to have unique usernames. First we select from the `users` table on the username column. Then we check if there are any rows returned. A returned row tells us that the username is already in use. If no rows are returned, the user is in the clear.
    PHP:
    $duplicate_name $my_mysqli->query("SELECT `id` FROM `users` WHERE `username` = '$user_name'");
    if(
    $duplicate_name->num_rows) {
        
    $error_msg .= "The username $user_name already exists. Please choose another one.<br />";
    }
    5. Check the length of the username and password
    You may want to impose a limit - minimum and maximum - on the length of the username and password. It's fairly simple to do so with the function strlen(). Just pass it a string, and it will return the string’s length as an integer. To check if a username is at least 3 characters long, you'll write:
    PHP:
    if(strlen($user_name) < 3) {
        
    $error_msg .= "Usernames must be at least 3 characters in length.<br />";
    }
    To make sure the username is no more than 32 characters, our maximum size in the table, do this:
    PHP:
    if(strlen($user_name) > 32) {
        
    $error_msg .= "Usernames can only be 32 characters in length.<br />";
    }
    Although there is no way to force a user to make smart password choices, I suggest requiring that their password be at least 8 characters. I'll let you write that check yourself. You don't need to limit the password. All lengths of password will turn into 64 characters once the password is hashed.
    Here’s approximately what your register.php file should look like now: http://www.leslieapland.org/tutorial/1/step3/register.txt

    6. Check the email for correct email formatting using regular expressions
    Let’s search around for a good email regex. I'm going to borrow this one from http://www.regular-expressions.info/email.html.
    If you are familiar with regex, you're welcome to write your own.
    We'll test is using the preg_match function (regular expression matching):
    PHP:
    if (!preg_match('/^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]+$/'$user_email)) {
        
    $error_msg .= "The email you entered is not a real email!<br />";
    }
    7. Compare, salt, and hash passwords
    Security is a touchy subject. Many people will disagree about how to salt and hash your passwords, and you're welcome to listen to any of them.

    PHP provides many methods for hashing passwords. MD5 is very common, and also very crackable. Do not use it. I'm going to use SHA256 with a salt (SHA-1 is generally considered insecure). It will work decently for what we are doing.

    A salt is added randomness to your function. Large tables with commonly used passwords and their hashed counterparts can be built using a hashing function such as SHA256 or MD5.
    Just input "pony" and out comes 2629fb6d2384da89796a4811ef6db5f2ac657bab - every time. So if you see the hash 2629fb6d2384da89796a4811ef6db5f2ac657bab, you'll say "hey! The password is "pony"! No need to crack the function. (http://www.sha1hash.com/)
    If an attacker gains access to a hashed password, instead of attempting to crack the hash with shear computing power, they can look up the hash in a hash table which corresponds hashes to their words. This is called a dictionary attack. Adding a salt to your password is a good idea because it changes the resulting hash, rendering dictionary attacks useless.

    In this case I've decided to use the username as the salt. You may decide to use something less prominent, such as the user's email, or even the timestamp the account was created with. I prefer the timestamp because it will never be changed. Be careful when choosing to use a value that will change over time, because when the salt does change you'll need to re-hash and store the password each time.

    Here we check that the passwords are the same and hash the password if they are:
    PHP:
    $pass_1 $_POST['pass_1'];
    $pass_2 $_POST['pass_2'];
    if (
    $pass_1 != $pass_2) {
        
    $error_msg .= "The passwords you entered do not match!<br />";
    } else {
        
    $pass_1 hash("sha256"$pass_1.$user_name);
    }
    Notice we use the period "." to concatenate two strings. The "+" operator is reserved for adding numbers.

    Here’s the code you should have now: http://www.leslieapland.org/tutorial/1/step4/register.txt

    Finishing up
    Now we have a few loose ends to tie up. If any of these checks fail, the user should be returned to their registration form with the relevant error messages, and the query to create a new user should not be run. If there are any errors we want to display the form again. We currently display the form once already - when the user firsts visits the registration page. Now we want to display it a second time, but only if the checks fail. Instead of copying and pasting the form, we will separate it out into a method and call the method twice. Here's the code to do that:
    PHP:
    if(isset($_POST['register'])) {
        // register checking code here
    } else {
        // form was previously here; now we call the form:
        displayForm();
    }

    /**
    * Displays the registration form
    */
    function displayForm($username = "", $email = "") { ?>
        <form action="register.php" method="post">
        Username: <input type="text" name="user_name" value="<?=$username ?>" /><br />
        Password: <input type="password" name="pass_1" /><br />
        Retype password: <input type="password" name="pass_2" /><br />
        Email: <input type="text" name="user_email" value="<?=$email ?>" /><br />
        <input type="submit" name="register" value="Register!" /><br />
        </form>
        <?php
    }
    The $username = "" means that if that parameter is not passed when calling the function, the value is the empty string. We do this for the second place we call the function, where we want to pass the username the user already entered as well as their email. This inserts those values into the form in the appropriate places and prevents the user from having to retype those values.
    PHP:
    if(!$error_msg) {
          
    // code to insert user data into table
    } else {
        echo 
    $error_msg;
        
    displayForm($user_name$user_email);
    }
    Here’s the finished code: http://www.leslieapland.org/tutorial/1/step5/register.txt
    We're finished! Run through the entire process of creating a new user and check the database to make sure that one was created.

    Look for my next tutorial where I'll be walking you through building login and logout scripts!
    kaiizzle and FlyingApe like this.
    join misticpets, support vpl
  2. spektyr
    Offline

    spektyr New Member VPL Member

    Joined:
    Mar 14, 2011
    Messages:
    51
    Likes Received:
    7
    Trophy Points:
    0
    I found a couple of bugs, and have fixed them. Updated source here: http://www.leslieapland.org/tutorial/1/bugfix1/register.txt

    First, while I did say to do ...value="<?=$username ?>"... in the tutorial, I managed to leave it out of registration.txt.

    Second, the database insertion query was never updated from using the values passed via POST (VALUES ('$_POST[user_name]', '$_POST[pass_1]', '$_POST[user_email]')) to the sanitized and hashed values (VALUES ('$user_name', '$pass_1', '$user_email')).
  3. Romany
    Offline

    Romany New Member VPL Member

    Joined:
    Feb 25, 2012
    Messages:
    524
    Likes Received:
    30
    Trophy Points:
    0
    This is really, really helpful, even if you aren't planning on creating a petsite!
  4. Drea
    Offline

    Drea Approved Artist Approved Artist Approved Writer VPL Member

    Joined:
    Jan 28, 2011
    Messages:
    3,032
    Likes Received:
    56
    Trophy Points:
    58
    Location:
    California, USA
    Very good for learning. : ) Thanks.
  5. Citadel
    Offline

    Citadel Approved Artist Approved Artist VPL Member

    Joined:
    Jan 12, 2012
    Messages:
    364
    Likes Received:
    28
    Trophy Points:
    38
    Thank-you so much <3 I can pick this apart and learn from it now :D When you sign in though does the login disapear and replace with all your information and such? Or must that be coded? :p
  6. Don Relentless
    Offline

    Don Relentless Member VPL Member

    Joined:
    Oct 26, 2011
    Messages:
    217
    Likes Received:
    18
    Trophy Points:
    18
    Location:
    England
    Hey there,

    this is a great start for anyone out there intending to create a VPS.

    Just one thing -

    *Notice the "/>" at the end of the inputs: it's short form for < / input>. We do the same thing with the < br / > statement. Notice I didn't do it for the form tag because the form tag has an end tag.

    There is no such tag '< / input >' or even '< / br >'. The reason for the trailing slash in the elements is to comply with XHTML standards. Before XHTML, you could simply do < input type="submit" name="" value="" > or < br > (w/o the spaces)

    Oh and one other thing that could be handy -> In the form, instead of creating a method just to shown the form, just allow it to have the post data as the default values :-
    PHP:
    print '<form action="register.php" method="post">
        Username: <input type="text" name="user_name" value="$_POST['
    user_name']" /><br />
        Password: <input type="password" name="pass_1" /><br />
        Retype password: <input type="password" name="pass_2" /><br />
        Email: <input type="text" name="user_email" value="$_POST['
    user_email']" /><br />
        <input type="submit" name="register" value="Register!" /><br />
        </form>'
    ;
    Obviously since when the form is first viewed, there is no data there, meaning it will just be blank, and any additional views once attempting to submit will mean the data is there. We dont need to worry about providing the 'cleaned' data in the form, since it will be re-cleaned when submitted.

    I hope I have helped :)

    Im looking forward to the next tutorial!
  7. JohnMaguire2013
    Offline

    JohnMaguire2013 New Member VPL Member

    Joined:
    Feb 28, 2012
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Ann Arbor, MI
    I noticed you used short tags (&lt;?= $variable ?&gt;.) These days, using short tags is not recommended because a) many servers don't support them, and it's a pain to update all the code, and b) they conflict with XML headers. Instead you should use &lt;?php echo $variable; ?&gt;
  8. spektyr
    Offline

    spektyr New Member VPL Member

    Joined:
    Mar 14, 2011
    Messages:
    51
    Likes Received:
    7
    Trophy Points:
    0
    Thanks for your feedback, guys! I really appreciate it!

    You are absolutely correct. I should have looked that up before writing that!
    For the curious: http://www.w3.org/TR/html401/interact/forms.html#h-17.4


    First, using a function is better since you need to repeat basically the same code more than once.

    Second, and most important, this is a bad idea. What you're suggesting is to access an element of the POST array that doesn't exist. While PHP *appears* to handle it gracefully, this is considered very bad practice and will crash if attempted in a less forgiving programming language (that is, just about every other language). If you think PHP is failing silently then you clearly don't have E_WARNING turned on, and you really should on a development server.
    More info: http://php.net/manual/en/function.error-reporting.php


    You are correct. I'll be sure to fix that in my future guides.


    By the way, the second guide is here: http://www.virtualpetlist.com/showthread.php/7577-Starting-a-petsite-Log-in-and-Logout
    Last edited: Feb 28, 2012
  9. Don Relentless
    Offline

    Don Relentless Member VPL Member

    Joined:
    Oct 26, 2011
    Messages:
    217
    Likes Received:
    18
    Trophy Points:
    18
    Location:
    England


    No problem for the feedback :)

    I guess it could be considered a bad practice :p Either way, I dont think this is a major issue when programming in PHP.

    *goes to read next tutorial*
  10. Hituro
    Offline

    Hituro VPL Supporter Pet Game Owner VPL Supporter VPL Member

    Joined:
    Feb 1, 2011
    Messages:
    1,386
    Likes Received:
    78
    Trophy Points:
    48
    Sure there is a warning, but it's a warning, not an error. Saying that it's bad to use uninitialized array keys in PHP because it's bad in (or an error) in other languages doesn't really make sense, because it's a feature of PHP that you can do that, and why not make use of the language features available, especially in the case of quality of life improvements. After all, in many other languages it would be an error not to declare your array first before adding values, but that doesn't make it an error to do so in PHP
  11. gabzo
    Offline

    gabzo Member VPL Member

    Joined:
    Mar 1, 2011
    Messages:
    674
    Likes Received:
    3
    Trophy Points:
    18
  12. indysolo621
    Offline

    indysolo621 Member VPL Member

    Joined:
    Feb 27, 2011
    Messages:
    1,395
    Likes Received:
    59
    Trophy Points:
    48
    Could you please provide the .php code?
  13. gabzo
    Offline

    gabzo Member VPL Member

    Joined:
    Mar 1, 2011
    Messages:
    674
    Likes Received:
    3
    Trophy Points:
    18
    access.inc.php
    PHP:
    <?php
    global $c_mysqli;

    $my_mysqli = new mysqli("mysql1.000webhost.com""a2910005_basic""My Password""a2910005_basic");
    ?>
    Footer.inc.php
    PHP:
    <?php

    ?>
    Header.inc.php
    PHP:
    <?php
    require_once("access.inc.php");
    ?>
    Register.php
    PHP:
    <?php
    require_once("inc/header.inc.php");

    if(isset(
    $_POST['register'])) {
        
    // Step 1
        
    $error_msg "";
        if(empty(
    $_POST['user_email'])) {
            
    $error_msg .= "You have not entered your email!<br />";
        }
        if(empty(
    $_POST['user_name'])) {
            
    $error_msg .= "You have not entered your username!<br />";
        }
        if(empty(
    $_POST['pass_1']) || !isset($_POST['pass_2'])) {
            
    $error_msg .= "You have not entered your both of the password fields!<br />";
        }

        
    // Step 3
        
    $user_name $_POST['user_name'];
        
    $user_email $_POST['user_email'];
        if (
    preg_match('/[^A-Za-z0-9_]/'$user_name)) {
            
    $error_msg .= "Usernames can only contain letters, numbers, and the underscore character.<br />";
        }

        
    // Step 4
        
    $duplicate_name $my_mysqli->query("SELECT `id` FROM `users` WHERE `username` = '$user_name'");
        if(
    $duplicate_name->num_rows) {
            
    $error_msg .= "The username $user_name already exists. Please choose another one.<br />";
        }

        
    // Step 5
        
    if(strlen($user_name) < 3) {
            
    $error_msg .= "Usernames must be at least 3 characters in length.<br />";
        }
        if(
    strlen($user_name) > 32) {
            
    $error_msg .= "Usernames can only be 32 characters in length.<br />";
        }

        if(
    strlen($pass_1) < 8) {
            
    $error_msg .= "Passwords must be at least 8 characters in length.<br />";
        }

        
    // Step 6
        
    if (!preg_match('/^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]+$/'$user_email)) {
            
    $error_msg .= "The email you entered is not a real email!<br />";
        }

        
    // Step 7
        
    $pass_1 $_POST['pass_1'];
        
    $pass_2 $_POST['pass_2'];
        if (
    $pass_1 != $pass_2) {
            
    $error_msg .= "The passwords you entered do not match!<br />";
        } else {
            
    $pass_1 hash("sha256"$pass_1.$user_name);
        }

        
    // Step 2
        
    if(!$error_msg) {
            
    $success $my_mysqli->query("INSERT INTO `users` (`username`, `password`, `email`)
                VALUES ('
    $user_name', '$pass_1', '$user_email')");
            if(
    $success) {
                echo 
    "You have registered successfully!<br />";
            } else {
                echo 
    "Your registration failed: $my_mysqli->error<br />";
            }
        } else {
            echo 
    $error_msg;
            
    displayForm($user_name$user_email);
        }
    } else {
        
    displayForm();
    }

    function 
    displayForm($username ""$email "") { ?>
        <form action="register.php" method="post">
        Username: <input type="text" name="user_name"  value="<?=$username ?>" /><br />
        Password: <input type="password" name="pass_1" /><br />
        Retype password: <input type="password" name="pass_2" /><br />
        Email: <input type="text" name="user_email" value="<?=$email ?>" /><br />
        <input type="submit" name="register" value="Register!" /><br />
        </form>
        <?php
    }

    require_once(
    "inc/footer.inc.php");
    ?>
    I replaced actual password by Mypassword so you can't have access.
    Last edited: Apr 14, 2012
  14. indysolo621
    Offline

    indysolo621 Member VPL Member

    Joined:
    Feb 27, 2011
    Messages:
    1,395
    Likes Received:
    59
    Trophy Points:
    48
    Move step 7 to before step 5. The issue is that you don't declare $pass_1 until step 7, but you are checking its length in step 5. Therefore it is checking a variable that isn't set yet, so its length will be 0.
  15. gabzo
    Offline

    gabzo Member VPL Member

    Joined:
    Mar 1, 2011
    Messages:
    674
    Likes Received:
    3
    Trophy Points:
    18
    Thanks it is working now.
  16. indysolo621
    Offline

    indysolo621 Member VPL Member

    Joined:
    Feb 27, 2011
    Messages:
    1,395
    Likes Received:
    59
    Trophy Points:
    48
    No problem, glad I could help.
  17. FlyingApe
    Offline

    FlyingApe Approved Artist Approved Artist VPL Member

    Joined:
    Jun 13, 2012
    Messages:
    117
    Likes Received:
    14
    Trophy Points:
    0
    For some reason this line shoots out an error for me
    PHP:
    $duplicate_name $my_mysqli->query("SELECT `id` FROM `users` WHERE `username` = '$user_name'"); 
    if(
    $duplicate_name->num_rows) { 
        
    $error_msg .= "The username $user_name already exists. Please choose another one."
    }  
    [EDIT]
    I fixed that error, but now I can't seem to access my phpadmin thing. I hate XAMPP. lol
    Last edited: Jun 20, 2012
  18. indysolo621
    Offline

    indysolo621 Member VPL Member

    Joined:
    Feb 27, 2011
    Messages:
    1,395
    Likes Received:
    59
    Trophy Points:
    48
    What error is it?
  19. FlyingApe
    Offline

    FlyingApe Approved Artist Approved Artist VPL Member

    Joined:
    Jun 13, 2012
    Messages:
    117
    Likes Received:
    14
    Trophy Points:
    0
    It's now an XAMPP related thing.
    I hate programs designed by programmers and not designers. haha
  20. judda
    Offline

    judda Bringer of Awesome Moderator Programming Moderator

    Joined:
    Jan 23, 2011
    Messages:
    1,398
    Likes Received:
    361
    Trophy Points:
    83
    What is the actual error message though, maybe we can help you.

    ~judda
Similar Threads
Forum Title Date
Guides Starting a petsite: Log in and Logout Dec 24, 2011
Guides Starting a pet site - User Profiles May 28, 2012
Guides Guide to starting out on Evodragon! Jan 24, 2012
Guides Petsite: The Planning Aug 8, 2011

Share This Page