PHP Help [Archive] - Cyber Tech Help Support Forums

View Full Version : PHP Help

GeordieJon

March 6th, 2007, 10:43 AM

Really struggling to create a php members website. Rookie when it comes to PHP/MySQL

what i need to create is:

new members registration page. (firstname,Surname,e-mail). once submit is clicked on the page, an e-mail will be sent to the new member with there username which is firstname and surname in uppercase without spaces i.e JOEBLOGGS, and password which is 7 characters in the form of ABCDCBA.

members logon page. once members are logged in, they can change there
password but must retain the 7 character format.

forgot password page. members type in there e-mail or username and they will be sent there password via e-mail

can anybody help me with these please ?

already done the HTML part of the pages, layout ect.

http://www.tmet02.co.uk/WebTech/testing/home.php

oracle128

March 6th, 2007, 11:47 AM

You've got a long way to go, and no one is going to do the rest for you, but here are some sources that might help.

Learn SQL (http://www.w3schools.com/sql/)
Learn PHP (http://www.w3schools.com/php/)
Connect PHP to MySQL (http://www.php-mysql-tutorial.com/index.php) (W3Schools also tutes on this, but I prefer and use this site's method)
PHP String to Uppercase (http://www.php.net/manual/en/function.strtoupper.php)
PHP Email (http://www.php.net/manual/en/function.mail.php)
PHP MD5 (http://www.php.net/manual/en/function.md5.php) (to encrypt the passwords before storing in the database)
PHP String Functions (http://php.net/strings) (for things like testing string length, restricting certain characters, etc)
Preventing SQL Injection Attacks (http://www.acunetix.com/websitesecurity/php-security-2.htm) - you MUST read and understand this before publishing any code which allows a user's input to interact with a database
SSL Tutorial (http://bignosebird.com/ssl.shtml) - If your users have sensitive data associated with their accounts, you MUST learn to use a secure connection with SSL. Otherwise, the very least you should do is use JavaScript MD5 hashing (http://pajhome.org.uk/crypt/md5/auth.html). This is better than leaving passwords in plain text, but not by a whole lot. JavaScript MD5 hashing does not need to be used with PHP MD5 hashing, because that would mean you're hashing it twice, which is redundant.

GeordieJon

March 6th, 2007, 05:45 PM

the creating the MySQL database is the part which is really confusing me.
How do i set it up ?.

The User is going to enter 3 pieces of Information (firstname,Surname, and E-Mail). But to log-in they use a Username which is firstname, and surname in CAPITALS with no space. and Password which is random, but can be changed once loged-in.

So how would i set my table up in MySQL.

firstname 'Not Null'
surname 'Not Null'
E-Mail 'Not Null'
Username
Password

degsy

March 6th, 2007, 06:49 PM

Here is a very good and extensive PHP tutorial
http://devzone.zend.com/node/view/id/625

Part 8 deals with databases

GeordieJon

March 10th, 2007, 08:00 PM

trying to do my Register page, but keep getting a White page. Can anybody see anything in my code which is wrong ??

<?php
$title="register";
include 'home.php';
$firstname=$_POST['firstname'];
$surname=$_POST['surname'];
$E-Mail=$_POST['E-Mail'];
if($Submit)
{
$msg="";
$sqlString="SELECT * FROM Members where E-Mail='$E-Mail'";
$result=mysql_query($sqlString) or die("could not retrieve $sqlString");
if($myrow=mysql_fetch_row($result) )
{
$msg="Sorry, this E-Mail address has already been registered. Please try again";
}
else
{
$sqlString = "INSERT INTO Members (firstname,surname,E-Mail,level)
VALUES('$firstname','$surname','$E-Mail',1)";
$result=mysql_query($sqlString) or die("Could not insert new record for $sqlString. Please try again ");
$msg="Registration successful";
} // end of else
} // end of submit

echo("<p> </p><h1 align='center'>$msg</h1>");
?>
 <script language='javascript'>
function validate(form)
{
var controls = form.length; for(c=0;c<controls;c++)
{
if ( (form[c].value.length==0 ) || (form[c].value==null) )
{
alert('Please complete' + form[c].firstname)
form[c].focus();
return false;
}
}
if(
!(
form.E-Mail.value.indexof(".") > 2)
&&
(form.E-Mail.value.indexof("@") > 0)
)
)
{
alert('E-Mail should be in the form ab@cd.com or ab.cd@de.ef.com');
form.E-Mail.focus()
return false;
}
if ( (form[c].value.length==0 ) || (form[c].value==null) )
{
alert('Please complete' + form[c].surname)
form[c].focus();
return false;
}
}
</script>
<link href="../../..//main_html/WebTech/testing/bg.css" rel="stylesheet" type="text/css">
<body>
<div id-'main id="main"'>
<p> </p>
<p> </p>
<p> </p>
<table width="200" align="center" bordercolor="#000000";" bgcolor="#e0f0ff">
<tr>
<td>
<form enctype="multipart/form-data" name="form1" method="post" action="register.php"
onsubmit="javascript:return validate(this)">
<div align="center"><b> Register as a Member</b><br>
<br>
Your Firstname<br>
<input name ="firstname" type="text" size="50">
<br>
Your Surname<br>
<input name ="surname" type="text" size="50">
<br>
Your E-Mail address<br>
<input name ="E-Mail" type="text" size="50">
<br>
<input name ="Submit" type="Submit" id="Submit" value="Submit">
<input name ="reset" type="reset" id="reset" value="reset">
</div>
</form>
</td>
<tr>
</table>
</div>
</body>
</html>

Buzz

March 10th, 2007, 08:14 PM

Blank pages generally mean you've missed a ' or " or . or , or ; or } or ) somewhere.

in this case, you need to concatenate the variable in your final php echo string.

echo '<p> </p><h1 align="center">'.$msg.'</h1>';

Note how the ' are escaped before and after the variable and a . in inserted.

GeordieJon

March 10th, 2007, 09:18 PM

Buzz

March 10th, 2007, 09:23 PM

Then look for missing characters as I posted before.

All I can note from what you pasted above is there's no DOCTYPE, no opening head tag, no title tag, no opening html tag.

Honestly, I'm not going to go through and fix your entire code, you need to do a little work yourself.

I also note that this line:

$result=mysql_query($sqlString) or die("could not retrieve $sqlString");

is formatted incorrectly with a variable inside double quotes.

Corrected:

$result=mysql_query($sqlString) or die("could not retrieve ". $sqlString);

GeordieJon

March 10th, 2007, 09:26 PM

yes, as they are included in the home.php file

<?php
session_start();
include 'dbconnect.php';
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Basketball 4 All<?php echo$title ?></title>
<link href="bg.css" rel="stylesheet" type="text/css">
<style type="text/css">

</style>
<script language="JavaScript" type="text/JavaScript">

</script>
</head>

<body>
<div id="heading" style="position:absolute; width:699px; height:99px; z-index:4; left: 291px; top: 1px;">
<p align="center"> </p>
<p align="center"><strong>BASKETBALL 4 ALL </strong></p>
</div>
<div id ='logo'><img src="BASKETBALL4ALLlogo.png" alt='picture of Basketball 4 All logo' height ='265' width ='265'></div>
<div id = 'menu'>
<p align="center" class ='hiddenDiveders'>
<br>
<a class ='top' href="home.php"> Home </a><br>
<br>
<a class ='top' href="register.php"> Not a Member ? ...Register Here </a><br>
<br>
<a class ='top' href="memberslogin.php">Members Login </a><br>
<br>
<a class ='top' href="forgotpassword.php">Forgot Password </a><br>
<br>
<a class ='top' href="../../index.html">www.tmet02.co.uk </a><br>
<br>
</p>
</div>

GeordieJon

March 10th, 2007, 11:00 PM

working now. not put the password in, or the registered member to be sent his username and password by email yet, 1 thing at a time.

the thing that does not seem to be working is the vaidation of the email on my form. at present you can type anything in there .. i.e abcd , and it will accept it, uless it is already in use and then it says already registered, please try again.