www.webdeveloper.com
Results 1 to 3 of 3

Thread: Help editing a php code.

  1. #1
    Join Date
    Apr 2014
    Posts
    11

    Help editing a php code.

    Hi!
    I need help to add fields in a userregistation code, the "extra" fields dont have to be saved in the same database table.
    Other members should not see all of the "extra fields".

    Can someone help me to add fields into this form, i also need some validations.

    Here is the code:
    PHP Code:
    <?php

    $_language
    ->read_module('register');

    eval(
    "\$title_register = \"".gettemplate("title_register")."\";");
    echo 
    $title_register;
    $show true;
    if(isset(
    $_POST['save'])) {

        if(!
    $loggedin){
            
    $username mb_substr(trim($_POST['username']), 030);
            
    $nickname htmlspecialchars(mb_substr(trim($_POST['nickname']), 030));
            
    $pwd1 $_POST['pwd1'];
            
    $pwd2 $_POST['pwd2'];
            
    $mail $_POST['mail'];
            
    $CAPCLASS = new Captcha;
            
            
    $error = array();
              
          
    // check nickname
            
    if(!(mb_strlen(trim($nickname)))) $error[]=$_language->module['enter_nickname'];
          
          
    // check nickname inuse
            
    $ergebnis safe_query("SELECT * FROM ".PREFIX."user WHERE nickname = '$nickname' ");
            
    $num mysql_num_rows($ergebnis);
            if(
    $num$error[]=$_language->module['nickname_inuse'];
          
          
    // check username
              
    if(!(mb_strlen(trim($username)))) $error[]=$_language->module['enter_username'];
            elseif(
    mb_strlen(trim($username)) > 30 $error[]=$_language->module['username_toolong'];
          
          
    // check username inuse
            
    $ergebnis safe_query("SELECT * FROM ".PREFIX."user WHERE username = '$username' ");
            
    $num mysql_num_rows($ergebnis);
            if(
    $num$error[]=$_language->module['username_inuse'];
          
          
    // check passwort
            
    if($pwd1 == $pwd2) {
                if(!(
    mb_strlen(trim($pwd1)))) $error[]=$_language->module['enter_password'];
            }
            else 
    $error[]=$_language->module['repeat_invalid'];
          
          
    // check e-mail
            
    if(!validate_email($mail)) $error[]=$_language->module['invalid_mail'];
          
          
    // check e-mail inuse
            
    $ergebnis safe_query("SELECT userID FROM ".PREFIX."user WHERE email = '$mail' ");
            
    $num mysql_num_rows($ergebnis);
            if(
    $num$error[]=$_language->module['mail_inuse'];
          
          
    // check captcha
              
    if(!$CAPCLASS->check_captcha($_POST['captcha'], $_POST['captcha_hash'])) $error[]=$_language->module['wrong_securitycode'];
          
              if(
    count($error)) {
                
    $list implode('<br /> '$error);
                
    $showerror '<div class="errorbox">
                  <b>'
    .$_language->module['errors_there'].':</b><br /><br />
                   '
    .$list.'
                </div>'
    ;
            }
            else {
                
    // insert in db
                
    $md5pwd md5(stripslashes($pwd1));
                
    $registerdate=time();
                
    $activationkey createkey(20);
                
    $activationlink='http://'.$hp_url.'/index.php?site=register&key='.$activationkey;
        
                
    safe_query("INSERT INTO `".PREFIX."user` (`registerdate`, `lastlogin`, `username`, `password`, `nickname`, `email`, `newsletter`, `activated`) VALUES ('$registerdate', '$registerdate', '$username', '$md5pwd', '$nickname', '$mail', '1', '".$activationkey."')");
        
                
    $insertid mysql_insert_id();
        
                
    // insert in user_groups
                
    safe_query("INSERT INTO ".PREFIX."user_groups ( userID ) values('$insertid' )");
        
                
    // mail to user
                
    $ToEmail $mail;
                
    $ToName $username;
                
    $header =  str_replace(Array('%username%''%password%''%activationlink%''%pagetitle%''%homepage_url%'), Array(stripslashes($username), stripslashes($pwd1), stripslashes($activationlink), $hp_title$hp_url), $_language->module['mail_subject']);
                
    $Message str_replace(Array('%username%''%password%''%activationlink%''%pagetitle%''%homepage_url%'), Array(stripslashes($username), stripslashes($pwd1), stripslashes($activationlink), $hp_title$hp_url), $_language->module['mail_text']);
        
                if(
    mail($ToEmail,$header$Message"From:".$admin_email."\nContent-type: text/plain; charset=utf-8\n")){
                    
    redirect("index.php",$_language->module['register_successful'],3);
                    
    $show false;
                }
                else{
                    
    redirect("index.php",$_language->module['mail_failed'],3);
                    
    $show false;
                }
            }
        }
        else{
            
    redirect("index.php?site=register",str_replace('%pagename%',$GLOBALS['hp_title'],$_language->module['no_register_when_loggedin']),3);
        }
    }
    if(isset(
    $_GET['key'])) {

        
    safe_query("UPDATE `".PREFIX."user` SET activated='1' WHERE activated='".$_GET['key']."'");
        if(
    mysql_affected_rows()) redirect('index.php?site=login',$_language->module['activation_successful'],3);
        else 
    redirect('index.php?site=login',$_language->module['wrong_activationkey'],3);

    }
    elseif(isset(
    $_GET['mailkey'])) {
      if(
    mb_strlen(trim($_GET['mailkey']))==32){
            
    safe_query("UPDATE `".PREFIX."user` SET email_activate='1', email=email_change, email_change='' WHERE email_activate='".$_GET['mailkey']."'");
            if(
    mysql_affected_rows()) redirect('index.php?site=login',$_language->module['mail_activation_successful'],3);
            else 
    redirect('index.php?site=login',$_language->module['wrong_activationkey'],3);
      }
    }
    else {
        if(
    $show == true){
            if(!
    $loggedin){
                
    $bg1=BG_1;
                
    $bg2=BG_2;
                
    $bg3=BG_3;
                
    $bg4=BG_4;
            
                
    $CAPCLASS = new Captcha;
                
    $captcha $CAPCLASS->create_captcha();
                
    $hash $CAPCLASS->get_hash();
                
    $CAPCLASS->clear_oldcaptcha();
            
                if(!isset(
    $showerror)) $showerror='';
                if(isset(
    $_POST['nickname'])) $nickname=getforminput($_POST['nickname']);
                else 
    $nickname='';
                if(isset(
    $_POST['username'])) $username=getforminput($_POST['username']);
                else 
    $username='';
                if(isset(
    $_POST['pwd1'])) $pwd1=getforminput($_POST['pwd1']);
                else 
    $pwd1='';
                if(isset(
    $_POST['pwd2'])) $pwd2=getforminput($_POST['pwd2']);
                else 
    $pwd2='';
                if(isset(
    $_POST['mail'])) $mail=getforminput($_POST['mail']);
                else 
    $mail='';
            
                eval(
    "\$register = \"".gettemplate("register")."\";");
                echo 
    $register;
            }
            else{
                
    redirect("index.php",str_replace('%pagename%',$GLOBALS['hp_title'],$_language->module['no_register_when_loggedin']),3);
            }
        }
    }

    ?>

  2. #2
    Join Date
    Jul 2013
    Location
    Voorheesville NY USA
    Posts
    780
    Usually people ask for help solving problems they are having. You are asking for what? Write some code for you, not knowing where you are trying to get?

    Rather confusing. I suggest you make an attempt at getting what you want and then if you have a defined problem, let us help.

    For example - what are the extra fields?

  3. #3
    Join Date
    Feb 2014
    Location
    Canada
    Posts
    155
    Before asking for us to edit the code which you obtained from wherever (if you wrote it then you wouldn't have the problem you're currently having), you should at least understand what each part is doing, including where changes would need to be made. For example, it's using mysql functions to interact with the MySQL database, however, these functions will be depreciated so it should be re-written using either mysqli or PDO functions. Additionally, it's relying on captchas (no problem), checking whether the user's data already exists (no problem) but the only validation is of the length of input (i.e. checking the username length). You should fix these issues before adding in new fields. The good news is the code is well-organized with comments, so implementing these changes will be straight-forward.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles