close ad
WARNING: Do Not Install the DREAMWEAVER CC 2017 or 2018 Update »
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

Special Registration issues

Thread began 8/04/2010 11:22 am by fdotmedia | Last modified 8/10/2010 2:13 pm by Jason Byrnes | 876 views | 7 replies |

fdotmedia

Special Registration issues

ok - I've finally gotten back to this irritating problem I've been having for months...

Here's how the easy log in feature should work...

1. The registration page checks the email for duplication - redirects to duplicate.php
2. password is there
3. orgcode exists in the database

Here's how it works!

Currently, We let EVERYONE sign up because I can't get the script to validate that an orgcode exists first... Subsequently, the general public being who they are put passwords in orgcodes, orgcodes in passwords etc...

I have followed the instructions laid out by Jason B and I can't get it to work, mainly, due to the fact I have NO IDEA how to "filter the orgcode column on the posted orgcode form element."

Can someone explain what that means to a dumb ass like me please?

Here is my final code...

<?php require_once('../Connections/Users.php'); ?>
<?php require_once("../WA_ValidationToolkit/WAVT_Scripts_PHP.php"); ?>
<?php require_once("../WA_ValidationToolkit/WAVT_ValidatedForm_PHP.php"); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}

$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}

$colname_orgcode = "-1";
if (isset($_POST['orgcode'])) {
$colname_orgcode = (get_magic_quotes_gpc()) ? $_POST['orgcode'] : addslashes($_POST['orgcode']);
}
mysql_select_db($database_Users, $Users);
$query_orgcode = sprintf("SELECT * FROM orgcode WHERE orgcode = %s", GetSQLValueString($colname_orgcode, "text"));
$orgcode = mysql_query($query_orgcode, $Users) or die(mysql_error());
$row_orgcode = mysql_fetch_assoc($orgcode);
$totalRows_orgcode = mysql_num_rows($orgcode);
?>
<?php
if ((((isset($_POST["Register"]))?$_POST["Register"]:"") != "")) {
$WAFV_Redirect = "access-denied.php";
$_SESSION['WAVT_register1_Errors'] = "";
if ($WAFV_Redirect == "") {
$WAFV_Redirect = $_SERVER["PHP_SELF"];
}
$WAFV_Errors = "";
$WAFV_Errors .= WAValidateNM($totalRows_orgcode . "",-1,0,"",",.",true,1);

if ($WAFV_Errors != "") {
PostResult($WAFV_Redirect,$WAFV_Errors,"register1");
}
}
?>

<?php
// *** Redirect if username exists
$MM_flag="MM_insert";
if (isset($_POST[$MM_flag])) {
$MM_dupKeyRedirect="duplicate.php";
$loginUsername = $_POST['emailaddress'];
$LoginRS__query = sprintf("SELECT emailaddress FROM users WHERE emailaddress=%s", GetSQLValueString($loginUsername, "text"));
mysql_select_db($database_Users, $Users);
$LoginRS=mysql_query($LoginRS__query, $Users) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);

//if there is a row in the database, the username was found - can not add the requested username
if($loginFoundUser){
$MM_qsChar = "?";
//append the username to the redirect page
if (substr_count($MM_dupKeyRedirect,"?") >=1) $MM_qsChar = "&";
$MM_dupKeyRedirect = $MM_dupKeyRedirect . $MM_qsChar ."requsername=".$loginUsername;
header ("Location: $MM_dupKeyRedirect");
exit;
}
}
?>
<?php
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
?>
<?php
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "WAATKRegistrationForm")) {
$insertSQL = sprintf("INSERT INTO users (emailaddress, password, orgcode, receiveEmails) VALUES (%s, %s, %s, %s)",
GetSQLValueString($_POST['emailaddress'], "text"),
GetSQLValueString($_POST['password'], "text"),
GetSQLValueString($_POST['orgcode'], "text"),
GetSQLValueString($_POST['receiveEmails'], "text"));

mysql_select_db($database_Users, $Users);
$Result1 = mysql_query($insertSQL, $Users) or die(mysql_error());

$insertGoTo = "thank-you-for-registering.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}

?>


Thanks,
Ted

Sign in to reply to this post

Jason ByrnesWebAssist

so, you want the registration to go through only if the orgcode that was entered already exists in the users table?

The recordset is correctly set up to check if the orgcode exists, the issue in the validation.

The numeric validation is currently set to make sure the orgcode recordset is empty.


you need to change the numeric validation. Set the minimum to 1, leave maximum blank.

This will make sure that validation passes only of the orgcode recordset is not empty.

Sign in to reply to this post

fdotmedia

Thanks jason...

Once again you've saved me...

Sign in to reply to this post

Jason ByrnesWebAssist

glad to hear it is working.

Sign in to reply to this post

fdotmedia

Btw... I have a small problem inside this site...

I'm building an elearning area and trying to pass in the product and step - like this:

blah.php?product=product&step=1

I can't get the product to read the right information...

It seems pretty easy and basic, I'm alot of things but smart is not one of them...

Any help would be great...

Thanks,
Ted

Sign in to reply to this post

Jason ByrnesWebAssist

Please provide more details.

What is the actual result you are seeing?

What is the expected result?

What have you tried to accomplish the expected result?

Sign in to reply to this post

fdotmedia

What I've Done
In my mySQL script I'm LEFT JOIN ing my user db and the product db...

I'm using SecuityAssist to write the session variables; user id email address, product id, product title...

The Idea
The idea is a user, "john doe", has an associated product, "elearning".

I'm trying to filter the results to display "john doe" "elearning" and the steps that are associated with the product...

blah.php?product=elearning&step=1

What I get
I'm actually seeing nothing, I get an error and a blank white screen...

? any help would rock!

Sign in to reply to this post

Jason ByrnesWebAssist

  I'm actually seeing nothing, I get an error and a blank white screen...  




what is the error? I need all of the details to be able to help.

If you are not getting any error, ad d the following code at line 1 to turn error reporting on:

php:
<?php

error_reporting
(E_ALL);
ini_set('display_errors','on');
?>




it would also help to have a copy of your page.

Sign in to reply to this post

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...