FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


need help in a simple php register script based on flat file





mahirharoon
as the title mentions , i need help in a simple php register script based on flat file
it ought to enter the data in data.html but it instead writes a bunch of zeros
here is the code (register/index.php)
Code:
<html>
<head>
<title>form</title>
<!--

<script type="text/javascript">
shortcut("enter",function() {
  document.form1.submit();
});
</script>

-->
</head>
<body>
<form name="form1" action="index.php"method="POST">
<legend>username:<input type="text" name="name"></legend>
password:<input type="password" name="pass">
<legend><input type="submit" name="submit" value="Register"></legend>




</fieldset>




</form>
</body>
</html>
<?php
$data = "data.html" ;
$tile =  $_POST['name'] ;
$pass = $_POST['pass'] ;
$content = $tile | $pass;
$fp = fopen($data, 'a') ;
   if (empty($tile) === False) {

die();
 } else {
  fwrite($fp , $content ) ;
  }
fclose($fp);



?>

and the content in data.html
Code:
000
sonam
You are make few mistakes. First you cannot write php like javascript. You need dot and quotes for creating one string.

Code:
$content = $tile | $pass; // bad
$content = $tile . "|" . $pass . "\n";  // good and you can use single quotest, too


Second mistake is
Code:
if (empty($tile) === False)


Function empty is enough you don't need False.
Code:
if(empty($tile))


Third mistake, you are forgot new line if you think to put more then one user in html (in my solution txt file) Code is below. Wink

Sonam


Code:
<html>
<head>
<title>form</title>
<!--

<script type="text/javascript">
shortcut("enter",function() {
  document.form1.submit();
});
</script>

-->
</head>
<body>
<form name="form1" action="proba.php"method="POST">
<legend>username:<input type="text" name="name"></legend>
password:<input type="password" name="pass">
<legend><input type="submit" name="submit" value="Register"></legend>




</fieldset>




</form>
</body>
</html>
<?php
print_r($_POST);
$data = "data.txt" ;
$tile =  $_POST['name'] ;
$pass = $_POST['pass'] ;
$content = $tile . "|" . $pass . "\n";

if(empty($tile)) {

die("Sorry!");
exit;
 } else {
   $newFile = fopen($data, "a");
    fwrite($newFile, $content);
    fclose($newFile);
  }

?>
Nemesis234
lol, just typed up my solution went to reply and i saw it had already been taken care of. the above covers all the mistakes i found aswell.
mahirharoon
thanks a lot sonam for solving this problem , i did not see any error when it was parsed normally on the server moderators may close this thread as the problem as been solved (well , almost if not fully)
sonam
Hi mahirharoon,
I am also suprised when I try your script and didn't get any error, just zeroes. But for your future php programing it is good to put this two lines on the top of scritp. This will display all errors.

Code:
error_reporting(E_ALL);
ini_set("display_errors", "1");


On the end, I must to say, your script is not good for registration. It is too simple and anyone can break it. It is good for learning, but not for real use.

Sonam
Albio
On my site I Use script from php tutorial. But it is not complete. The last part relates on sites specificity
Code:
<?php
function showheader ($title) {
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<TITLE> <?php echo $title ?> </TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF">
<CENTER>
<?php
}

function showfooter () {
?>
</CENTER>
</BODY>
</HTML>
<?php
}

mysql_connect("localhost", "username", "password");
mysql_select_db("users");

if ($Password == $Password2) {
    $user = mysql_query("SELECT * FROM personalize WHERE (Name='$Name')");
    if (mysql_num_rows($user) > 0) {
        showheader("User Name Taken !");
        ?>
        We are sorry to inform you that the User Name <B><?php echo $Name ?></B> Is already Taken.
        <?php
        showfooter();
    }
    else {
        $user = mysql_query("INSERT INTO personalize VALUES ('$Name','$Password','$News1','$News2','$Weather')");
        setcookie("site_user", $Name, time() + 31536000, "/");
        setcookie("site_pass", $Password, time() + 31536000, "/");
        showheader("Registration Success!");
        ?>
        You have registered.<BR>
        User Name: <?php echo $Name ?>
        <BR>
        Password: <?php echo $Password ?>
        <?php
        showfooter();
    }
}
else {
    showheader("Registration Error!");
    ?>
    Your Two Passwords Did Not Match
    <?php
    showfooter();
}
?>
Nemesis234
Albio wrote:
On my site I Use script from php tutorial. But it is not complete. The last part relates on sites specificity
Code:
<?php
function showheader ($title) {
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<TITLE> <?php echo $title ?> </TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF">
<CENTER>
<?php
}

function showfooter () {
?>
</CENTER>
</BODY>
</HTML>
<?php
}

mysql_connect("localhost", "username", "password");
mysql_select_db("users");

if ($Password == $Password2) {
    $user = mysql_query("SELECT * FROM personalize WHERE (Name='$Name')");
    if (mysql_num_rows($user) > 0) {
        showheader("User Name Taken !");
        ?>
        We are sorry to inform you that the User Name <B><?php echo $Name ?></B> Is already Taken.
        <?php
        showfooter();
    }
    else {
        $user = mysql_query("INSERT INTO personalize VALUES ('$Name','$Password','$News1','$News2','$Weather')");
        setcookie("site_user", $Name, time() + 31536000, "/");
        setcookie("site_pass", $Password, time() + 31536000, "/");
        showheader("Registration Success!");
        ?>
        You have registered.<BR>
        User Name: <?php echo $Name ?>
        <BR>
        Password: <?php echo $Password ?>
        <?php
        showfooter();
    }
}
else {
    showheader("Registration Error!");
    ?>
    Your Two Passwords Did Not Match
    <?php
    showfooter();
}
?>

god that is horrible, lol. the lists of things wrong are extensive. are you really going to use this script? if you are you should make a new thread asking for help as you seem to just be using other peoples scripts which are really outdated and poorly coded/layed out.
medesignz
are you writing that from scratch, or have you pinched bit and bobs from online scripts?
Fire Boar
Nemesis234 wrote:
god that is horrible, lol. the lists of things wrong are extensive. are you really going to use this script? if you are you should make a new thread asking for help as you seem to just be using other peoples scripts which are really outdated and poorly coded/layed out.


Seconded. I died a little inside when I saw that script. The fact that it's using HTML 3.2 should have been a clue.

Folks, code copied from tutorials is generally NOT for production use. Avoid using any of it. In a real website environment:

- NEVER store passwords in plain text or using reversible encryption, anywhere. Use instead a destructive algorithm such as SHA1.
- Always separate content from presentation. Ideally, keep the controller and the view layer in separate files.
- Always use validators and sanitize input. With the script given, I could cause problems if I entered a name like this:

'); DROP TABLE personalize;--
erlendhg
Fire Boar wrote:
Nemesis234 wrote:
god that is horrible, lol. the lists of things wrong are extensive. are you really going to use this script? if you are you should make a new thread asking for help as you seem to just be using other peoples scripts which are really outdated and poorly coded/layed out.


Seconded. I died a little inside when I saw that script. The fact that it's using HTML 3.2 should have been a clue.

Folks, code copied from tutorials is generally NOT for production use. Avoid using any of it. In a real website environment:

- NEVER store passwords in plain text or using reversible encryption, anywhere. Use instead a destructive algorithm such as SHA1.
- Always separate content from presentation. Ideally, keep the controller and the view layer in separate files.
- Always use validators and sanitize input. With the script given, I could cause problems if I entered a name like this:

'); DROP TABLE personalize;--


I agree. And in addition, it seems like the script bases itself on register_globals being turned on, which itself is a huge security leak. Right?
All the variables being inserted into the database should first be set to empty values, and then be pulled out from $_POST, $_GET or $_REQUEST variables. Using the current configuration is like asking to have hackers exploiting your security vulnerabilities.
Related topics
php script for Changing file permissions & owner
I need a VERY simple php script
Anyone care to help me with a simple PHP Form ?
30frih for a php rotator script
VERY simple php script needed
What's the best PHP Wiki script?
PM Script
another simple php request
PHP contact script...
Help!!!
Simple PHP Login Script
Hot or Not PHP-Nuke script
Simple PHP Navigation
Simple PHP forum code needed!
Reply to topic    Frihost Forum Index -> Scripting -> Php and MySQL

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.