-1

I'm trying to force users to pick a unique username and returning an error message if they don't. All other validation (password matching, etc.) is working but validating an unused username just returns ID Registration failed message.

I've updated this with the HTML as requested.

I just want it to tell the user the errors I've outlined in those cases.

            <?php
require('connect.php');
if(isset($_POST) & !empty($_POST)){   

// If the values are posted, insert them into the database.
// if (isset($_POST['app_id']) && isset($_POST['password'])){

    $app_id = mysqli_real_escape_string($connection, $_POST['app_id']);
    $first = mysqli_real_escape_string($connection, $_POST['first']);
    $last = mysqli_real_escape_string($connection, $_POST['last']);
    $gender = mysqli_real_escape_string($connection, $_POST['gender']);
    $birth = mysqli_real_escape_string($connection, $_POST['birth']);
    $email = mysqli_real_escape_string($connection, $_POST['email']);
    $password = mysqli_real_escape_string($connection, md5($_POST['password']));
    $confirmpassword = mysqli_real_escape_string($connection, md5($_POST['confirmpassword']));

    if($password == $confirmpassword){
        $fmsg = "";

    //username validation
        $newidvalq = "SELECT * FROM 'user' WHERE app_id='$app_id'";
        $newidres = mysqli_query($connection, $newidvalq);
        $idcount = 0;
        $idcount = mysqli_num_rows($newidres);
        if($idcount >= 1){
            $fmsg .= "That app ID is already being used, please try a different ID";
        }

    //email validation
        $emailvalq = "SELECT * FROM 'user' WHERE email='$email'";
        $emailres = mysqli_query($connection, $emailvalq);
        $emailcount = 0;
        $emailcount = mysqli_num_rows($emailres);
        if($emailcount >= 1){
        $fmsg .= "That email is already being used";
        }

    //DB Insert
    $query = "INSERT INTO `user` (app_id, first, last, gender, birth, password, email) VALUES ('$app_id', '$first', '$last', '$gender', '$birth', '$password', '$email')";          

    //Result Validation 
    $result = mysqli_query($connection, $query);
    if($result){    
        $smsg = "app ID Created Successfully"; 
      }else{
        $fmsg .= "app Registration Failed";
      }
    }else{
        $fmsg = "Your Passwords do not match";
    }   
}
 ?>
<html>
<head>
<title>User Registeration Using PHP & MySQL</title>

<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" >

<!-- Optional theme -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css" >

<link rel="stylesheet" href="styles.css" >

<!-- Latest compiled and minified JavaScript -->
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
</head>
<body>

<div class="container">
  <form class="form-signin" method="POST">

  <?php if(isset($smsg)){ ?><div class="alert alert-success" role="alert"> <?php echo $smsg; ?> </div><?php } ?>
  <?php if(isset($fmsg)){ ?><div class="alert alert-danger" role="alert"> <?php echo $fmsg; ?> </div><?php } ?>
    <h2 class="form-signin-heading">Please Register</h2>
    <div class="input-group">
  <span class="input-group-addon" id="basic-addon1">@</span>

  <input type="text" name="app_id" class="form-control" placeholder="app ID" value="<?php if(isset($app_id) & !empty($app_id)) {echo $app_id;} ?>" required>
</div>

    <input type="text" name="first" class="form-control" placeholder="First Name" value="<?php if(isset($first) & !empty($first)) {echo $first;} ?>"required>

    <input type="text" name="last" class="form-control" placeholder="Last Name" value="<?php if(isset($last) & !empty($last)) {echo $last;} ?>"required>

    <input type="text" name="gender" class="form-control" placeholder="Gender" value="<?php if(isset($gender) & !empty($gender)) {echo $gender;} ?>"required>

    <input type="date" name="birth" class="form-control" placeholder="Birthday" required>

    <label for="inputEmail" class="sr-only">Email Address</label>
    <input type="email" name="email" id="inputEmail" class="form-control" placeholder="Email address" value="<?php if(isset($email) & !empty($email)) {echo $email;} ?>"required autofocus>


    <label for="inputPassword" class="sr-only">Password</label>
    <input type="password" name="password" id="inputPassword" class="form-control" placeholder="Enter a Password" required>
    <label for="inputPassword" class="sr-only">RetypePassword</label>
    <input type="password" name="confirmpassword" id="inputPassword" class="form-control" placeholder="Confirm Your Password" required>

    <div class="checkbox">
      <label>
        <input type="checkbox" value="remember-me"> Remember me
      </label>
    </div>
    <button class="btn btn-lg btn-primary btn-block" type="submit">Register</button>
    <a class="btn btn-lg btn-primary btn-block" href="login.php">Login</a>
  </form>
</div>

</body>

</html>
K.Dᴀᴠɪs
  • 9,945
  • 11
  • 33
  • 43
Elias
  • 3
  • 4

2 Answers2

0

assign $idcount with 0 first before using and then in the if condition use ($idcoun>=1) And According to your logic if the userid and email exist also then also you are inserting the data which make no sense according to your need

Aniketh Saha
  • 843
  • 10
  • 22
0

Enclose your INSERT block in:

if( $fmsg == "" ) { ..to here.. }

So that if there was an error, no record will be inserted to database, and error will be displayed.

Add action attribute to form tag like:

<form class="form-signin" method="POST" action="">

It is required in some versions of html not html5.

Karlo Kokkak
  • 3,674
  • 4
  • 18
  • 33