Foro de elhacker.net

Programación => PHP => Mensaje iniciado por: den_22 en 10 Febrero 2010, 23:43 pm



Título: Como hago con este codigo?
Publicado por: den_22 en 10 Febrero 2010, 23:43 pm
Hola, tengo una pregunta acerca de este código, la cuestion es que al querer hacer el registro siempre en el formulario, me dice "This username has already taken",ademas si no se registra en la bd, como ya va a estar siendo usado?. :huh:
Dejo el código a ver si me pueden dar una mano.(La parte en negrita calculo que debe estar provocando esto)

Código:
<?php
error_reporting(E_ALL ^ E_NOTICE);
session_start();

define('INCLUDE_CHECK',true);

require 'connect.php';
require 'functions.php';
// Those two files can be included only if INCLUDE_CHECK is defined


session_name('tzLogin');
// Starting the session

session_set_cookie_params(2*7*24*60*60);
// Making the cookie live for 2 weeks

session_start();

if($_SESSION['id'] && !isset($_COOKIE['tzRemember']) && !$_SESSION['rememberMe'])
{
// If you are logged in, but you don't have the allnurseRemember cookie (browser restart)
// and you have not checked the rememberMe checkbox:

$_SESSION = array();
session_destroy();

// Destroy the session
}


if(isset($_GET['logoff']))
{
$_SESSION = array();
session_destroy();

header("Location: demo.php");
exit;
}

if($_POST['submit']=='Login')
{
// Checking whether the Login form has been submitted

$err = array();
// Will hold our errors


if(!$_POST['username'] || !$_POST['password'])
$err[] = 'All the fields must be filled in!';

if(!count($err))
{
$_POST['username'] = mysql_real_escape_string($_POST['username']);
$_POST['password'] = mysql_real_escape_string($_POST['password']);
$_POST['rememberMe'] = (int)$_POST['rememberMe'];

// Escaping all input data

$row = mysql_fetch_assoc(mysql_query("SELECT id,usr FROM tz_members WHERE usr='{$_POST['username']}' AND pass='".md5($_POST['password'])."'"));

if($row['usr'])
{
// If everything is OK login

//$_SESSION['username']=$row['user'];
$_SESSION['usr']=$row['usr'];
$_SESSION['id'] = $row['id'];
$_SESSION['type'] = $row['type'];
$_SESSION['rememberMe'] = $_POST['rememberMe'];

// Store some data in the session

setcookie('tzRemember',$_POST['rememberMe']);
}
else $err[]='Wrong username and/or password!';
}

if($err)
$_SESSION['msg']['login-err'] = implode('<br />',$err);
// Save the error messages in the session

header("Location: demo.php");
exit;
}
else if($_POST['submit']=='Register')
{
// If the Register form has been submitted

$err = array();

if(strlen($_POST['firstname'])>100)
{
$err[]='Your lastname must be less 100 characters!';
}

if(!preg_match('/[^0-9\-\_\.]+/i',$_POST['firstname']))
{
$err[]='Your firstname contains invalid characters!';
}

if(strlen($_POST['lastname'])>100)
{
$err[]='Your lastname must be less 100 characters!';
}

if(!preg_match('/[^0-9\-\_\.]+/i',$_POST['lastname']))
{
$err[]='Your lastname contains invalid characters!';
}

if(strlen($_POST['username'])<4 || strlen($_POST['username'])>100)
{
$err[]='Your username must be between 4 and 100 characters!';
}

if(preg_match('/[^a-z0-9\-\_\.]+/i',$_POST['username']))
{
$err[]='Your username contains invalid characters!';
}

if(strlen($_POST['password'])<6 || strlen($_POST['password'])>32)
{
$err[]='Your username must be between 6 and 32 characters!';
}

if(preg_match('/[^a-z0-9\-\_\.]+/i',$_POST['password']))
{
$err[]='Your password is weak!';
}

if($_POST['repassword']!=$_POST['password'])
{
$err[]='Your retype password is different than password!';
}

if(!checkEmail($_POST['email']))
{
$err[]='Your email is not valid!';
}

if(!count($err))
{
// If there are no errors

$_POST['email'] = mysql_real_escape_string($_POST['email']);
$_POST['password'] = mysql_real_escape_string($_POST['password']);
$_POST['username'] = mysql_real_escape_string($_POST['username']);
$_POST['firstname'] = mysql_real_escape_string($_POST['firstname']);
$_POST['lastname'] = mysql_real_escape_string($_POST['lastname']);
$_POST['type'] = mysql_real_escape_string($_POST['type']);
// Escape the input data


mysql_query(" INSERT INTO tz_members(firstname,lastname,user,password,email,type,dt)
VALUES('".$_POST['firstname']."','".$_POST['lastname']."','".$_POST['username']."','".md5($_POST['password'])."','".$_POST['email']."','".$_POST['type']."',NOW())");


if(mysql_affected_rows($link)==1)
{
send_mail( 'name@yourdomain.com',
$_POST['email'],
'Registration for Demo',
'Your username is: '.$username.'\n Your password is: '.$password);

$_SESSION['msg']['reg-success']='We sent you an email with your login data!';
}
else $err[]='This username is already taken!';
}

if(count($err))
{
$_SESSION['msg']['reg-err'] = implode('<br />',$err);
}

header("Location: demo.php");
exit;
}

$script = '';

if($_SESSION['msg'])
{
// The script below shows the sliding panel on page load

$script = '
<script type="text/javascript">

$(function(){

$("div#panel").show();
$("#toggle a").toggle();
});

</script>';

}
?>


Título: Re: Como hago con este codigo?
Publicado por: Alex_bro en 11 Febrero 2010, 18:42 pm
No me he detenido mucho a leer el codigo, porque ando escasito de tiempo hoy por los examenes jaja, pero he visto que ese mensaje salta cuando no es capaz de hacer el insert en la DB...
Seguro que ha conextado bien a la db, existe la tabla, y demas?
Prueba a intentar ejecutar la misma query desde phpmyadmin (por ejemplo) a ver si te dice cual es el error que tira mysql.

Saludos.


Título: Re: Como hago con este codigo?
Publicado por: den_22 en 11 Febrero 2010, 20:25 pm
Bueno gracias, lo pruebo y te digo.

den_22


Título: Re: Como hago con este codigo?
Publicado por: luiggy2 en 11 Febrero 2010, 21:06 pm
Hola, tengo una pregunta acerca de este código, la cuestion es que al querer hacer el registro siempre en el formulario, me dice "This username has already taken",ademas si no se registra en la bd, como ya va a estar siendo usado?. :huh:
Dejo el código a ver si me pueden dar una mano.(La parte en negrita calculo que debe estar provocando esto)

Código
  1. <?php
  2. error_reporting(E_ALL ^ E_NOTICE);
  3.  
  4. define('INCLUDE_CHECK',true);
  5.  
  6. require 'connect.php';
  7. require 'functions.php';
  8. // Those two files can be included only if INCLUDE_CHECK is defined
  9.  
  10.  
  11. session_name('tzLogin');
  12. // Starting the session
  13.  
  14. // Making the cookie live for 2 weeks
  15.  
  16.  
  17. if($_SESSION['id'] && !isset($_COOKIE['tzRemember']) && !$_SESSION['rememberMe'])
  18. {
  19. // If you are logged in, but you don't have the allnurseRemember cookie (browser restart)
  20. // and you have not checked the rememberMe checkbox:
  21.  
  22. $_SESSION = array();
  23.  
  24. // Destroy the session
  25. }
  26.  
  27.  
  28. if(isset($_GET['logoff']))
  29. {
  30. $_SESSION = array();
  31.  
  32. header("Location: demo.php");
  33. }
  34.  
  35. if($_POST['submit']=='Login')
  36. {
  37. // Checking whether the Login form has been submitted
  38.  
  39. $err = array();
  40. // Will hold our errors
  41.  
  42.  
  43. if(!$_POST['username'] || !$_POST['password'])
  44. $err[] = 'All the fields must be filled in!';
  45.  
  46. if(!count($err))
  47. {
  48. $_POST['username'] = mysql_real_escape_string($_POST['username']);
  49. $_POST['password'] = mysql_real_escape_string($_POST['password']);
  50. $_POST['rememberMe'] = (int)$_POST['rememberMe'];
  51.  
  52. // Escaping all input data
  53.  
  54. $row = mysql_fetch_assoc(mysql_query("SELECT id,usr FROM tz_members WHERE usr='{$_POST['username']}' AND pass='".md5($_POST['password'])."'"));
  55.  
  56. if($row['usr'])
  57. {
  58. // If everything is OK login
  59.  
  60. //$_SESSION['username']=$row['user'];
  61. $_SESSION['usr']=$row['usr'];
  62. $_SESSION['id'] = $row['id'];
  63. $_SESSION['type'] = $row['type'];
  64. $_SESSION['rememberMe'] = $_POST['rememberMe'];
  65.  
  66. // Store some data in the session
  67.  
  68. setcookie('tzRemember',$_POST['rememberMe']);
  69. }
  70. else $err[]='Wrong username and/or password!';
  71. }
  72.  
  73. if($err)
  74. $_SESSION['msg']['login-err'] = implode('<br />',$err);
  75. // Save the error messages in the session
  76.  
  77. header("Location: demo.php");
  78. }
  79. else if($_POST['submit']=='Register')
  80. {
  81. // If the Register form has been submitted
  82.  
  83. $err = array();
  84.  
  85. if(strlen($_POST['firstname'])>100)
  86. {
  87. $err[]='Your lastname must be less 100 characters!';
  88. }
  89.  
  90. if(!preg_match('/[^0-9\-\_\.]+/i',$_POST['firstname']))
  91. {
  92. $err[]='Your firstname contains invalid characters!';
  93. }
  94.  
  95. if(strlen($_POST['lastname'])>100)
  96. {
  97. $err[]='Your lastname must be less 100 characters!';
  98. }
  99.  
  100. if(!preg_match('/[^0-9\-\_\.]+/i',$_POST['lastname']))
  101. {
  102. $err[]='Your lastname contains invalid characters!';
  103. }
  104.  
  105. if(strlen($_POST['username'])<4 || strlen($_POST['username'])>100)
  106. {
  107. $err[]='Your username must be between 4 and 100 characters!';
  108. }
  109.  
  110. if(preg_match('/[^a-z0-9\-\_\.]+/i',$_POST['username']))
  111. {
  112. $err[]='Your username contains invalid characters!';
  113. }
  114.  
  115. if(strlen($_POST['password'])<6 || strlen($_POST['password'])>32)
  116. {
  117. $err[]='Your username must be between 6 and 32 characters!';
  118. }
  119.  
  120. if(preg_match('/[^a-z0-9\-\_\.]+/i',$_POST['password']))
  121. {
  122. $err[]='Your password is weak!';
  123. }
  124.  
  125. if($_POST['repassword']!=$_POST['password'])
  126. {
  127. $err[]='Your retype password is different than password!';
  128. }
  129.  
  130. if(!checkEmail($_POST['email']))
  131. {
  132. $err[]='Your email is not valid!';
  133. }
  134.  
  135. if(!count($err))
  136. {
  137. // If there are no errors
  138.  
  139. $_POST['email'] = mysql_real_escape_string($_POST['email']);
  140. $_POST['password'] = mysql_real_escape_string($_POST['password']);
  141. $_POST['username'] = mysql_real_escape_string($_POST['username']);
  142. $_POST['firstname'] = mysql_real_escape_string($_POST['firstname']);
  143. $_POST['lastname'] = mysql_real_escape_string($_POST['lastname']);
  144. $_POST['type'] = mysql_real_escape_string($_POST['type']);
  145. // Escape the input data
  146.  
  147.  
  148. mysql_query(" INSERT INTO tz_members(firstname,lastname,user,password,email,type,dt)
  149. VALUES('".$_POST['firstname']."','".$_POST['lastname']."','".$_POST['username']."','".md5($_POST['password'])."','".$_POST['email']."','".$_POST['type']."',NOW())");
  150.  
  151.  
  152. if(mysql_affected_rows($link)==1)
  153. {
  154. send_mail( 'name@yourdomain.com',
  155. $_POST['email'],
  156. 'Registration for Deemo',
  157. 'Your username is: '.$username.'\n Your password is: '.$password);
  158.  
  159. $_SESSION['msg']['reg-success']='We sent you an email with your login data!';
  160. }
  161. else $err[]='This username is already taken!';
  162. }
  163.  
  164. if(count($err))
  165. {
  166. $_SESSION['msg']['reg-err'] = implode('<br />',$err);
  167. }
  168.  
  169. header("Location: demo.php");
  170. }
  171.  
  172. $script = '';
  173.  
  174. if($_SESSION['msg'])
  175. {
  176. // The script below shows the sliding panel on page load
  177.  
  178. $script = '
  179. <script type="text/javascript">
  180.  
  181. $(function(){
  182.  
  183. $("div#panel").show();
  184. $("#toggle a").toggle();
  185. });
  186.  
  187. </script>';
  188.  
  189. }
  190. ?>

Mejor asi ¿No?


Título: Re: Como hago con este codigo?
Publicado por: den_22 en 12 Febrero 2010, 17:33 pm
Hola dejo la tabla de la base de datos, por si alguien me quiere dar una mano, no le encuentro el error.


Código:
CREATE TABLE `tz_members` (
  `id` int(11) NOT NULL auto_increment,
  `usr` varchar(32) collate utf8_unicode_ci NOT NULL default '',
  `pass` varchar(32) collate utf8_unicode_ci NOT NULL default '',
`firstname` varchar(32) collate utf8_unicode_ci NOT NULL default '',
`lastname` varchar(32) collate utf8_unicode_ci NOT NULL default '',
`type` varchar (32) collate utf8_unicode_ci NOT NULL default '',
  `email` varchar(255) collate utf8_unicode_ci NOT NULL default '',
  `regIP` varchar(15) collate utf8_unicode_ci NOT NULL default '',
  `dt` datetime NOT NULL default '0000-00-00 00:00:00',
  PRIMARY KEY  (`id`),
  UNIQUE KEY `usr` (`usr`)
) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;


Título: Re: Como hago con este codigo?
Publicado por: den_22 en 14 Febrero 2010, 04:46 am
Ya pude solucionar el problema.  ;D


Título: Re: Como hago con este codigo?
Publicado por: den_22 en 22 Febrero 2010, 17:31 pm
Hola nuevamente, tengo un pequeño problema otra vez, la verdad es que lo habia solucionado, pero no se que pasó, tengo el mismo error otra vez.
"This username is already taken".

Alguien me podrá ayudar?

Código:
<?php
error_reporting(E_ALL ^ E_NOTICE);
session_start();
 
define('INCLUDE_CHECK',true);
 
require 'connect.php';
require 'functions.php';
// Those two files can be included only if INCLUDE_CHECK is defined
 
 
session_name('tzLogin');
// Starting the session
 
session_set_cookie_params(2*7*24*60*60);
// Making the cookie live for 2 weeks
 
session_start();
 
if($_SESSION['id'] && !isset($_COOKIE['tzRemember']) && !$_SESSION['rememberMe'])
{
// If you are logged in, but you don't have the allnurseRemember cookie (browser restart)
// and you have not checked the rememberMe checkbox:
 
$_SESSION = array();
session_destroy();
 
// Destroy the session
}
 
 
if(isset($_GET['logoff']))
{
$_SESSION = array();
session_destroy();
 
header("Location: demo.php");
exit;
}
 
if($_POST['submit']=='Login')
{
// Checking whether the Login form has been submitted
 
$err = array();
// Will hold our errors
 
 
if(!$_POST['username'] || !$_POST['password'])
$err[] = 'All the fields must be filled in!';
 
if(!count($err))
{
$_POST['username'] = mysql_real_escape_string($_POST['username']);
$_POST['password'] = mysql_real_escape_string($_POST['password']);
$_POST['rememberMe'] = (int)$_POST['rememberMe'];
 
// Escaping all input data
 
$row = mysql_fetch_assoc(mysql_query("SELECT id,usr FROM tz_members WHERE usr='{$_POST['username']}' AND pass='".md5($_POST['password'])."'"));
 
if($row['usr'])
{
// If everything is OK login
 
//$_SESSION['username']=$row['user'];
$_SESSION['usr']=$row['usr'];
$_SESSION['id'] = $row['id'];
$_SESSION['type'] = $row['type'];
$_SESSION['rememberMe'] = $_POST['rememberMe'];
 
// Store some data in the session
 
setcookie('tzRemember',$_POST['rememberMe']);
}
else $err[]='Wrong username and/or password!';
}
 
if($err)
$_SESSION['msg']['login-err'] = implode('<br />',$err);
// Save the error messages in the session
 
header("Location: demo.php");
exit;
}
else if($_POST['submit']=='Register')
{
// If the Register form has been submitted
 
$err = array();
 
if(strlen($_POST['firstname'])>100)
{
$err[]='Your lastname must be less 100 characters!';
}
 
if(!preg_match('/[^0-9\-\_\.]+/i',$_POST['firstname']))
{
$err[]='Your firstname contains invalid characters!';
}
 
if(strlen($_POST['lastname'])>100)
{
$err[]='Your lastname must be less 100 characters!';
}
 
if(!preg_match('/[^0-9\-\_\.]+/i',$_POST['lastname']))
{
$err[]='Your lastname contains invalid characters!';
}
 
if(strlen($_POST['username'])<4 || strlen($_POST['username'])>100)
{
$err[]='Your username must be between 4 and 100 characters!';
}
 
if(preg_match('/[^a-z0-9\-\_\.]+/i',$_POST['username']))
{
$err[]='Your username contains invalid characters!';
}
 
if(strlen($_POST['password'])<6 || strlen($_POST['password'])>32)
{
$err[]='Your username must be between 6 and 32 characters!';
}
 
if(preg_match('/[^a-z0-9\-\_\.]+/i',$_POST['password']))
{
$err[]='Your password is weak!';
}
 
if($_POST['repassword']!=$_POST['password'])
{
$err[]='Your retype password is different than password!';
}
 
if(!checkEmail($_POST['email']))
{
$err[]='Your email is not valid!';
}
 
if(!count($err))
{
// If there are no errors
 
$_POST['email'] = mysql_real_escape_string($_POST['email']);
$_POST['password'] = mysql_real_escape_string($_POST['password']);
$_POST['username'] = mysql_real_escape_string($_POST['username']);
$_POST['firstname'] = mysql_real_escape_string($_POST['firstname']);
$_POST['lastname'] = mysql_real_escape_string($_POST['lastname']);
$_POST['type'] = mysql_real_escape_string($_POST['type']);
// Escape the input data
 
 
mysql_query(" INSERT INTO tz_members(firstname,lastname,user,password,email,type,dt)
VALUES('".$_POST['firstname']."','".$_POST['lastname']."','".$_POST['username']."','".md5($_POST['password'])."','".$_POST['email']."','".$_POST['type']."',NOW())");
 
 
if(mysql_affected_rows($link)==1)
{
send_mail( 'name@yourdomain.com',
$_POST['email'],
'Registration for Demo',
'Your username is: '.$username.'\n Your password is: '.$password);
 
$_SESSION['msg']['reg-success']='We sent you an email with your login data!';
}
else $err[]='This username is already taken!';
}
 
if(count($err))
{
$_SESSION['msg']['reg-err'] = implode('<br />',$err);
}
 
header("Location: demo.php");
exit;
}
 
$script = '';
 
if($_SESSION['msg'])
{
// The script below shows the sliding panel on page load
 
$script = '
<script type="text/javascript">
 
$(function(){
 
$("div#panel").show();
$("#toggle a").toggle();
});
 
</script>';
 
}
?>

<html>
<head>
</head>
<body>
<!-- Panel -->
<div id="toppanel">
<div id="panel">
<div class="content clearfix">           
            <?php

if(!$_SESSION['id']):

?>
           
<div class="left">
<!-- Login Form -->
<form class="clearfix" action="" method="post">
<h1>Member Login</h1>
                   
                    <?php

if($_SESSION['msg']['login-err'])
{
echo '<div class="err">'.$_SESSION['msg']['login-err'].'</div>';
unset($_SESSION['msg']['login-err']);
}
?>

<label class="grey" for="username">Login ID:</label>
<input class="field" type="text" name="username" id="username" value="" size="23" />
<label class="grey" for="password">Password:</label>
<input class="field" type="password" name="password" id="password" size="23" />
            <label><input name="rememberMe" id="rememberMe" type="checkbox" checked="checked" value="1" /> &nbsp;Remember me</label>
        <div class="clear"></div>
<input type="submit" name="submit" value="Login" class="bt_login" />
</form>
</div>
<form action="" method="post">
<div class="left right">
<!-- Register Form -->
<h1>Not a member yet? Sign Up!</h1>
                   
                    <?php

if($_SESSION['msg']['reg-err'])
{
echo '<div class="err">'.$_SESSION['msg']['reg-err'].'</div>';
unset($_SESSION['msg']['reg-err']);
}

if($_SESSION['msg']['reg-success'])
{
echo '<div class="success">'.$_SESSION['msg']['reg-success'].'</div>';
unset($_SESSION['msg']['reg-success']);
}
?>
                   
<label class="grey" for="firstname">First Name/Company Name:</label>
<input class="field" type="text" name="firstname" id="firstname" value="" size="23" />
<label class="grey" for="lastname">Last Name/Company Short Name:</label>
<input class="field" type="text" name="lastname" id="lastname" value="" size="23" />
<label class="grey" for="username">Login ID:</label>
<input class="field" type="text" name="username" id="username" value="" size="23" />
<label class="grey" for="password">Password:</label>
<input class="field" type="password" name="password" id="password" value="" size="23" />
</div>
            <div class="left">
<label>&nbsp;</label>
<label>&nbsp;</label>
<label class="grey" for="repassword">Retype Password:</label>
<input class="field" type="password" name="repassword" id="repassword" value="" size="23" />
<label class="grey" for="type">Type:</label><select name="type" id="type" style="background-color:#666666; color:#CCCCCC; border-color:#000000; border-style:solid; border-width:thin">
<option value="Applicant">Applicant</option>
<option value="Company">Company</option>
</select>
<label class="grey" for="email">Email:</label>
<input class="field" type="text" name="email" id="email" size="23" />
<label>Your login data will be e-mailed to you.</label>
<input type="submit" name="submit" value="Register" class="bt_register" />
</form>
</div>
            <?php
else:
?>
           
            <div class="left">                       
            <p>&nbsp;</p><br /><br /><br /><br /><p>&nbsp;</p><br /><br /><br /><br /><p>&nbsp;</p><br /><br />
            <a href="?logoff"><strong>Log out</strong></a>
           
            </div>
<?php
endif;
?>               
</div>
</div> <!-- /login -->

    <!-- The tab on top -->
<div class="tab">
<ul class="login">
    <li class="left">&nbsp;</li>
        <li>Hello
<?php
if($_SESSION['id'])
{echo $_SESSION['username'];}
else echo 'Guest';
?>
!</li>
<li class="sep">|</li>
<li id="toggle">
<a id="open" class="open" href="#"><?php echo $_SESSION['id']?'Open Panel':'Log In | Register';?></a>

<a id="close" style="display: none;" class="close" href="#">Close Panel</a>
</li>
    <li class="right">&nbsp;</li>
</ul>
</div> <!-- / top -->

<div> <!--panel --></div>

  <?php
if(isset($_SESSION['id']))
{
// If you are logged in.
include("registered.php");
}
?>      
</body>
</html>


Título: Re: Como hago con este codigo?
Publicado por: den_22 en 23 Febrero 2010, 15:54 pm
Encontré la solución, el problema era que al crear la base de datos en el phpMyAdmin, debía ponerle en "Cotejamiento" utf8_unicode_ci. Cosa que no estaba puesto.

Ahora funciona perfecto!  ;-)