hi
in my registration page i got about 20 input fields everythings are working fine except this multiple checkboxes. i read the articles related to my isses but no joy yet becouse my code is very complecated for example the register.php datas will be validate and process by process.php and then send to session.php from here data will be adding through database.php, so its very complecated where to add what for that i will give all the page code that related to register.php
here is the register.php
<tr>
<td>Generation/Siblings::</td>
<td>
<p><input type="checkbox" name="generation[]" value="Mother"> Mother</p>
<p><input type="checkbox" name="generation[]" value="Grand-mother"> Grand mother</p>
<p><input type="checkbox" name="generation[]" value="Great-grandmother"> Great grandmother</p>
<p><input type="checkbox" name="generation[]" value="Sisters"> Sisters</p>
<p><input type="checkbox" name="generation[]" value="Daughters"> Daughters</p>
</td>
</tr>
here is the process.php
/**
* procRegister - Processes the user submitted registration form,
* if errors are found, the user is redirected to correct the
* information, if not, the user is effectively registered with
* the system and an email is (optionally) sent to the newly
* created user.
*/
function procRegister(){
global $database, $session, $form;
$config = $database->getConfigs();
/* Checks if registration is disabled */
if($config['ACCOUNT_ACTIVATION'] == 4){
$_SESSION['reguname'] = $_POST['user'];
$_SESSION['regsuccess'] = 6;
header("Location: ".$session->referrer);
}
/* Convert username to all lowercase (by option) */
if($config['ALL_LOWERCASE'] == 1){
$_POST['user'] = strtolower($_POST['user']);
}
/* Hidden form field captcha deisgned to catch out auto-fill spambots */
if (!empty($_POST['killbill'])) { $retval = 2; } else {
/* Registration attempt */
$retval = $session->register($_POST['user'], $_POST['pass'], $_POST['conf_pass'], $_POST['email'], $_POST['conf_email'], $_POST['phone'], $_POST['firstname'], $_POST['lastname'], $_POST['maidenname'], $_POST['dob'], $_POST['yearinscl'], $_POST['houseinscl'], $_POST['albatchyear'], $_POST['generation'], $_POST['address'], $_POST['telnomobile'], $_POST['telnooffice'], $_POST['profession'], $_POST['designation'], $_POST['nameemployer'], $_POST['typebusiness'], $_POST['employeradd'], $_POST['newsletteremail'], $_POST['sms'], $_POST['nameoncard'], $_POST['paymentmade'], $_POST['amountm'], $_POST['recieptnom'], $_POST['donation'], $_POST['amountd'], $_POST['recieptnod'], $_POST['postaladdress'], $_POST['postcost'], $_POST['status']);
}
/* Registration Successful */
if($retval == 0){
$_SESSION['reguname'] = $_POST['user'];
$_SESSION['regsuccess'] = 0;
header("Location: ".$session->referrer);
}
/* E-mail Activation */
else if($retval == 3){
$_SESSION['reguname'] = $_POST['user'];
$_SESSION['regsuccess'] = 3;
header("Location: ".$session->referrer);
}
here is the session.php
/**
* register - Gets called when the user has just submitted the
* registration form. Determines if there were any errors with
* the entry fields, if so, it records the errors and returns
* 1. If no errors were found, it registers the new user and
* returns 0. Returns 2 if registration failed.
*/
function register($subuser, $subpass, $subconf_pass, $subemail, $subconf_email, $subphone, $subfirstname, $sublastname, $submaidenname, $subdob, $subyearinscl, $subhouseinscl, $subalbatchyear, $subgeneration, $subaddress, $subtelnomobile, $subtelnooffice, $subprofession, $subdesignation, $subnameemployer, $subtypebusiness, $subemployeradd, $subnewsletteremail, $subsms, $subnameoncard, $subpaymentmade, $subamountm, $subrecieptnom, $subdonation, $subamountd, $subrecieptnod, $subpostaladdress, $subpostcost, $substatus){
global $database, $form, $mailer; //The database, form and mailer object
$token = $this->generateRandStr(16);
$config = $database->getConfigs();
/* Username error checking */
$field = "user"; //Use field name for username
if(!$subuser || strlen($subuser = trim($subuser)) == 0){
$form->setError($field, "* Username not entered");
}
else{
/* Spruce up username, check length */
$subuser = stripslashes($subuser);
if(strlen($subuser) < $config['min_user_chars']){
$form->setError($field, "* Username below ".$config['min_user_chars']."characters");
}
else if(strlen($subuser) > $config['max_user_chars']){
$form->setError($field, "* Username above ".$config['max_user_chars']."characters");
}
/* Check if username is not alphanumeric */
else if(!preg_match("/^[a-z0-9]([0-9a-z_-\s])+$/i", $subuser)){
$form->setError($field, "* Username not alphanumeric");
}
/* Check if username is reserved */
else if(strcasecmp($subuser, GUEST_NAME) == 0){
$form->setError($field, "* Username reserved word");
}
/* Check if username is already in use */
else if($database->usernameTaken($subuser)){
$form->setError($field, "* Username already in use");
}
/* Check if username is banned */
else if($database->usernameBanned($subuser)){
$form->setError($field, "* Username banned");
}
}
/* Password error checking */
$field = "pass"; //Use field name for password
if(!$subpass){
$form->setError($field, "* Password not entered");
}
else{
/* Spruce up password and check length*/
$subpass = stripslashes($subpass);
if(strlen($subpass) < $config['min_pass_chars']){
$form->setError($field, "* Password too short");
}
/* Check if password is too long */
else if(strlen($subpass) > $config['max_pass_chars'] ){
$form->setError($field, "* Password too long");
}
/* Check if password is not alphanumeric */
else if(!preg_match("/^([0-9a-z])+$/i", ($subpass = trim($subpass)))){
$form->setError($field, "* Password not alphanumeric");
}
/* Check if passwords match */
else if($subpass != $subconf_pass){
$form->setError($field, "* Passwords do not match");
}
}
/* Email error checking */
$field = "email"; //Use field name for email
if(!$subemail || strlen($subemail = trim($subemail)) == 0){
$form->setError($field, "* Email not entered");
}
else{
/* Check if valid email address using PHPs filter_var */
if(!filter_var($subemail, FILTER_VALIDATE_EMAIL)){
$form->setError($field, "* Email invalid");
}
/* Check if emails match, not case-sensitive */
else if (strcasecmp($subemail, $subconf_email)){
$form->setError($field, "* Email addresses do not match");
}
$subemail = stripslashes($subemail);
}
/* Errors exist, have user correct them */
if($form->num_errors > 0){
return 1; //Errors with form
}
/* No errors, add the new account to the database */
else{
$usersalt = $this->generateRandStr(8);
if($database->addNewUser($subuser, $subpass, $subemail, $token, $usersalt, $subphone, $subfirstname, $sublastname, $submaidenname, $subdob, $subyearinscl, $subhouseinscl, $subalbatchyear, $subgeneration, $subaddress, $subtelnomobile, $subtelnooffice, $subprofession, $subdesignation, $subnameemployer, $subtypebusiness, $subemployeradd, $subnewsletteremail, $subsms, $subnameoncard, $subpaymentmade, $subamountm, $subrecieptnom, $subdonation, $subamountd, $subrecieptnod, $subpostaladdress, $subpostcost, $substatus)){
/* Check Account activation setting and process accordingly. */
/* E-mail Activation */
if($config['ACCOUNT_ACTIVATION'] == 2){
$config = $database->getConfigs();
$mailer->sendActivation($subuser,$subemail,$subpass,$token,$config);
$successcode = 3;
}
here is the database.php
/**
* addNewUser - Inserts the given (username, password, email) info into the database.
* Appropriate user level is set. Returns true on success, false otherwise.
*/
function addNewUser($username, $password, $email, $token, $usersalt, $phone, $firstname, $lastname, $maidenname, $dob, $yearinscl, $houseinscl, $albatchyear, $generation, $address, $telnomobile, $telnooffice, $profession, $designation, $nameemployer, $typebusiness, $employeradd, $newsletteremail, $sms, $nameoncard, $paymentmade, $amountm, $recieptnom, $donation, $amountd, $recieptnod, $postaladdress, $postcost, $status){
$time = time();
$config = $this->getConfigs();
/* If admin sign up, give admin user level */
if(strcasecmp($username, ADMIN_NAME) == 0){
$ulevel = ADMIN_LEVEL;
/* Which validation is on? */
}else if ($config['ACCOUNT_ACTIVATION'] == 1) {
$ulevel = REGUSER_LEVEL; /* No activation required */
}else if ($config['ACCOUNT_ACTIVATION'] == 2) {
$ulevel = ACT_EMAIL; /* Activation e-mail will be sent */
}else if ($config['ACCOUNT_ACTIVATION'] == 3) {
$ulevel = ADMIN_ACT; /* Admin will activate account */
}
$password = sha1($usersalt.$password);
$userip = $_SERVER['REMOTE_ADDR'];
$query = "INSERT INTO ".TBL_USERS." SET username = :username, password = :password, usersalt = :usersalt, userid = 0, userlevel = $ulevel, email = :email, timestamp = $time, actkey = :token, ip = '$userip', regdate = $time, phone = :phone, firstname = :firstname, lastname = :lastname, maidenname = :maidenname, dob = :dob, yearinscl = :yearinscl, houseinscl = :houseinscl, albatchyear = :albatchyear, generation = :generation, address = :address, telnomobile = :telnomobile, telnooffice = :telnooffice, profession = :profession, designation = :designation, nameemployer = :nameemployer, typebusiness = :typebusiness, employeradd = :employeradd, newsletteremail = :newsletteremail, sms = :sms, nameoncard = :nameoncard, amountm = :amountm, recieptnom = :recieptnom, donation = :donation, amountd = :amountd, recieptnod = :recieptnod, postaladdress = :postaladdress, postcost = :postcost, status = :status";
$stmt = $this->connection->prepare($query);
return $stmt->execute(array(':username' => $username, ':password' => $password, ':usersalt' => $usersalt, ':email' => $email, ':token' => $token, ':phone' => $phone, ':firstname' => $firstname, ':lastname' => $lastname, ':maidenname' => $maidenname, ':dob' => $dob, ':yearinscl' => $yearinscl, ':houseinscl' => $houseinscl, ':albatchyear' => $albatchyear, ':generation' => $generation, ':address' => $address, ':telnomobile' => $telnomobile, ':telnooffice' => $telnooffice, ':profession' => $profession, ':designation' => $designation, ':nameemployer' => $nameemployer, ':typebusiness' => $typebusiness, ':employeradd' => $employeradd, ':newsletteremail' => $newsletteremail, ':sms' => $sms, ':nameoncard' => $nameoncard, ':amountm' => $amountm, ':recieptnom' => $recieptnom, ':donation' => $donation, ':amountd' => $amountd, ':recieptnod' => $recieptnod, ':postaladdress' => $postaladdress, ':postcost' => $postcost, ':status' => $status));
}