New Friends! :)
The following is my member registration code as of latest.
ISSUE 1:
I get this error:
Parse error: syntax error, unexpected '_' (T_STRING), expecting ',' or ')' in C:\xampp\htdocs\e_id\register_edited.php on line 10
What is wrong ? I copied the "'images/'_$FILES['avatar']['name']);" from a youtube tutorial on how to create feature for your member site members to upload their images. It was working on my site but not now on my xammp.
ISSUE 2:
Is the following ok or have I got them wrong way round ? I mean the real_escape and the strtolower and the strip_tags. Eg.
$member_registration_username = trim(strip_tags(strtolower(mysqli_real_escape_string($conn,$_POST["member_registration_username"]))));
Any mistakes I made from line 9-22 ?
Question 3:
Looking at my html form, do you spot any errors apart from the <center> outdated tags ? (Will replace them and design with css instead. In the middle of it now).
Question 4:
Should there be 2 equal signs ? Eg. "== 0" (equal to) ? instead of just "=" ?
$member_registration_account_activation = 0;
FULL REG PAGE CODE:
<?php
require "conn.php";
require "site_details.php";
if (isset($_POST['submit']))
{
if(!empty($_POST["member_registration_username"]) && !empty($_POST["member_registration_password"])&& !empty($_POST["member_registration_password_confirmation"])&& !empty($_POST["member_registration_email"])&& !empty($_POST["member_registration_email_confirmation"])&& !empty($_POST["member_registration_forename"])&& !empty($_POST["member_registration_surname"]))
{
$account_activation_link = "http://www.$site_domain.com/$site-name/activate_account.php?email=$member_registration_email&&member_registration_account_activation_code=$member_registration_account_activation_code";
$avatar_path = trim(strip_tags(mysqli_real_escape_string($conn,'images/'_$FILES['avatar']['name']);
$member_registration_account_activation = 0;
$member_registration_random_numbers = random_int(0, 9999999999);
$member_registration_username = trim(strip_tags(strtolower(mysqli_real_escape_string($conn,$_POST["member_registration_username"]))));
$member_registration_password = trim(strip_tags(md5(mysqli_real_escape_string($conn,$_POST["member_registration_password"]))));
$member_registration_password_confirmation = trim(strip_tags(md5(mysqli_real_escape_string($conn,($_POST["member_registration_password_confirmation"])))));
$member_registration_forename = trim(strip_tags(mysqli_real_escape_string($conn,$_POST["member_registration_forename"])));
$member_registration_surname = trim(strip_tags(mysqli_real_escape_string($conn,$_POST["member_registration_surname"])));
$member_registration_gender = trim(strip_tags(mysqli_real_escape_string($conn,$_POST["member_registration_gender"])));
$member_registration_email = trim(strip_tags(mysqli_real_escape_string($conn,$_POST["member_registration_email"])));
$member_registration_email_confirmation = trim(strip_tags(mysqli_real_escape_string($conn,$_POST["member_registration_email_confirmation"]));
$member_registration_account_activation_code = trim(strip_tags(mysqli_real_escape_string($conn,"$member_registration_random_numbers")));
if (preg_match("!image!", $_FILES['avatar']['type']))
{
//copy image to images/ folder.
if(copy($_$FILES['avatar']['tmp_name'], $avatar_path))
{
$_SESSION['avatar']=$avatar_path;
}
else
{
$_SESSION['message']= "Image could not be uploaded!";
}
else
{
$_SESSION['message']= "Only gif, jpeg or png files allowed for your avatar!";
exit();
}
if($_POST["member_registration_email"] != $_POST["member_registration_email_confirmation"])
{
$_SESSION['message']= "Your email inputs do not match! Try inputting again and then re-submit.";
exit();
}
if($_POST["member_registration_password_confirmation"] != $_POST["member_registration_password_confirmation"])
{
$_SESSION['message']= "Your password inputs do not match! Try inputting again and then re-submit.";
exit();
}
//Check for Username match in users table.
$sql = "SELECT * FROM users WHERE Usernames ='".$member_registration_username."'";
$result = mysqli_query($conn,$sql);
if(mysqli_num_rows($result)!=0)
{
$_SESSION['message']="That Username $member_registration_username is already registered!";
exit();
}
$sql = "SELECT * FROM users WHERE Emails ='".$member_registration_email."'";
$result = mysqli_query($conn,$sql);
if(mysqli_num_rows($result)>0)
{
$_SESSION['message']="That Email $member_registration_email is already registered!";
exit();
}
$sql = "INSERT INTO users(Usernames,Passwords,Emails,Forenames,Surnames,Genders,Account_Activation_Codes,Account_Activations) VALUES('".$member_registration_username."','".$member_registration_password."','".$member_registration_email."','".$member_registration_forename."','".$member_registration_surname."','".$member_registration_account_activation_code."','".$member_registration_account_activation."')";
if($sql)
{
$_SESSION['message']="Data insertion into table success!";
}
else
{
$_SESSION['message']="Data insertion into table failure!";
}
$to = "$member_registration_email";
$subject = "Your $site_name Account Activation!";
$body = "$member_registration_forename $member_registration_surname,\n\n You need to click the following link to confirm your email address and activate your account.\n\n\
$account_activation_link;
$from = "$site_admin_email";
$headers = "from: $from";
mail($to,$subject,$body,$headers);
$_SESSION['message']="Check your email for further instructions!";
}
else
{
$_SESSION['message']="You must fill-in all input fields!";
}
}
?> <!DOCTYPE html> <html> <head> <title><?php $site_name ?> Signup Page</title> <meta charset="utf-8"> </head> <body> <div class = "container"> <form method="post" action=""> <center><h2>Signup Form</h2></center> <div class="form-group"> <center><label>Username:</label> <input type="text" placeholder="Enter a unique Username" name="member_registration_username" required [A-Za-z0-9]></center> </div> <div class="form-group"> <center><label>Password:</label> <input type="password" placeholder="Enter a new Password" name="member_registration_password" required [A-Za-z0-9]></center> </div> <div class="form-group"> <center><label>Repeat Password:</label> <input type="password" placeholder="Repeat a new Password" name="member_registration_password_confirmation" required [A-Za-z0-9]></center> </div> <div class="form-group"> <center><label>First Name:</label> <input type="text" placeholder="Enter your First Name" name="member_registration_forename" required [A-Za-z]></center> </div> <div class="form-group"> <center><label>Surname:</label> <input type="text" placeholder="Enter your Surname" name="member_registration_surname" required [A-Za-z]></center> </div> <div class="form-group"> <center><label>Gender:</label> <input type="radio" name="member_registration_gender" value="male" required>Male<input type="radio" name="member_registration_gender" value="female" required>Female</center> </div> <div class="form-group"> <center><label>Email:</label> <input type="email" placeholder="Enter your Email" name="member_registration_email" required [A-Za-z0-9]></center> </div> <div class="form-group"> <center><label>Repeat Email:</label> <input type="email" placeholder="Repeat your Email" name="member_registration_email_confirmation" required [A-Za-z0-9]></center> </div> <center><button type="submit" class="btn btn-default" name="submit">Register!</button></center> <center><font color="red" size="3"><b>Already have an account ?</b><br><a href="login.php">Login here!</a></font></center> </form> </div> </body> </html>