0

I created a registration script from bits and pieces that I have learned from books on PHP. Unfornately, when testing it on local host (after submitting test registration page), it displays the source of the PHP script in browser. Is there something I'm doing wrong? Does any know any open-source registration scripts?

Thanks

<?php

$submitted = $_POST["submitted"];
if ($submitted == 'yes') {

    $firstName = mysql_real_escape_string($_POST["firstName"]);
    $lastName = mysql_real_escape_string($_POST["lastName"]);
    $eMail = mysql_real_escape_string($_POST["eMail"]);
    $password = mysql_real_escape_string($_POST["password"]);
    $confirmPassword = mysql_real_escape_string($_POST["confirmPassword"]);

    // Kill script if input fields are blank
    if ($firstName == '' or $lastName == '' or $eMail == '' or $password == '' or $confirmPassword == '') {
        die();
    }

    // Check if passwords match
    if ($password != $confirmPassword) {
        die();
    }

    // Check if password is appropriat length
    $passwordLength = strlen($password);
    if ($passwordLength < 6 or $passwordLength > 30) {
        die();
    }


    //////////////////////////
    // Insert into database //
    //////////////////////////
    // Signup time in Unix Epoch
    $time = time();

    // Human readable date
    $date = date("F jS, Y  g:i:s A");

    $sql = "INSERT into userInfo (firstName, lastName, password, eMail, time, date) VALUES ('$firstName', '$lastName', '$password', '$eMail', '$time', '$date')";
    $sqlserver = "localhost";
    $sqluser = "xxxxxx";
    $sqlpassword = "xxxxxx";


    mysql_connect($sqlserver, $sqluser, $sqlpassword) or die(mysql_error());

    mysql_select_db("store");

    // Check database if username already exists  
    $newEmail = $eMail;
    $checkUsername = mysql_query("SELECT eMail FROM userinfo WHERE eMail = '$newEmail'");
    $numRows = mysql_num_rows($checkUsername);
    if ($numRows > 0) {
        die();
    }

    mysql_query($sql) or die(mysql_error());

    mysql_close();

    header("Location: http://store.viddir.com/login/");
    exit;
} else {
    die();
}
?>
Shandhanu Mohan
  • 129
  • 7
Josh Osborne
  • 1
  • 1
  • 3
    If your webserver is displaying the source of the document that means ti does not have a handler associated with the php file extension. What webserver are you using? – Mike Sep 12 '13 at 16:43
  • You should not use `mysql_connect`, because it's deprecated since PHP 5.5, see http://www.php.net/manual/en/function.mysql-connect.php – kelunik Sep 12 '13 at 16:44
  • Are you using xampp? look this: http://stackoverflow.com/questions/7337633/php-code-display-in-browser-instead-of-executing-it – rodrigoio Sep 12 '13 at 16:44
  • Food for thought: When using `die();` the user should expect some form of error message and not just an empty screen, which will be the result. If `die();` must be used, then you could use `die("Sorry, wrong username.");`. You could echo and put an exit instead to the affect of `echo "Sorry, wrong username."; exit;` which will give the same result. If something is going to `die`, at least let it die in `dignity` ;-) – Funk Forty Niner Sep 12 '13 at 16:48
  • supplement to @Fred if you really don't want something to be printed out when you script terminates you can use `exit` with integer status code. so the caller can get the return code and find where the script terminated. if you use integer parameter to `exit` it won't echo it. – bansi Sep 12 '13 at 16:57
  • did you uploaded the file to document root directory and calling it using `http://localhost/your_script.php` ? – bansi Sep 12 '13 at 16:59
  • 1
    @bansi I was going to mention that actually, but felt I already took up enough room ;-) *(I concur)* – Funk Forty Niner Sep 12 '13 at 16:59

2 Answers2

1

You must be not executing a php file extension. That's why it's returning the PHP source.

Jonnny
  • 4,939
  • 11
  • 63
  • 93
1

Your php code isn't interpreted. The reasons could be :

  1. You didn't name your file with .php extension.
  2. You're not running it on your local server.
    • Did you launched your local server?
  3. You're not using the good protocol (file:// instead of http://).
    • Can happen when you double-click your file in the file explorer.

Make sure your URL looks like http://localhost/folder/stuff.php, and if you're using MAMP, WAMP or XAMP, check your active port for apache, and append it to your url, ex: localhost:8080(default port for MAMP if I remember well).

Reminder : PHP is a server-side client, and needs a server to interpret it (unlike HTML).

Maen
  • 10,603
  • 3
  • 45
  • 71