0

Hi i am new to PHP and i am trying to submit a registration form and it works fine but the problem is that when it gives some error like username already exists or password too short in an alert box and then it reloads the form page again and the user has to fill the whole form again i want the fields that are correct to remain unchanged

here is the form page code

<!DOCTYPE HTML> 
<html> 
    <head> 
        <title>Details</title> 
        <link rel="stylesheet" type="text/css" href="reg.css">
    </head> 
        <body id="body"> 
            <div id="mmw"> <span> MAP MY WAY </span></div>
            <form name="reg" id="reg" method="post" action="insert.php">
        <h2>Kindly fill up your Information</h2>
        <p>
    <input name="username" required class="name" placeholder="Type Your User name" />
        <input name="password" placeholder="Type Your Password" class="name" type="password" required />
            <input name="first_name" required class="name" placeholder="Type Your First name" />
            <input name="last_name" required class="name" placeholder="Type Your Last name" />
            <input name="email" required class="email" placeholder="Type a valid E-Mail address" />
            <input name="m_no" class="name" placeholder="Type Your Mobile #"/>
            <input name="v_name" required class="name" placeholder="Type Your Vahical model and name"/>
            <input name="capacity" required class="name" placeholder="Seating capacity"/>
            <input name="fuel_type" required class="name" placeholder="Runs on what fuel type"/>
    </p>



        <p>
            <input name="submit" class="btn" type="submit" value="Register" />
        </p>
        </form>

            </div> 
        </body> 
</html>

and here is the page that is processing the data 

 <?php
  $con = mysqli_connect("localhost", "root", "", "map_my_way");
  // Check connection
  if (mysqli_connect_errno()) {
   echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }

  // escape variables for security
  $username = mysqli_real_escape_string($con, $_POST['username']);
  $password = mysqli_real_escape_string($con, $_POST['password']);
  $first_name = mysqli_real_escape_string($con, $_POST['first_name']);
  $last_name = mysqli_real_escape_string($con, $_POST['last_name']);
  $email = mysqli_real_escape_string($con, $_POST['email']);
  $m_no = mysqli_real_escape_string($con, $_POST['m_no']);
  $v_name = mysqli_real_escape_string($con, $_POST['v_name']);
  $fuel_type = mysqli_real_escape_string($con, $_POST['fuel_type']);
  $capacity = mysqli_real_escape_string($con, $_POST['capacity']); 


 $exists = mysqli_num_rows(mysqli_query($con,"SELECT * FROM members WHERE username='" . $username . "'"));
 if ($exists > 0) {


echo "<script language=\"JavaScript\">\n";
echo "alert('username already exists!');\n";
echo "window.location='reg.php'";
echo "</script>";

 } 

if (strlen ($password) < 6){

            echo "<script language=\"JavaScript\">\n";
            echo "alert('password must be 6 characters');\n";
            echo "window.location='reg.php'";
            echo "</script>";

 }
 else{

 // if ($password < 6) {
 // echo "<script language=\"JavaScript\">\n";
 // echo "alert('username already exists!');\n";
 // echo "window.location='reg.php'";
 // echo "</script>";

 // } else{

 //insert query
 $sql = "INSERT INTO members (username, password, first_name, last_name, email, m_no, v_name, fuel_type, capacity)
 VALUES ('$username', '$password', '$first_name', '$last_name', '$email', '$m_no', '$v_name', '$fuel_type', '$capacity')";  
 }
 //}    
 if (!mysqli_query($con, $sql)) {
    die('Error: ' . mysqli_error($con));

 }  
    else{
    header("location:pic.php");
    }



  // Register $username
   session_start();
   $_SESSION['login'] = true;
   $_SESSION['username'] = $username;

   mysqli_close($con);
   ?>

Thanks in advance

user3800570
  • 13
  • 6
  • you need to fill the `` with `value="..."` when returning the form page – Florent Nov 16 '14 at 17:26
  • please give an example thanks – user3800570 Nov 16 '14 at 17:28
  • `` and you also need to print the html file instead of your redirection – Florent Nov 16 '14 at 17:31
  • i tried your code but is says "
    Notice: Undefined variable: first_name in C:\xampp\htdocs\mapmyway1\reg.php on line 12
    " in the text field i have changed the code of.     – user3800570 Nov 16 '14 at 17:37
  • Well, has `$first_name` been defined before the line 12 in reg.php ? – Florent Nov 16 '14 at 17:42
  • no! but i have defined all the vars in processing php file. i have defined it but it still says above the the page that "Notice: Undefined index: username in C:\xampp\htdocs\mapmyway1\reg.php on line 4 " i have used this $username = $_POST['username']; to define – user3800570 Nov 16 '14 at 17:49
  • `$_POST['username']` will be undefined if you are calling your php page without a form submit. You need to check this and assign empty values to `$username` in this case and just print out the html file. If this is a form submit, you can try to validate the values and either return html file populated with `$_POST` values or insert into database – Florent Nov 16 '14 at 17:56
  • see [here](http://stackoverflow.com/questions/1372147/check-whether-a-request-is-get-or-post?answertab=active#tab-top) on how to check if this is a POST or a GET – Florent Nov 16 '14 at 17:57

1 Answers1

0

header('Location: http://example.com/some/url'); relplace it with the javascript

also try to make a function to the escape string less typing:

function security($danger) {

mysqli_real_escape_string($con, $danger)}

simply call it with the username like $username = security($_POST['username'])

mohamed nada
  • 3
  • 2
  • i dont have any javascript files that i can replace with all i have used JS for only alert boxes thats all. – user3800570 Nov 16 '14 at 17:41
  • why don't u make a time function with the header in it example'$time = time(); $timeout = $time + 5; //just as an example do { // do stuff } while ($time < $timeout)': – mohamed nada Nov 16 '14 at 17:44
  • put that in an if function so the the time() starts from there then make ur header function if u want to time this out perfectly ^^ – mohamed nada Nov 16 '14 at 17:45
  • it passed like 10 stories above my head please i am very new to all that things. could you explain it by giving example of my code? – user3800570 Nov 16 '14 at 17:51