I have a registration page which submits to a registration script and if there is an error with the registration the it echos an error page and then includes the registration form. However the problem with just echoing the error message is it appears on top of the website in the body and not where I want it (at the top of the registration page). Is there a way to store the error in a variable which can be printed out on the registration page at the top of the form?
PHP Code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Diary of the Dead - Register</title>
<link href="stylesheet.css" rel="stylesheet" type="text/css" />
</head>
<body class="oneColElsCtrHdr">
<div id="container">
<div id="header" align="center">
<?php
include 'header.php';
?>
</div>
<div id="header">
<h1>Header</h1>
<!-- end #header --></div>
<div id="mainContent" align="center">
<table>
<form name="register" method="post" action="register.php">
<tr>
<td>Username:</td><td><input type="text" name="username"/></td>
</tr>
<tr>
<td>Password:</td><td><input type="password" name="password"/></td>
</tr>
<tr>
<td>Confirm Password:</td><td><input type="password" name="confirmpass"/></td>
</tr>
<tr>
<td>E-Mail Address:</td><td><input type="text" name="email"/></td>
</tr>
<tr>
<td></td><td><input type="submit" name="submit" value="Register"/></td>
</tr>
</form>
</table>
<!-- end #mainContent --></div>
<div id="footer">
<p>Footer</p>
<!-- end #footer --></div>
<!-- end #container --></div>
</body>
</html>
PHP Code:
<?php
/*PHP user registration page written by Kyle Myers*/
//Database Information
$dbhost = "localhost";
$dbname = "";
$dbuser = "";
$dbpass = "";
//Connect to database
mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());
//Retrieve details from form & encrypt password via md5
$username = $_POST['username'];
$epass = $_POST['password'];
$password = md5($_POST['password']);
$confirmpass = md5($_POST['confirmpass']);
$email = $_POST['email'];
//Protect from MySQL injection
$username = stripslashes($username);
$password = stripslashes($password);
$confirmpass = stripslashes($confirmpass);
$email = stripslashes($email);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$confirmpass = mysql_real_escape_string($confirmpass);
$email = mysql_real_escape_string($email);
//Check if username contains only valid characters
if( $username == "" || !eregi("^[a-zA-Z0-9_]+$", $username))
{
echo "Username can not be blank and must only contains letters, numbers and underscores.";
unset($username);
include 'registerForm.php';
exit();
}
else {
//Check if username exists in database
$query = "SELECT username FROM users WHERE username='$username'";
$result = mysql_query($query) or die(mysql_error());
if(mysql_num_rows($result)>0)
{
echo "The username you entered has been taken.";
unset($username);
include 'registerForm.php';
exit();
}
else{
//Verify password is entered and at least 6 characters in length
if(trim($_POST[password])=='' || strlen(trim($_POST[password]))< 6){
echo "You must enter a password at least 6 characters in length.";
unset($password);
unset($confirmpass);
include 'registerForm.php';
}
else{
//Check the password and confirm password field match
if($password !== $confirmpass){
echo "The passwords you entered do not match.";
unset($password);
unset($confirmpass);
include 'registerForm.php';
exit();
}
else {
//Check that the email address is of a valid format
if (!ereg('^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+'.
'@'.
'[-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\.'.
'[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $email)) {
echo "You must enter a valid e-mail address.";
unset($email);
include 'registerForm.php';
}
else {
//Enter registration data into database table
$query = "INSERT INTO users (username, password, email)
VALUES('$username', '$password', '$email')";
mysql_query($query) or die(mysql_error());
mysql_close();
//E-Mail the user their information
$webmaster = "Seven";
$website = "We Live No More";
$sender = "webmaster@sylvanas.net";
$subject = "$website registration";
$header = "From: ". $website . " <" . $sender . ">\r\n";
$mail_body = "$username, you have successfully registered on $website.
Please continue to visit and keep up to date with all of my posts, videos, art, creations and opinions. Your opinion, your expression and your ideals are all appreciated and you are welcome to comment on the website or e-mail me with anything you may wish to say or any content you feel belongs on the website.
You may login to $website using the following details:
Username: $username
Password: $epass
Please print this information out and store it for future reference, keep your password secure! If you loose your password it will be sent to this e-mail address.
Let freedom never perish in your hands.
$webmaster";
mail($email, $subject, $mail_body, $header);
include 'index.php';
}
}
}
}
}
?>