I am trying to create a working registration validation however I have a problem. The validations work but there is an error, even if the user enters the correct information the INSERT statement is not executed. However, when the "elseif" statement is removed then the error is echoed on the interface but the data is still INSERTED even if there is an error in the user form; such as the password only having letters. I Would be grateful if anyone could fix this error. The complete validation is below. Thanks Wasim
<?php include "connection2.php" ?>
<?php
session_start();
if (empty($errors)) {
if(isset($_POST['submitted'])) {
$firstname=$_POST['Firstname'];
$lastname=$_POST['Lastname'];
$username=$_POST['Username'];
$password= $_POST['Password'];
$email=$_POST['Email'];
if ($username&&$password&&$email) {
if (strlen($username)>10) {
echo "Username is too long (Max 10 Characters)";
}
else {
//check password length
if (strlen($password)>15||strlen($password)<5) {
echo "Password must be 5 to 15 characters<br>";
}
if (!preg_match("#[0-9]+#", $password)) {
echo "Password must include at least one number!<br>";
}
if (!preg_match("#[a-zA-Z]+#", $password)) {
echo "Password must include at least one letter!<br>";
}
elseif ((!strlen($username) >10) and
(!strlen($password)>15||!strlen($password)<5) and
(preg_match("#[0-9]+#", $password)) and
(preg_match("#[a-zA-Z]+#", $password))) {
$sql = mysql_query
("INSERT INTO users(firstname, lastname,username, password, email)
VALUES ('$firstname','$lastname','$username',
'$password','$email')");
md5($password);
//register the user!
echo "Your Are Now a Member";
}
}
}
mysql_close();
}}
else { ?>
<?php }
?>
Aucun commentaire:
Enregistrer un commentaire