[clarkeash]

Hi I have the following page as for a register page (the form posts to this page)

<?php
	//Start a session
	session_start();
	
	//Get details of databae
	require_once('config.inc');
	
	//Array to store validation errors
	$errmsg_arr = array();
	
	//Validation error flag
	$errflag = false;
	
	//Connect to mysql server
	$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
	if(!$link) {
		die('Failed to connect to server: ' . mysql_error());
	}
	
	//Select database
	$db = mysql_select_db(DB_DATABASE);
	if(!$db) {
		die("Unable to select database");
	}
	
	//Function to sanitise values received from the form. Prevents SQL injection
	function clean($str) {
		$str = @trim($str);
		if(get_magic_quotes_gpc()) {
			$str = stripslashes($str);
		}
		return mysql_real_escape_string($str);
	}
	
	
	//Sanitize the POST values EDITED (changed $_POST values and added $teamid)
	$fname = clean($_POST['f_name']);
	$lname = clean($_POST['s_name']);
	$uname = clean($_POST['u_name']);
	$email = clean($_POST['email']);
	$pass = clean($_POST['password']);
	$cpass = clean($_POST['cpassword']);
	$md5pass = MD5($pass);
	
	//Input Validations EDITED (added teamid validation)
	if($fname == '') {
		$errmsg_arr[] = '<div class="message error">The First Name Field is empty</div>';
		$errflag = true;
	}
	if($lname == '') {
		$errmsg_arr[] = '<div class="message error">The Last Name Field is empty</div>';
		$errflag = true;
	}
	if($uname == '') {
		$errmsg_arr[] = '<div class="message error">The Username Field is empty</div>';
		$errflag = true;
	}
	if($email == '') {
		$errmsg_arr[] = '<div class="message error">The Email Field is empty</div>';
		$errflag = true;
	}
	if($pass == '') {
		$errmsg_arr[] = '<div class="message error">The Password Field is empty</div>';
		$errflag = true;
	}
	if($cpass == '') {
		$errmsg_arr[] = '<div class="message error">The Confirm Password Field is empty</div>';
		$errflag = true;
	}
	if( strcmp($pass, $cpass) != 0 ) {
		$errmsg_arr[] = '<div class="message error">The Passwords do not match</div>';
		$errflag = true;
	}
	if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)){
			$errmsg_arr[] = '<div class="message error">Invalid email address</div>';
			$errflag = true;
	}
	if($uname != '') {
		$qry = "SELECT * FROM tbl_user WHERE u_name='$uname'";
		$result = mysql_query($qry);
		if($result) {
			if(mysql_num_rows($result) > 0) {
				$errmsg_arr[] = '<div class="message error">The Username has already been taken, please try another.</div>';
				$errflag = true;
			}
			@mysql_free_result($result);
		}
		else {
			die("Query failed");
		}
	}
	$todayDate = date("Y-m-d");
	$dateOneYearAdded = strtotime(date("Y-m-d", strtotime($todayDate)) . "+1 year");
	$renew = date('Y-m-d', $dateOneYearAdded);
	$activate = rand(100000, 999999);
	
	
	//If there are input validations, redirect back to the registration form 
		if($errflag) {
		$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
		session_write_close();
		header("location: register.php");
		exit();
	}

	//Create INSERT query EDITED (changed sql a lot almost re-wrote)
	$qry = "INSERT INTO tbl_user (f_name, s_name, u_name, last_login, password, email, renew, activate)
	  						VALUES('$fname','$lname','$uname', '$todayDate', '$md5pass', '$email', '$renew', '$activate')";
	$result = @mysql_query($qry);
	
	if(!is_dir("users/".$uname)) 
	mkdir("users/".$uname);
	mkdir("users/".$uname."/files");
	mkdir("users/".$uname."/qr");
	//Check whether the query was successful or not
	if($result) {
		header("location: activate.php");
		exit();
	}else {
		die("Query failed!");
	}
?>

and everything works fine locally but when the page is live it says "Query failed!"
I thought that it might be the database settings but i can login fine on the live site?

I am very confused. Any ideas would be very helpful, thanks

[codeprada]

Instead of if($result) in Line 81 you should actually use mysql_errno to determine whether or not there was a error in the query. I'm not seeing anything else atm...

This post has been edited by codeprada: 31 March 2011 - 12:08 PM

[nandureddy]

Check the DB settings ,
and for the require file, check the path of the config file.
Try using

require_once('/config.inc');

Where are you storing the Session Variables?
and on line 86, why did you use

 @mysql_free_result(); ? 

@mysql_free_result() will free all memory associated with the result identifier result.

This post has been edited by nandureddy: 31 March 2011 - 12:13 PM

[codeprada]

nandureddy, on 31 March 2011 - 03:11 PM, said:

Check the DB settings ,

Where are you storing the Session Variables?

and on line 86, why did you use

 @mysql_free_result(); ? 

mysql_connect returns FALSE if the database didn't connect which means

if(!$link) {
		die('Failed to connect to server: ' . mysql_error());
	}

would have killed the script. Therefore he wouldn't reach any further.

There is a call to session_start() at the top of the script. Storing SESSION variables isn't the issue here.

mysql_free_result() is used after he attempts to process the results so it will not affect any calculations or output.


Let's start over...Does the table exists on the database?

This post has been edited by codeprada: 31 March 2011 - 12:54 PM

[clarkeash]

Yes the table does exist otherwise login wouldn't work either, it just seems strange to me

[codeprada]

When you say login fine on the live site...do you mean this script is on your local computer and the database in another domain?

[clarkeash]

codeprada, on 31 March 2011 - 01:11 PM, said:

When you say login fine on the live site...do you mean this script is on your local computer and the database in another domain?

No, i have a full live copy, and a local copy.
The login works fine on both live and local, however this register page only works on the local page

all the live files and database are on the same domain