DUPLICATE THREAD ACCIDENT The code below is where my form goes to validate the information on it. I need to be sure that the form is completely filled along with unique email address and player name. Any help would be appriciated thank you <?php $dbserver = "xxxxxx"; $dblogin = "xxxxxx"; $dbpassword = "xxxxxxxx"; $dbname = "xxxxxxxx"; $pname=$_POST['pname']; $pword=$_POST['pword']; $email=$_POST['email']; $fname=$_POST['fname']; $lname=$_POST['lname']; $country=$_POST['country']; $referrals=$_POST['referrals']; //if no message entered and no playername entered print an error if (empty($pname)){ print "No Player Name was entered. <br>Please include your Requested in game Name.<br>"; } //if no password entered send print an error elseif (empty($pword)){ print "No password was entered.<br>Please include a password.<br>"; } //if no password entered send print an error elseif (empty($fname)){ print "No First Name was entered.<br>Please include your First Name.<br>"; } //if no password entered send print an error elseif (empty($lname)){ print "No Last Name was entered.<br>Please include your Last Name.<br>"; } //if no password entered send print an error elseif (empty($country)){ print "No Country was entered.<br>Please include Your Country.<br>"; } //if no email entered send print an error elseif (empty($email)){ print "No email address was entered.<br>Please include your email. <br>"; } //if the form has been completely filled out continue else { $con = mysql_connect("$dbserver","$dblogin","$dbpassword"); if (!$con) { die('Could not connect to the mySQL server please contact gangwars.mofiki.com technical support with the following information: ' . mysql_error()); } mysql_select_db("$dbname", $con); $result = mysql_query("SELECT pname FROM users WHERE pname = '$pname'"); $num_rows = mysql_num_rows($result); if ($num_rows > 0){echo "Username $pname exists please press back and try again";} $result = mysql_query("SELECT email FROM users WHERE email = '$email'"); $num_rows = mysql_num_rows($result); if ($num_rows > 0){echo "Email Address $pname has already been used please press back and try again";} $sql = mysql_query("INSERT INTO users (playerid, playername, password, email, firstname, lastname, country, referrals) VALUES ('','$_POST[pname]','$_POST[pword]','$_POST[email]','$_POST[fname]','$_POST[lname]','$_POST[country]','$_POST[referrals]')"); if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "Thank you for registering you will recieve an email at each phase of Gang Wars release"; mysql_close($con); } ?> Code (markup):
tips on PHP.net filter_var for validating email, numbers and more strlen for checking length (you also can use eregi, but that's more complicated) eregi for checking special chars Hope you'll find out how these functions work! and b.t.w stop adding $_POST['something'] to $something, you can work with $_POST and it's less memory intensive!! every bit helps!
Thank you i'll keep that in mind. I am a php noob and some of the tutorials that I have been going through tell me to save into a new variable to make it easier to work with. Although I understand how that is extra pointless steps.