PHP - Need more help

Discussion in 'Computer Games and General Discussion' started by Waflix, Aug 5, 2011.

Aug 5, 2011

PHP - Need more help by Waflix at 11:06 AM (438 Views / 0 Likes) 3 replies

  1. Waflix
    OP

    Member Waflix El Psy Congroo

    Joined:
    Dec 17, 2010
    Messages:
    638
    Country:
    Netherlands
    (previous question)
    (my site)
    I'm still busy writing my site, and I've come at another problem. First the registration worked fine, but I've found a mistake.
    After you've registered yourself, you will get a message "You've successfully been registered!". But when you reload the page, your account will be duplicated. After a little bit of thinking, I came to the conclusion that I use the wrong code to check if the username or e-mailadress already exists.

    I've edited the code many times, with many solutions found at Google, but they just don't seem to work.
    The code below fails because after pressing the 'register' button, the page is empty. (Click here to try registering, and see for yourself...)

    reg.php
     
  2. tj_cool

    Supervisor tj_cool Stuff

    Joined:
    Jan 7, 2009
    Messages:
    9,942
    Location:
    This planet
    Country:
    Belgium
    Maybe not the solution you're looking for, but you can put an unique constraint on your "name" column in the database. Then it'll error when trying to insert the same name again.

    Other than that, you could add a new session variable "success" or something, and check whether success is already true (and if so, skip all the rest).
     
  3. Cyan

    Global Moderator Cyan GBATemp's lurking knight

    Joined:
    Oct 27, 2002
    Messages:
    16,412
    Location:
    Engine room, learning
    Country:
    France
    I think this is because when refreshing the page, you accept to send again the POST data. (the browser should ask you if you are sure to refresh the page because it will send the data again).
    There is a way to prevent sending POST data after a refresh (used in forums for example, so you can refresh the forum page just after posting a message to see if other users posted after you).

    safepost.php
    Then include safepost.php at the top of your form page where you check if you have a POST data.
    It will save the POST data in a SESSION string, reload the page without the POST "information" for the browser to ignore any refresh command later, put back the saved SESSION information in a POST and destroy the SESSION.


    Then, like tj_cool said, you should automatically log the user and create a "currently logged" session when the user has correctly registered his new account, and check if the user is already logged before registering a new account again or even hide the registration form to logged users.
    Same, you should check if the name is already present in the database to prevent duplicate usernames used by different persons.
     
  4. Waflix
    OP

    Member Waflix El Psy Congroo

    Joined:
    Dec 17, 2010
    Messages:
    638
    Country:
    Netherlands
    ^ First, I thought this was the problem too. But after I looked at it again, I found out that if the query would be send again, it first must check if the data already exists. And if it does, the query won't be send.
    The problem is really that it doesn't check if the username and e-mailadress already exists.
     

Share This Page