Gaming PHP - Need more help

Waflix

Waflix

El Psy Congroo
OP
Member
Level 3
Joined
Dec 17, 2010
Messages
638
Trophies
1
XP
275
Country
Netherlands
(previous question)
(my site)
I'm still busy writing my site, and I've come at another problem. First the registration worked fine, but I've found a mistake.
After you've registered yourself, you will get a message "You've successfully been registered!". But when you reload the page, your account will be duplicated. After a little bit of thinking, I came to the conclusion that I use the wrong code to check if the username or e-mailadress already exists.

I've edited the code many times, with many solutions found at Google, but they just don't seem to work.
The code below fails because after pressing the 'register' button, the page is empty. (Click here to try registering, and see for yourself...)

CODE

ÂÂÂÂ
ÂÂÂÂÂÂÂÂBlanco [Martijn]
ÂÂÂÂÂÂÂÂ
ÂÂÂÂ
ÂÂÂÂ
ÂÂÂÂÂÂÂÂ
ÂÂÂÂÂÂÂÂÂÂÂÂ
ÂÂÂÂÂÂÂÂÂÂÂÂProject Blanco
ÂÂÂÂÂÂÂÂÂÂÂÂ

ÂÂÂÂÂÂÂÂÂÂÂÂRegister
ÂÂÂÂÂÂÂÂÂÂÂÂ
ÂÂÂÂÂÂÂÂÂÂÂÂ
 
tj_cool

tj_cool

Site dev
Supervisor
Level 12
Joined
Jan 7, 2009
Messages
10,064
Trophies
2
Location
This planet
XP
3,102
Country
Belgium
Maybe not the solution you're looking for, but you can put an unique constraint on your "name" column in the database. Then it'll error when trying to insert the same name again.

Other than that, you could add a new session variable "success" or something, and check whether success is already true (and if so, skip all the rest).
 
Cyan

Cyan

GBATemp's lurking knight
Former Staff
Level 25
Joined
Oct 27, 2002
Messages
23,749
Trophies
4
Age
45
Location
Engine room, learning
XP
15,649
Country
France
I think this is because when refreshing the page, you accept to send again the POST data. (the browser should ask you if you are sure to refresh the page because it will send the data again).
There is a way to prevent sending POST data after a refresh (used in forums for example, so you can refresh the forum page just after posting a message to see if other users posted after you).

CODE
Then include safepost.php at the top of your form page where you check if you have a POST data.
It will save the POST data in a SESSION string, reload the page without the POST "information" for the browser to ignore any refresh command later, put back the saved SESSION information in a POST and destroy the SESSION.


Then, like tj_cool said, you should automatically log the user and create a "currently logged" session when the user has correctly registered his new account, and check if the user is already logged before registering a new account again or even hide the registration form to logged users.
Same, you should check if the name is already present in the database to prevent duplicate usernames used by different persons.
 
Waflix

Waflix

El Psy Congroo
OP
Member
Level 3
Joined
Dec 17, 2010
Messages
638
Trophies
1
XP
275
Country
Netherlands
^ First, I thought this was the problem too. But after I looked at it again, I found out that if the query would be send again, it first must check if the data already exists. And if it does, the query won't be send.
The problem is really that it doesn't check if the username and e-mailadress already exists.
 

Site & Scene News

Go to forum More news

Popular threads in this forum

"New Windows driver blocks software from changing default web browser"

Windows users should try to be more open minded to try Linux

Does anyone still use Windows 7 as their daily OS?

Windows 11 might not update if you have these popular apps installed

Was there ever going to be new generations of SATA after SATA III?

Still no Windows 11 minimum requirements HELP

can't host parsec

Use Win10 system as Bluetooth Speaker without user input?

General chit-chat
Help Users
    Sicklyboy @ Sicklyboy: For example, one of my other favorite songs from them, with some massive house music influence - +1