Registration Form for a website

[Pun]

Hi guys. I've been busy with the site revamp for the ChicagoLAN website and have it so close to being done.

I copied some code over from the old site, but cant get it to work.

What I want to do is this-

When the person registering hits the submit button, I want it to email me with the data in the form, and also, if possible, save the info to an html page on my site (just the unformatted text is fine, it doesnt have to go into a fancy table or anything, I would prefer to enter those manually. that way the list stays clean). Could someone point me in the right direction on this? I'm working in dreamweaver and I'm able to creat the form fields and buttons and stuff. But I think I need some sort of CGI script to point the data to my email and to the html page.

Thanks in advance!

[Tricord]

Can your server run PHP? If yes, it's very easy.
Save this as mailer.php or any other file that ends in .php, and add/change the form and the variables to your needs.

Code: Select all

<?php
if ($action == "sendmail") {
  //Send off mail to person
  mail($mailto,$mailsubject,"Hello,

$from writes:
$descr
");
echo("URL info sent");
exit;
}
?>

<html><head><title>bla</title></head><body>

<form method=POST action=<? echo("$PHP_SELF?action=sendmail"); ?>>
<input type=hidden name=mailto value=tricord@pandora.be>
<input type=hidden name=mailsubject value="Someone posted something for ya">
<input type=text name=from> Your nickname<br>
<textarea rows=3 cols=40 name=notes>Please fill in your notes</textarea><br>
<input type=submit value=Send></form>

</body></html>

[Defender]

http://www.hotscripts.com/Detailed/13730.html

[Pun]

Sorry for the inconvenience. I'm thinking now, after doing some testing, that it'd be more convenient for the form NOT to mail anything, just to have the data stored somewhere instead. It seems a bit cumbersome for the person registering to have thier mail client open up and stuff. I'd rather have them be able to hit "SUBMIT" and immediately get a "Thank you for registering" message. What is the easiest way to do this?

Oh, and yes, the server can handle PHP, MySQL, CGI, whatever.

Thanks!

[Nitrofox125]

<FORM METHOD="POST" ACTION="thankyou.php">
<INPUT TYPE="TEXTBOX" NAME="realname"> Name<BR>
<INPUT TYPE="TEXTBOX" NAME="location"> Location<BR>
<INPUT TYPE="SUBMIT" NAME="submit" VALUE="Sign Up!">
</FORM>

^^^ the register page just needs to be an HTML page, no php

Thankyou.php contains something like this below

<?php
if($submit) {
$dbc=mysql_connect("localhost","username","password");
mysql_select_db("dbname");
$realname=$HTTP_POST_VARS['realname'];
$location=$HTTP_POST_VARS['location'];
$query="INSERT INTO tablename ('realname','location') VALUES('$realname','$location');";
mysql_query($query);
mysql_close($dbc):
}
else {
echo "OMG You need to go to the register page";
}

Something like that.

[DCrazy]

A couple of changes to comply with current PHP coding standards:

Code: Select all

<?php
if($_POST['submit'] === 'Sign Up!') // Change that to whatever text is displayed on the button
{
  $realname = trim($_POST['realname']);
  $location = trim($_POST['location']);
  if(empty($realname) || empty($location))
  {
    echo 'Missing fields.';
  }
  else if(preg_match('[^a-zA-Z0-9]', $realname . $location))
  {
    echo 'One or more fields contains invalid characters.  Only letters and numbers are accepted.';
  }
  else
  {
    mysql_connect('localhost', 'username', 'password');
    mysql_select_db('dbname');
    $query = "INSERT INTO tablename ('realname','location') VALUES('$realname','$location')";
    mysql_query($query);
    echo 'Thank you for registering!';
  }
}
else
{
  header('Location: register_page.html');
}

Note that the above code makes sure that there are no characters other than letters (a-z or A-Z) and numbers (0-9) in any of the fields. This prevents SQL injection, which is where someone deliberately enters a SQL statement into a field in an attempt to compromise your server.

[Pun]

can someone tell me what I'm doing wrong here?

Code: Select all

<html>
<head>
<title>thank you</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body><?php

if($_POST['submit'] === 'Sign Up') // Change that to whatever text is displayed on the button

{

  $realname = trim($_POST['realname']);
  
  $pilotname = trim($_POST['pilotname']);
  
  $age = trim($_POST['age']);

  $location = trim($_POST['location']);

  if(empty($realname) || empty($pilotname) || empty($age) || empty($location))

  {

    echo 'Missing fields.';

  }

  else if(preg_match('[^a-zA-Z0-9]', $realname . $pilotname . $age . $location))

  {

    echo 'One or more fields contains invalid characters.  Only letters and numbers are accepted.';

  }

  else

  {

    mysql_connect('localhost', 'username', 'password');

    mysql_select_db('dbname');

    $query = "INSERT INTO tablename ('realname','pilotname','age','location') VALUES('$realname','$pilotname','$age','$location')";

    mysql_query($query);

    echo 'Thank you for registering!';

  }

}

else

{

  header('Location: registertest.htm');

}


</body>
</html>

Code: Select all

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>ChicagoLAN 2004 Registration</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<FORM METHOD="POST" ACTION="thankyou.php">
  <blockquote> 
    <blockquote> 
      <blockquote> 
        <blockquote> 
          <blockquote> 
            <blockquote> 
              <blockquote>
                <p align="left"> 
                  <INPUT TYPE="TEXTBOX" NAME="realname">
                  Full Name</p>
                <p align="left"><BR>
                  <INPUT TYPE="TEXTBOX" NAME="pilotname">
                  Pilot Name </p>
                <p align="left"><BR>
                  <INPUT TYPE="TEXTBOX" NAME="age">
                  Age</p>
                <p align="left"><BR>
                  <INPUT TYPE="TEXTBOX" NAME="location">
                  Location (City, State)</p>
                <p align="left"><BR>
                  <INPUT TYPE="SUBMIT" NAME="submit" VALUE="Sign Up!">
                </p>
              </blockquote>
            </blockquote>
          </blockquote>
        </blockquote>
      </blockquote>
    </blockquote>
  </blockquote>
</FORM> 
</body>
</html>

[Pun]

only thing that puzzles me is this

mysql_select_db('dbname');

do I have to actually create a database file for this in order to get it to work? if so, how?

you can look at the form here www.d3chicago.com/registertest.htm

[DCrazy]

On any MySQL server, you have at least one database. Tables are stored in this database. The one database that is necessary is the "mysql" database, which contains user permissions, etc. Normally you don't touch this database, but use commands like GRANT or CHANGE PASSWORD to change permissions/users/passwords. If you try to perform any database operations ("SELECT" etc.) without USEing the database in which the tables are stored, you will get an error, unless you explicitly declare the database name as well as table name every time. mysql_use_db('dbname') and mysql_query('USE dbname') perform the same function, except I believe that mysql_use_db() uses the MySQL API directly rather than issuing SQL commands, and thus is faster (though I very well could be wrong).

Just to illustrate, the following:

Code: Select all

mysql_use_db('dbname');
mysql_query('SELECT * from table WHERE id=12345');

Is the same as:

Code: Select all

mysql_query('USE dbname');
mysql_query('SELECT * from table WHERE id=12345');

Is the same as:

Code: Select all

mysql_query('SELECT * from dbname.table WHERE id=12345');

It's just more efficient to USE a table if you're going to perform multiple operations on it.

[Pun]

What?

can you look at my code that I pasted above and tell me what's wrong?

Our web host can handle mysql, we have a phpbb board running good on it right now, but how do I find out what it's named?

[Pun]

I think my problem here is that I lack a basic understanding of the mysql aspect. I understand that the concept is that the reg form submits the entered data to the server and it gets stored in a file (database?). That file then can be configured to output the stored data to a web page that can be viewed by having some commands in there. But, do I actually have to create a blank database and put it on the server?

Also, what's with the host, username, password entries. Is that the info from our web host that goes in there?

[DCrazy]

Yes, you need to create a database. You also need to create a table in that database with four columns: realname, pilotname, age, and address. Then change "dbname" to the name of this new database, and "tablename" to the name of the table within that database.

Host is the name of the machine that runs MySQL (if it is the same as the machine running the webserver, use "localhost". "user" and "pass" are the username and password you use to connect to the MySQL server. All of this info can be obtained from your host.

[Instig8]

The database is overkill unless you expect more than a few hundred registrants or your web server is clustered.

I say you scrap the database and utilize a data file on the server. You may have to adjust the permissions of the data file for this to work.

Code: Select all

if(!$fp = @fopen('data.txt', 'a+')) {
	echo 'Error opening data file for writing.';
} else {

	$newLine = sprintf("Realname: %s, Pilotname: %s, Age: %d, Location: %s\n",
		trim(stripslashes($_POST['realname'])),
		trim(stripslashes($_POST['pilotname'])),
		trim(stripslashes($_POST['age'])),
		trim(stripslashes($_POST['location']))
		);
	if(!$stat = @fwrite($fp, $newLine, strlen($newLine))) {
		echo 'Error writing data.';
	} else {
		echo 'Thank you for filling out the form.';
	}
	@fclose($fp);
}

Also, the header 'Location:' output after the html is not a good idea and requires output buffering to be turned on.

Now a simple way to extract the data:

Code: Select all

if(!$pilotArray = @file('data.txt')) {
	echo 'Error: Cannot open pilot data file.';
} else {
	while(list(,$pilotInfo) = each($pilotArray)) {
		printf("<br>%s\n", trim($pilotInfo));
	}
}

Have fun.

[Pun]

Couple questions for ya, G8.

Here's what I did:

1.Created a blank php page. Stuck your code in there between the body tags. I called this file registertest2.php.

2.Edited my form page so that the action command looks like this:

<FORM METHOD="POST" ACTION="registertest2.php">

3.uploaded both to my web space in the same folder as the rest of the site.

4. Made a blank text doc called data.txt, uploaded that to the same directory as everything else.

When I try the form, it brings me to registertest2,php, and redisplays all the code. so I got to thinking, maybe I need the <?php tag in there to make it work. I put that in there after the <body> tag and your code. Now when I try the form in my browser, it brings me to registertest2.php, and the code is no longer displayed, but the entire page is blank. No "thank you for registering" or anything, just a vast white sea of nothingness.

Any ideas? I'm such a noob @ this dude. Please speak to me as if I was a 7 yr old.

[Defender]

Guess no one wanted to use mine eh?

[KompresZor]

Pun I tested this on my test server and it worked fine, this is G8's stuff, just in a little more detail It's three files with their names in bold You can fancy it up however you like.

reg.html

Code: Select all

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>
<head>
<title>ChicagoLan Registration</title>
</head>
<body>
<p>
<form action="process.php" method="post">
<input type="textbox" name="realname" />Real Name
<p>
<input type="textbox" name="pilotname" />Pilot Name
</p><p>
<input type="textbox" name="age" />Age
</p><p>
<input type="textbox" name="location" />Location
</p>
<button type="submit">Sign Up</button>
</form>
</p>
</body>
</html>

process.php you don't need any html in this file.

Code: Select all

<?php
 if(!$fp = @fopen('data.txt', 'a+')) {


   echo 'Error opening data file for writing.';


} else {





   $newLine = sprintf("Realname: %s, Pilotname: %s, Age: %d, Location: %s\n",


      trim(stripslashes($_POST['realname'])),


      trim(stripslashes($_POST['pilotname'])),


      trim(stripslashes($_POST['age'])),


      trim(stripslashes($_POST['location']))


      );


   if(!$stat = @fwrite($fp, $newLine, strlen($newLine))) {


      echo 'Error writing data.';


   } else {


      echo 'Thank you for filling out the form.';


   }


   @fclose($fp);


} 
?>

list.php

Code: Select all

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>
<head>
<title>Pilot List</title>
</head>
<body>
<?php
if(!$pilotArray = @file('data.txt')) {


   echo 'Error: Cannot open pilot data file.';


} else {


   while(list(,$pilotInfo) = each($pilotArray)) {


      printf("<br>%s\n", trim($pilotInfo));


   }


}
?>

</body>
</html>

One thing, you should mke sure the server can write to the data.txt. I would set the chmod to 666 on the data.txt file. You can do that with a ftp prog if the server interface you use wont let you.

[Pun]

it works! it works! Thanks for all the help, guys!

[Pun]

Changed my mind about the emailing defender. We want to keep the data on the server instead. Thanks tho.