Page 1 of 1
Registration Form for a website
Posted: Sun Mar 28, 2004 10:31 am
by Pun
Hi guys. I've been busy with the site revamp for the ChicagoLAN website and have it so close to being done.
I copied some code over from the old site, but cant get it to work.
What I want to do is this-
When the person registering hits the submit button, I want it to email me with the data in the form, and also, if possible, save the info to an html page on my site (just the unformatted text is fine, it doesnt have to go into a fancy table or anything, I would prefer to enter those manually. that way the list stays clean). Could someone point me in the right direction on this? I'm working in dreamweaver and I'm able to creat the form fields and buttons and stuff. But I think I need some sort of CGI script to point the data to my email and to the html page.
Thanks in advance!
Posted: Sun Mar 28, 2004 11:13 am
by Tricord
Can your server run PHP? If yes, it's very easy.
Save this as mailer.php or any other file that ends in .php, and add/change the form and the variables to your needs.
Code: Select all
<?php
if ($action == "sendmail") {
//Send off mail to person
mail($mailto,$mailsubject,"Hello,
$from writes:
$descr
");
echo("URL info sent");
exit;
}
?>
<html><head><title>bla</title></head><body>
<form method=POST action=<? echo("$PHP_SELF?action=sendmail"); ?>>
<input type=hidden name=mailto value=tricord@pandora.be>
<input type=hidden name=mailsubject value="Someone posted something for ya">
<input type=text name=from> Your nickname<br>
<textarea rows=3 cols=40 name=notes>Please fill in your notes</textarea><br>
<input type=submit value=Send></form>
</body></html>
Posted: Sun Mar 28, 2004 11:21 am
by Defender
Posted: Sun Mar 28, 2004 2:32 pm
by Pun
Sorry for the inconvenience. I'm thinking now, after doing some testing, that it'd be more convenient for the form NOT to mail anything, just to have the data stored somewhere instead. It seems a bit cumbersome for the person registering to have thier mail client open up and stuff. I'd rather have them be able to hit "SUBMIT" and immediately get a "Thank you for registering" message. What is the easiest way to do this?
Oh, and yes, the server can handle PHP, MySQL, CGI, whatever.
Thanks!
Posted: Sun Mar 28, 2004 2:49 pm
by Nitrofox125
<FORM METHOD="POST" ACTION="thankyou.php">
<INPUT TYPE="TEXTBOX" NAME="realname"> Name<BR>
<INPUT TYPE="TEXTBOX" NAME="location"> Location<BR>
<INPUT TYPE="SUBMIT" NAME="submit" VALUE="Sign Up!">
</FORM>
^^^ the register page just needs to be an HTML page, no php
Thankyou.php contains something like this below
<?php
if($submit) {
$dbc=mysql_connect("localhost","username","password");
mysql_select_db("dbname");
$realname=$HTTP_POST_VARS['realname'];
$location=$HTTP_POST_VARS['location'];
$query="INSERT INTO tablename ('realname','location') VALUES('$realname','$location');";
mysql_query($query);
mysql_close($dbc):
}
else {
echo "OMG You need to go to the register page";
}
Something like that.
Posted: Sun Mar 28, 2004 3:57 pm
by DCrazy
A couple of changes to comply with current PHP coding standards:
Code: Select all
<?php
if($_POST['submit'] === 'Sign Up!') // Change that to whatever text is displayed on the button
{
$realname = trim($_POST['realname']);
$location = trim($_POST['location']);
if(empty($realname) || empty($location))
{
echo 'Missing fields.';
}
else if(preg_match('[^a-zA-Z0-9]', $realname . $location))
{
echo 'One or more fields contains invalid characters. Only letters and numbers are accepted.';
}
else
{
mysql_connect('localhost', 'username', 'password');
mysql_select_db('dbname');
$query = "INSERT INTO tablename ('realname','location') VALUES('$realname','$location')";
mysql_query($query);
echo 'Thank you for registering!';
}
}
else
{
header('Location: register_page.html');
}
Note that the above code makes sure that there are no characters other than letters (a-z or A-Z) and numbers (0-9) in any of the fields. This prevents SQL injection, which is where someone deliberately enters a SQL statement into a field in an attempt to compromise your server.
Posted: Mon Mar 29, 2004 2:39 pm
by Pun
can someone tell me what I'm doing wrong here?
Code: Select all
<html>
<head>
<title>thank you</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body><?php
if($_POST['submit'] === 'Sign Up') // Change that to whatever text is displayed on the button
{
$realname = trim($_POST['realname']);
$pilotname = trim($_POST['pilotname']);
$age = trim($_POST['age']);
$location = trim($_POST['location']);
if(empty($realname) || empty($pilotname) || empty($age) || empty($location))
{
echo 'Missing fields.';
}
else if(preg_match('[^a-zA-Z0-9]', $realname . $pilotname . $age . $location))
{
echo 'One or more fields contains invalid characters. Only letters and numbers are accepted.';
}
else
{
mysql_connect('localhost', 'username', 'password');
mysql_select_db('dbname');
$query = "INSERT INTO tablename ('realname','pilotname','age','location') VALUES('$realname','$pilotname','$age','$location')";
mysql_query($query);
echo 'Thank you for registering!';
}
}
else
{
header('Location: registertest.htm');
}
</body>
</html>
Code: Select all
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>ChicagoLAN 2004 Registration</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<FORM METHOD="POST" ACTION="thankyou.php">
<blockquote>
<blockquote>
<blockquote>
<blockquote>
<blockquote>
<blockquote>
<blockquote>
<p align="left">
<INPUT TYPE="TEXTBOX" NAME="realname">
Full Name</p>
<p align="left"><BR>
<INPUT TYPE="TEXTBOX" NAME="pilotname">
Pilot Name </p>
<p align="left"><BR>
<INPUT TYPE="TEXTBOX" NAME="age">
Age</p>
<p align="left"><BR>
<INPUT TYPE="TEXTBOX" NAME="location">
Location (City, State)</p>
<p align="left"><BR>
<INPUT TYPE="SUBMIT" NAME="submit" VALUE="Sign Up!">
</p>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</FORM>
</body>
</html>
Posted: Mon Mar 29, 2004 2:49 pm
by Pun
only thing that puzzles me is this
mysql_select_db('dbname');
do I have to actually create a database file for this in order to get it to work? if so, how?
you can look at the form here
www.d3chicago.com/registertest.htm
Posted: Mon Mar 29, 2004 3:35 pm
by DCrazy
On any MySQL server, you have at least one database. Tables are stored in this database. The one database that is necessary is the "mysql" database, which contains user permissions, etc. Normally you don't touch this database, but use commands like GRANT or CHANGE PASSWORD to change permissions/users/passwords. If you try to perform any database operations ("SELECT" etc.) without USEing the database in which the tables are stored, you will get an error, unless you explicitly declare the database name as well as table name every time. mysql_use_db('dbname') and mysql_query('USE dbname') perform the same function, except I believe that mysql_use_db() uses the MySQL API directly rather than issuing SQL commands, and thus is faster (though I very well could be wrong).
Just to illustrate, the following:
Code: Select all
mysql_use_db('dbname');
mysql_query('SELECT * from table WHERE id=12345');
Is the same as:
Code: Select all
mysql_query('USE dbname');
mysql_query('SELECT * from table WHERE id=12345');
Is the same as:
Code: Select all
mysql_query('SELECT * from dbname.table WHERE id=12345');
It's just more efficient to USE a table if you're going to perform multiple operations on it.
Posted: Mon Mar 29, 2004 3:44 pm
by Pun
What?
can you look at my code that I pasted above and tell me what's wrong?
Our web host can handle mysql, we have a phpbb board running good on it right now, but how do I find out what it's named?
Posted: Mon Mar 29, 2004 4:51 pm
by Pun
I think my problem here is that I lack a basic understanding of the mysql aspect. I understand that the concept is that the reg form submits the entered data to the server and it gets stored in a file (database?). That file then can be configured to output the stored data to a web page that can be viewed by having some commands in there. But, do I actually have to create a blank database and put it on the server?
Also, what's with the host, username, password entries. Is that the info from our web host that goes in there?
Posted: Mon Mar 29, 2004 6:23 pm
by DCrazy
Yes, you need to create a database. You also need to create a table in that database with four columns: realname, pilotname, age, and address. Then change "dbname" to the name of this new database, and "tablename" to the name of the table within that database.
Host is the name of the machine that runs MySQL (if it is the same as the machine running the webserver, use "localhost". "user" and "pass" are the username and password you use to connect to the MySQL server. All of this info can be obtained from your host.
Posted: Mon Mar 29, 2004 11:06 pm
by Instig8
The database is overkill unless you expect more than a few hundred registrants or your web server is clustered.
I say you scrap the database and utilize a data file on the server. You may have to adjust the permissions of the data file for this to work.
Code: Select all
if(!$fp = @fopen('data.txt', 'a+')) {
echo 'Error opening data file for writing.';
} else {
$newLine = sprintf("Realname: %s, Pilotname: %s, Age: %d, Location: %s\n",
trim(stripslashes($_POST['realname'])),
trim(stripslashes($_POST['pilotname'])),
trim(stripslashes($_POST['age'])),
trim(stripslashes($_POST['location']))
);
if(!$stat = @fwrite($fp, $newLine, strlen($newLine))) {
echo 'Error writing data.';
} else {
echo 'Thank you for filling out the form.';
}
@fclose($fp);
}
Also, the header 'Location:' output after the html is not a good idea and requires output buffering to be turned on.
Now a simple way to extract the data:
Code: Select all
if(!$pilotArray = @file('data.txt')) {
echo 'Error: Cannot open pilot data file.';
} else {
while(list(,$pilotInfo) = each($pilotArray)) {
printf("<br>%s\n", trim($pilotInfo));
}
}
Have fun.
Posted: Tue Mar 30, 2004 12:54 am
by Pun
Couple questions for ya, G8.
Here's what I did:
1.Created a blank php page. Stuck your code in there between the body tags. I called this file registertest2.php.
2.Edited my form page so that the action command looks like this:
<FORM METHOD="POST" ACTION="registertest2.php">
3.uploaded both to my web space in the same folder as the rest of the site.
4. Made a blank text doc called data.txt, uploaded that to the same directory as everything else.
When I try the form, it brings me to registertest2,php, and redisplays all the code. so I got to thinking, maybe I need the <?php tag in there to make it work. I put that in there after the <body> tag and your code. Now when I try the form in my browser, it brings me to registertest2.php, and the code is no longer displayed, but the entire page is blank. No "thank you for registering" or anything, just a vast white sea of nothingness.
Any ideas? I'm such a noob @ this dude. Please speak to me as if I was a 7 yr old.
Posted: Tue Mar 30, 2004 9:31 am
by Defender
Guess no one wanted to use mine eh?
Posted: Tue Mar 30, 2004 10:21 am
by KompresZor
Pun I tested this on my test server and it worked fine, this is G8's stuff, just in a little more detail
It's three files with their names in
bold You can fancy it up however you like.
reg.html
Code: Select all
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>ChicagoLan Registration</title>
</head>
<body>
<p>
<form action="process.php" method="post">
<input type="textbox" name="realname" />Real Name
<p>
<input type="textbox" name="pilotname" />Pilot Name
</p><p>
<input type="textbox" name="age" />Age
</p><p>
<input type="textbox" name="location" />Location
</p>
<button type="submit">Sign Up</button>
</form>
</p>
</body>
</html>
you don't need any html in this file.
Code: Select all
<?php
if(!$fp = @fopen('data.txt', 'a+')) {
echo 'Error opening data file for writing.';
} else {
$newLine = sprintf("Realname: %s, Pilotname: %s, Age: %d, Location: %s\n",
trim(stripslashes($_POST['realname'])),
trim(stripslashes($_POST['pilotname'])),
trim(stripslashes($_POST['age'])),
trim(stripslashes($_POST['location']))
);
if(!$stat = @fwrite($fp, $newLine, strlen($newLine))) {
echo 'Error writing data.';
} else {
echo 'Thank you for filling out the form.';
}
@fclose($fp);
}
?>
Code: Select all
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Pilot List</title>
</head>
<body>
<?php
if(!$pilotArray = @file('data.txt')) {
echo 'Error: Cannot open pilot data file.';
} else {
while(list(,$pilotInfo) = each($pilotArray)) {
printf("<br>%s\n", trim($pilotInfo));
}
}
?>
</body>
</html>
One thing, you should mke sure the server can write to the data.txt. I would set the chmod to 666 on the data.txt file. You can do that with a ftp prog if the server interface you use wont let you.
Posted: Tue Mar 30, 2004 11:01 am
by Pun
it works! it works! Thanks for all the help, guys!
Posted: Tue Mar 30, 2004 11:32 am
by Pun
Changed my mind about the emailing defender. We want to keep the data on the server instead. Thanks tho.