Home : Products : DBMan SQL : Discussion :

Products: DBMan SQL: Discussion: Re: [TheStone] additional info on signup form (Items_users table): Edit Log

Here is the list of edits for this post
Re: [TheStone] additional info on signup form (Items_users table)
Thanks. I actually changed the message and found that the query wasn't performed. I added the field setups earlier in the subroutine, and that fixed the problem. Although, I have to "allow nulls" for each field, because if I didn't,the query would fail again if a field was blank. Thanks!

Heres the new full subroutine:

sub signup {
# --------------------------------------------------------
# Allows a user to sign up without admin approval. Must have $auth_signup = 1
# set. The user gets @default_permissions.
#
my $message;

# Check to make sure userid is ok, pw ok, and userid is unique.
unless ((length($in{'userid'}) >= 3) and (length($in{'userid'}) <= 12) and ($in{'userid'} =~ /^[a-zA-Z0-9]+$/)) {
$message = "Invalid userid: $in{'userid'}. Must only contain only letters and be less then 12 and greater then 3 characters.";
}
unless ((length($in{'pw'}) >= 3) and (length($in{'pw'}) <= 12)) {
$message = "Invalid pw: '$in{'pw'}'. Must be less then 12 and greater then 3 characters.";
}
unless ($in{'pw'} eq $in{'pw2'}) {
$message = "You must enter the same password twice";
}
if ($message) {
&html_signup_form($message);
return;
}
my @salt_chars = ('A' .. 'Z', 0 .. 9, 'a' .. 'z', '.', '/');
$in{'pw'} = crypt($in{'pw'}, join '', @salt_chars[rand 64, rand 64]);

my $username_q = $DBH->quote($in{'userid'});
my $password_q = $DBH->quote($in{'pw'});
my $user_real_name_q = $DBH->quote($in{'user_real_name'});
my $company_q = $DBH->quote($in{'company'});
my $company_url_q = $DBH->quote($in{'company_url'});
my $job_title_q = $DBH->quote($in{'job_title'});
my $user_address_q = $DBH->quote($in{'user_address'});
my $user_city_q = $DBH->quote($in{'user_city'});
my $user_state_q = $DBH->quote($in{'user_state'});
my $user_zip_q = $DBH->quote($in{'user_zip'});
my $user_phone_q = $DBH->quote($in{'user_phone'});
my $user_fax_q = $DBH->quote($in{'user_fax'});
my $user_email_q = $DBH->quote($in{'user_email'});


my $permission = join (",", @auth_signup_permissions);

$query = qq!
SELECT 1 FROM $db_table_user
WHERE username = $username_q
!;
my $sth = $DBH->prepare ($query) or &cgierr("Unable to query database. Reason: $DBI::errstr. Query: $query");
$sth->execute or &cgierr("Unable to query database. Reason: $DBI::errstr. Query: $query");
if ($sth->rows) {
$message = "Username $username_q already exists. Please try another.";
}
else {
$query = qq!
INSERT INTO $db_table_user (username, password, per_view, per_add, per_del, per_mod, per_admin, user_real_name, company, company_url, job_title, user_address, user_city, user_state, user_zip, user_phone, user_fax, user_email)
VALUES ($username_q, $password_q, $permission, $user_real_name_q, $company_q, $company_url_q, $job_title_q, $user_address_q, $user_city_q, $user_state_q, $user_zip_q, $user_phone_q, $user_fax_q, $user_email_q)

!;
$DBH->do ($query) or ($message = "Username $username_q too already exists. Please try another.");


}
$sth->finish;

$message ?
&html_signup_form ($message) :
&html_signup_success();
}



Last edited by:

Explosivo: Oct 12, 2001, 9:21 AM

Edit Log: