I'm wanting to increment usernames in ONLY the lowercase a-z for example if a user enters "abc" it will automatically be given "abc1" and the next user if entering the same username will automatically be given "abc2", the next "abc3" and so on. I'm trying to establish a registration as simple as possible, meaning whatever username is inserted it will be accepted but with a different integer added to the end. With that system it would not matter if the username exists already because each similar username will have a different number, making the entire username unique. If the username does not already exits then the number 1 to be added. The base login and register script I'm using can be found on http://evolt.org/node/60265/ The database.php and register.php pages are below, but excluding the amendments I am seeking. I've been advised to create a MySQL database with 2 tables, 1 table named 'Users' with 3 columns named (1) 'userid' primary key, auto increment, (2) 'username' (3) 'password'. The other table is named 'UserCount' with 2 columns named (1) 'username' (2) 'count'. I've also been advised the above can be achieved in 1 table, which is preferred, so I'm open to suggestions.
Can someone provide the PHP coding for the following process? When a new user registers a new username firstly PHP to check the characters are in lowercase a-z only and no other characters, and delete any foreign characters if they do not match, then for PHP to check to see if that username exists in the 'UserCount' table. If it doesn't exist, PHP to insert the new username into the 'username' column and also set the value of the 'count' column to 1. If the username does exist, PHP to add that username to the 'username' column and increment the value of the 'count' column by 1. Then in the 'Users' table PHP to insert a record with 'Users.username = UserCount.usern ame + count' and PHP to inform the new user of their complete username including the integer that has been added to their first entered username. I also tend to think the search in the database should start at the bottom and find up, but stand to be corrected.
It would also help if I could be provided a link to a website on where I can better understand how to collate coding of this kind, coz I have tried to formulate this coding but as I'm playing around in the dark I have no idea if it is the right process in particular considering security factors.
database.php
register.php
Can someone provide the PHP coding for the following process? When a new user registers a new username firstly PHP to check the characters are in lowercase a-z only and no other characters, and delete any foreign characters if they do not match, then for PHP to check to see if that username exists in the 'UserCount' table. If it doesn't exist, PHP to insert the new username into the 'username' column and also set the value of the 'count' column to 1. If the username does exist, PHP to add that username to the 'username' column and increment the value of the 'count' column by 1. Then in the 'Users' table PHP to insert a record with 'Users.username = UserCount.usern ame + count' and PHP to inform the new user of their complete username including the integer that has been added to their first entered username. I also tend to think the search in the database should start at the bottom and find up, but stand to be corrected.
It would also help if I could be provided a link to a website on where I can better understand how to collate coding of this kind, coz I have tried to formulate this coding but as I'm playing around in the dark I have no idea if it is the right process in particular considering security factors.
database.php
Code:
<?php
/**
* Connect to the mysql database.
*/
$conn = mysql_connect("localhost", "your_username", "your_password") or die(mysql_error());
mysql_select_db('your_database', $conn) or die(mysql_error());
?>
Code:
<?php
session_start();
include("database.php");
/**
* Returns true if the username has been taken
* by another user, false otherwise.
*/
function usernameTaken($username){
global $conn;
if(!get_magic_quotes_gpc()){
$username = addslashes($username);
}
$q = "select username from Users where username = '$username'";
$result = mysql_query($q,$conn);
return (mysql_numrows($result) > 0);
}
/**
* Inserts the given (username, password) pair
* into the database. Returns true on success,
* false otherwise.
*/
function addNewUser($username, $password){
global $conn;
$q = "INSERT INTO Users VALUES ('$username', '$password')";
return mysql_query($q,$conn);
}
/**
* Displays the appropriate message to the user
* after the registration attempt. It displays a
* success or failure status depending on a
* session variable set during registration.
*/
function displayStatus(){
$uname = $_SESSION['reguname'];
if($_SESSION['regresult']){
?>
<h1>Registered!</h1>
<p>Thank you <b><?php echo $uname; ?></b>, your information has been added to the database, you may now <a href="main.php" title="Login">log in</a>.</p>
<?php
}
else{
?>
<h1>Registration Failed</h1>
<p>We're sorry, but an error has occurred and your registration for the username <b><?php echo $uname; ?></b>, could not be completed.<br>
Please try again at a later time.</p>
<?php
}
unset($_SESSION['reguname']);
unset($_SESSION['registered']);
unset($_SESSION['regresult']);
}
if(isset($_SESSION['registered'])){
/**
* This is the page that will be displayed after the
* registration has been attempted.
*/
?>
<html>
<title>Registration Page</title>
<body>
<?php displayStatus(); ?>
</body>
</html>
<?php
return;
}
/**
* Determines whether or not to show to sign-up form
* based on whether the form has been submitted, if it
* has, check the database for consistency and create
* the new account.
*/
if(isset($_POST['subjoin'])){
/* Make sure all fields were entered */
if(!$_POST['user'] || !$_POST['pass']){
die('You didn\'t fill in a required field.');
}
/* Spruce up username, check length */
$_POST['user'] = trim($_POST['user']);
if(strlen($_POST['user']) > 30){
die("Sorry, the username is longer than 30 characters, please shorten it.");
}
/* Check if username is already in use */
if(usernameTaken($_POST['user'])){
$use = $_POST['user'];
die("Sorry, the username: <strong>$use</strong> is already taken, please pick another one.");
}
/* Add the new account to the database */
$md5pass = md5($_POST['pass']);
$_SESSION['reguname'] = $_POST['user'];
$_SESSION['regresult'] = addNewUser($_POST['user'], $md5pass);
$_SESSION['registered'] = true;
echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}
else{
/**
* This is the page with the sign-up form, the names
* of the input fields are important and should not
* be changed.
*/
?>
<html>
<title>Registration Page</title>
<body>
<h1>Register</h1>
<form action="<?php echo $HTTP_SERVER_VARS['PHP_SELF']; ?>" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="subjoin" value="Join!"></td></tr>
</table>
</form>
</body>
</html>
<?php
}
?>
Comment