Prosím o radu nejde do formuláře zadat dikritiku
Napsal: 15 lis 2017 23:58
Zkouším vestavěný formulář na registraci ve verzi 12. Vše funguje jen když zadám do formuláře jméno s diakritikou tak mi to vyhodí zprávu : Uživatelské jméno není platné, zkontrolujte prosím a zkuste to znovu! pokud zadám jméno bez háčků a čárek tak vše funguje. Už jsem měnil všechny možné kódování CHARSET a nic. Formulář je zde na pracovním webu http://kod.anitte.cz/ a celý kód zde:
Kdyby jste někdo věděl jak na to byl bych hodně vděčný.
Díky
<?php
$mysql_server = '127.0.0.1';
$mysql_username = 'xxxx';
$mysql_password = 'xxxx';
$mysql_database = 'xxxx';
$mysql_table = 'xxx';
$success_page = '';
$activated_page = basename(__FILE__);
$error_message = "";
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['form_name']) && $_POST['form_name'] == 'signupform')
{
$newusername = $_POST['username'];
$newemail = $_POST['email'];
$newpassword = $_POST['password'];
$confirmpassword = $_POST['confirmpassword'];
$newfullname = $_POST['fullname'];
$website = $_SERVER['HTTP_HOST'];
$script = $_SERVER['SCRIPT_NAME'];
$timestamp = time();
$code = md5($website.$timestamp.rand(100000, 999999));
if ($newpassword != $confirmpassword)
{
$error_message = 'Password and Confirm Password are not the same!';
}
else
if (!preg_match("/^[A-Za-z0-9_!@$]{1,50}$/", $newusername))
{
$error_message = 'Username is not valid, please check and try again!';
}
else
if (!preg_match("/^[A-Za-z0-9_!@$]{1,50}$/", $newpassword))
{
$error_message = 'Password is not valid, please check and try again!';
}
else
if (!preg_match("/^[A-Za-z0-9_!@$.' &]{1,50}$/", $newfullname))
{
$error_message = 'Fullname is not valid, please check and try again!';
}
else
if (!preg_match("/^.+@.+\..+$/", $newemail))
{
$error_message = 'Email is not a valid email address. Please check and try again.';
}
if (empty($error_message))
{
$db = mysqli_connect($mysql_server, $mysql_username, $mysql_password);
if (!$db)
{
die('Failed to connect to database server!<br>'.mysqli_error($db));
}
mysqli_select_db($db, $mysql_database) or die('Failed to select database<br>'.mysqli_error($db));
mysqli_set_charset($db, 'utf8');
$sql = "SELECT username FROM ".$mysql_table." WHERE username = '".$newusername."'";
$result = mysqli_query($db, $sql);
if ($data = mysqli_fetch_array($result))
{
$error_message = 'Username already used. Please select another username.';
}
}
if (empty($error_message))
{
$crypt_pass = md5($newpassword);
$newusername = mysqli_real_escape_string($db, $newusername);
$newemail = mysqli_real_escape_string($db, $newemail);
$newfullname = mysqli_real_escape_string($db, $newfullname);
$sql = "INSERT `".$mysql_table."` (`username`, `password`, `fullname`, `email`, `active`, `code`) VALUES ('$newusername', '$crypt_pass', '$newfullname', '$newemail', 0, '$code')";
$result = mysqli_query($db, $sql);
mysqli_close($db);
$subject = 'Your new account';
$message = 'A new account has been setup.';
$message .= "\r\nUsername: ";
$message .= $newusername;
$message .= "\r\nPassword: ";
$message .= $newpassword;
$message .= "\r\n";
$message .= "\r\nhttp://".$website.$script."?user=".$newusername."&code=$code";
$header = "From: xxxx"."\r\n";
$header .= "Reply-To: xxxx"."\r\n";
$header .= "MIME-Version: 1.0"."\r\n";
$header .= "Content-Type: text/plain; charset=utf-8"."\r\n";
$header .= "Content-Transfer-Encoding: 8bit"."\r\n";
$header .= "X-Mailer: PHP v".phpversion();
mail($newemail, $subject, $message, $header);
header('Location: '.$success_page);
exit;
}
}
else
if (isset($_GET['code']) && isset($_GET['user']))
{
$db = mysqli_connect($mysql_server, $mysql_username, $mysql_password);
if (!$db)
{
die('Failed to connect to database server!<br>'.mysqli_error($db));
}
mysqli_select_db($db, $mysql_database) or die('Failed to select database<br>'.mysqli_error($db));
mysqli_set_charset($db, 'utf8');
$sql = "SELECT * FROM ".$mysql_table." WHERE username = '".$_GET['user']."' AND code = '".$_GET['code']."'";
$result = mysqli_query($db, $sql);
if ($data = mysqli_fetch_array($result))
{
$sql = "UPDATE `".$mysql_table."` SET `active` = 1 WHERE `username` = '".$_GET['user']."'";
mysqli_query($db, $sql);
}
else
{
die ('User not found!');
}
mysqli_close($db);
header("refresh:5;url=".$activated_page);
echo 'Your user account was succesfully activated. You\'ll be redirected in about 5 secs. If not, click <a href="'.$activated_page.'">here</a>.';
exit;
}
?>
<!doctype html>
<html lang="cs">
<head>
<meta charset="utf-8">
<title>Nepojmenovaná stránka</title>
<meta name="generator" content="WYSIWYG Web Builder 12 - http://www.wysiwygwebbuilder.com">
<link href="Nepojmenovaný1.css" rel="stylesheet">
<link href="index.css" rel="stylesheet">
</head>
<body>
<div id="container">
<div id="wb_Signup1" style="position:absolute;left:347px;top:63px;width:277px;height:396px;z-index:0;">
<form name="signupform" method="post" accept-charset="UTF-8" action="<?php echo basename(__FILE__); ?>" id="signupform">
<input type="hidden" name="form_name" value="signupform">
<table id="Signup1">
<tr>
<td class="header">Sign up for a new account</td>
</tr>
<tr>
<td class="label"><label for="fullname">Full Name</label></td>
</tr>
<tr>
<td class="row"><input class="input" name="fullname" type="text" id="fullname"></td>
</tr>
<tr>
<td class="label"><label for="username">User Name</label></td>
</tr>
<tr>
<td class="row"><input class="input" name="username" type="text" id="username"></td>
</tr>
<tr>
<td class="label"><label for="password">Password</label></td>
</tr>
<tr>
<td class="row"><input class="input" name="password" type="password" id="password"></td>
</tr>
<tr>
<td class="label"><label for="confirmpassword">Confirm Password</label></td>
</tr>
<tr>
<td class="row"><input class="input" name="confirmpassword" type="password" id="confirmpassword"></td>
</tr>
<tr>
<td class="label"><label for="email">E-mail</label></td>
</tr>
<tr>
<td class="row"><input class="input" name="email" type="text" id="email"></td>
</tr>
<tr>
<td><?php echo $error_message; ?></td>
</tr>
<tr>
<td style="text-align:center;vertical-align:bottom"><input class="button" type="submit" name="signup" value="Create User" id="signup"></td>
</tr>
</table>
</form>
</div>
</div>
</body>
</html>
Kdyby jste někdo věděl jak na to byl bych hodně vděčný.
Díky
<?php
$mysql_server = '127.0.0.1';
$mysql_username = 'xxxx';
$mysql_password = 'xxxx';
$mysql_database = 'xxxx';
$mysql_table = 'xxx';
$success_page = '';
$activated_page = basename(__FILE__);
$error_message = "";
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['form_name']) && $_POST['form_name'] == 'signupform')
{
$newusername = $_POST['username'];
$newemail = $_POST['email'];
$newpassword = $_POST['password'];
$confirmpassword = $_POST['confirmpassword'];
$newfullname = $_POST['fullname'];
$website = $_SERVER['HTTP_HOST'];
$script = $_SERVER['SCRIPT_NAME'];
$timestamp = time();
$code = md5($website.$timestamp.rand(100000, 999999));
if ($newpassword != $confirmpassword)
{
$error_message = 'Password and Confirm Password are not the same!';
}
else
if (!preg_match("/^[A-Za-z0-9_!@$]{1,50}$/", $newusername))
{
$error_message = 'Username is not valid, please check and try again!';
}
else
if (!preg_match("/^[A-Za-z0-9_!@$]{1,50}$/", $newpassword))
{
$error_message = 'Password is not valid, please check and try again!';
}
else
if (!preg_match("/^[A-Za-z0-9_!@$.' &]{1,50}$/", $newfullname))
{
$error_message = 'Fullname is not valid, please check and try again!';
}
else
if (!preg_match("/^.+@.+\..+$/", $newemail))
{
$error_message = 'Email is not a valid email address. Please check and try again.';
}
if (empty($error_message))
{
$db = mysqli_connect($mysql_server, $mysql_username, $mysql_password);
if (!$db)
{
die('Failed to connect to database server!<br>'.mysqli_error($db));
}
mysqli_select_db($db, $mysql_database) or die('Failed to select database<br>'.mysqli_error($db));
mysqli_set_charset($db, 'utf8');
$sql = "SELECT username FROM ".$mysql_table." WHERE username = '".$newusername."'";
$result = mysqli_query($db, $sql);
if ($data = mysqli_fetch_array($result))
{
$error_message = 'Username already used. Please select another username.';
}
}
if (empty($error_message))
{
$crypt_pass = md5($newpassword);
$newusername = mysqli_real_escape_string($db, $newusername);
$newemail = mysqli_real_escape_string($db, $newemail);
$newfullname = mysqli_real_escape_string($db, $newfullname);
$sql = "INSERT `".$mysql_table."` (`username`, `password`, `fullname`, `email`, `active`, `code`) VALUES ('$newusername', '$crypt_pass', '$newfullname', '$newemail', 0, '$code')";
$result = mysqli_query($db, $sql);
mysqli_close($db);
$subject = 'Your new account';
$message = 'A new account has been setup.';
$message .= "\r\nUsername: ";
$message .= $newusername;
$message .= "\r\nPassword: ";
$message .= $newpassword;
$message .= "\r\n";
$message .= "\r\nhttp://".$website.$script."?user=".$newusername."&code=$code";
$header = "From: xxxx"."\r\n";
$header .= "Reply-To: xxxx"."\r\n";
$header .= "MIME-Version: 1.0"."\r\n";
$header .= "Content-Type: text/plain; charset=utf-8"."\r\n";
$header .= "Content-Transfer-Encoding: 8bit"."\r\n";
$header .= "X-Mailer: PHP v".phpversion();
mail($newemail, $subject, $message, $header);
header('Location: '.$success_page);
exit;
}
}
else
if (isset($_GET['code']) && isset($_GET['user']))
{
$db = mysqli_connect($mysql_server, $mysql_username, $mysql_password);
if (!$db)
{
die('Failed to connect to database server!<br>'.mysqli_error($db));
}
mysqli_select_db($db, $mysql_database) or die('Failed to select database<br>'.mysqli_error($db));
mysqli_set_charset($db, 'utf8');
$sql = "SELECT * FROM ".$mysql_table." WHERE username = '".$_GET['user']."' AND code = '".$_GET['code']."'";
$result = mysqli_query($db, $sql);
if ($data = mysqli_fetch_array($result))
{
$sql = "UPDATE `".$mysql_table."` SET `active` = 1 WHERE `username` = '".$_GET['user']."'";
mysqli_query($db, $sql);
}
else
{
die ('User not found!');
}
mysqli_close($db);
header("refresh:5;url=".$activated_page);
echo 'Your user account was succesfully activated. You\'ll be redirected in about 5 secs. If not, click <a href="'.$activated_page.'">here</a>.';
exit;
}
?>
<!doctype html>
<html lang="cs">
<head>
<meta charset="utf-8">
<title>Nepojmenovaná stránka</title>
<meta name="generator" content="WYSIWYG Web Builder 12 - http://www.wysiwygwebbuilder.com">
<link href="Nepojmenovaný1.css" rel="stylesheet">
<link href="index.css" rel="stylesheet">
</head>
<body>
<div id="container">
<div id="wb_Signup1" style="position:absolute;left:347px;top:63px;width:277px;height:396px;z-index:0;">
<form name="signupform" method="post" accept-charset="UTF-8" action="<?php echo basename(__FILE__); ?>" id="signupform">
<input type="hidden" name="form_name" value="signupform">
<table id="Signup1">
<tr>
<td class="header">Sign up for a new account</td>
</tr>
<tr>
<td class="label"><label for="fullname">Full Name</label></td>
</tr>
<tr>
<td class="row"><input class="input" name="fullname" type="text" id="fullname"></td>
</tr>
<tr>
<td class="label"><label for="username">User Name</label></td>
</tr>
<tr>
<td class="row"><input class="input" name="username" type="text" id="username"></td>
</tr>
<tr>
<td class="label"><label for="password">Password</label></td>
</tr>
<tr>
<td class="row"><input class="input" name="password" type="password" id="password"></td>
</tr>
<tr>
<td class="label"><label for="confirmpassword">Confirm Password</label></td>
</tr>
<tr>
<td class="row"><input class="input" name="confirmpassword" type="password" id="confirmpassword"></td>
</tr>
<tr>
<td class="label"><label for="email">E-mail</label></td>
</tr>
<tr>
<td class="row"><input class="input" name="email" type="text" id="email"></td>
</tr>
<tr>
<td><?php echo $error_message; ?></td>
</tr>
<tr>
<td style="text-align:center;vertical-align:bottom"><input class="button" type="submit" name="signup" value="Create User" id="signup"></td>
</tr>
</table>
</form>
</div>
</div>
</body>
</html>