Alright, to expand my knowledge in PHP, i want to attempt to make a usersystem.

I am currently making a registration code, and I have the following:


<?php
//The Variables
$name = $_POST[name];
$password = $_POST[password];
$email - $_POST[email];
$age = $_POST[age];
$submit = $_POST[submit];

//The IFs
if($submit !=""){

if($name !=""){
echo "Whoops! You didn't enter a username. You need that if you want to login!";
}

elseif($password !=""){
echo "Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!";
}

elseif($email !=""){
echo "Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.";
}

elseif($age !=""){
echo "Whoops! You didn't enter your age. We need this to verify you are old enough to register!";
}

echo "Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br>
Email: $email<br>
Age: $age<br>
<br>
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.";
}

// The HTML
echo "<form action=\"register2.php\" method=\"post\">
Username: <input type=\"text\" name\"name\"><br>
Password: <input type=\"text\" name\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>";

?>

You can view the script here: www.roflhabbos.com/dev/register2.php
It shows me things I don't want it to, such as: " Whoops! You didn't enter your age. We need this to verify you are old enough to register!" when I did enter an age. It also doesnt show the variable I entered, it only shows what I entered for $age.

Any help?

Alright, to expand my knowledge in PHP, i want to attempt to make a usersystem.

I am currently making a registration code, and I have the following:


<?php
//The Variables
$name = $_POST[name];
$password = $_POST[password];
$email - $_POST[email];
$age = $_POST[age];
$submit = $_POST[submit];

//The IFs
if($submit !=""){

if($name !=""){
echo "Whoops! You didn't enter a username. You need that if you want to login!";
}

elseif($password !=""){
echo "Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!";
}

elseif($email !=""){
echo "Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.";
}

elseif($age !=""){
echo "Whoops! You didn't enter your age. We need this to verify you are old enough to register!";
}

echo "Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br>
Email: $email<br>
Age: $age<br>
<br>
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.";
}

// The HTML
echo "<form action=\"register2.php\" method=\"post\">
Username: <input type=\"text\" name\"name\"><br>
Password: <input type=\"text\" name\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>";

?>You can view the script here: www.roflhabbos.com/dev/register2.php (http://www.roflhabbos.com/dev/register2.php)
It shows me things I don't want it to, such as: " Whoops! You didn't enter your age. We need this to verify you are old enough to register!" when I did enter an age. It also doesnt show the variable I entered, it only shows what I entered for $age.

Any help?

!= is does not equal, you've got it so if it doesn't equal blank, then do it
you need == instead of !=

<?php
//The Variables
$name = $_POST["name"];
$password = $_POST["password"];
$email - $_POST["email"];
$age = $_POST["age"];
$submit = $_POST["submit"];

//The IFs
if ($submit != "")
{

if ($name == "")
{
echo "Whoops! You didn't enter a username. You need that if you want to login!";
}

elseif ($password == "")
{
echo "Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!";
}

elseif ($email == "")
{
echo "Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.";
}

elseif ($age == "")
{
echo "Whoops! You didn't enter your age. We need this to verify you are old enough to register!";
}

echo "Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br>
Email: $email<br>
Age: $age<br>
<br>
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.";
exit;
}

// The HTML
echo "<form action=\"register2.php\" method=\"post\">
Username: <input type=\"text\" name\"name\"><br>
Password: <input type=\"text\" name\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>";

?>


That should work?

<?php
//The Variables
$name = $_POST["name"];
$password = $_POST["password"];
$email - $_POST["email"];
$age = $_POST["age"];
$submit = $_POST["submit"];

//The IFs
if ($submit != "")
{

if ($name == "")
{
echo "Whoops! You didn't enter a username. You need that if you want to login!";
}

elseif ($password == "")
{
echo "Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!";
}

elseif ($email == "")
{
echo "Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.";
}

elseif ($age == "")
{
echo "Whoops! You didn't enter your age. We need this to verify you are old enough to register!";
}

echo "Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br>
Email: $email<br>
Age: $age<br>
<br>
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.";
exit;
}

// The HTML
echo "<form action=\"register2.php\" method=\"post\">
Username: <input type=\"text\" name\"name\"><br>
Password: <input type=\"text\" name\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>";

?>
That should work?



u have if ($submit != "")

Okay, I added that code but when I register I get the following:


Whoops! You didn't enter a username. You need that if you want to login!Heya, - Welcome to . The details you used to sign up are as follows:
Name:
Email:
Age: 14

If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.

As you can see, it still has that username error, as well as it doesnt show what the user inputted in the form, only the age displays it.

Wouldn't the error have something to do with the elseif's? I'm no expert but looking at the code then you're ignoring all fields except the age because it's the last one and the if ends there?

The age is an elseif too.

Yes, but the age is the last field. So it takes that one and outputs it.

How wopuld I make it so it outputs them all?

<?php
//The Variables
$name = $_POST["name"];
$password = $_POST["password"];
$email - $_POST["email"];
$age = $_POST["age"];
$submit = $_POST["submit"];

//The IFs
if ($submit != "")
{

if ($name == "")
{
echo "Whoops! You didn't enter a username. You need that if you want to login!";
exit;
}

if ($password == "")
{
echo "Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!";
exit;
}

if ($email == "")
{
echo "Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.";
exit;
}

if ($age == "")
{
echo "Whoops! You didn't enter your age. We need this to verify you are old enough to register!";
exit;
}

echo "Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br>
Email: $email<br>
Age: $age<br>
<br>
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.";
exit;
}

// The HTML
echo "<form action=\"register2.php\" method=\"post\">
Username: <input type=\"text\" name\"name\"><br>
Password: <input type=\"text\" name\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>";

?>

Removed the elseif's and added exits.

<?php
//The Variables
$name = $_POST["name"];
$password = $_POST["password"];
$email - $_POST["email"];
$age = $_POST["age"];
$submit = $_POST["submit"];

//The IFs
if ($submit != "")
{

if ($name == "")
{
die ("Whoops! You didn't enter a username. You need that if you want to login!");

}

if ($password == "")
{
die ("Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!");

}

if ($email == "")
{
die ("Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.");
}

if ($age == "")
{
die ("Whoops! You didn't enter your age. We need this to verify you are old enough to register!");
}

echo "Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br>
Email: $email<br>
Age: $age<br>
<br>
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.";
exit;
}

// The HTML
echo "<form action=\"register2.php\" method=\"post\">
Username: <input type=\"text\" name\"name\"><br>
Password: <input type=\"text\" name\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>";

?>

You should really clean input :S



function clean($tobecleaned)
{
$cleaned = strip_tags(addslashes(stripslashes(htmlspecialchar s($tobecleaned))));
return $cleaned;
}


then do

clean($_POST[variablename]);


instead of


$_POST[variablename];


:)

<?php
//The Variables
$name = $_POST["name"];
$password = $_POST["password"];
$email - $_POST["email"];
$age = $_POST["age"];
$submit = $_POST["submit"];

//The IFs
if ($submit != "")
{

if ($name == "")
{
die ("Whoops! You didn't enter a username. You need that if you want to login!");

}

if ($password == "")
{
die ("Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!");

}

if ($email == "")
{
die ("Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.");
}

if ($age == "")
{
die ("Whoops! You didn't enter your age. We need this to verify you are old enough to register!");
}

echo "Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br>
Email: $email<br>
Age: $age<br>
<br>
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.";
exit;
}

// The HTML
echo "<form action=\"register2.php\" method=\"post\">
Username: <input type=\"text\" name\"name\"><br>
Password: <input type=\"text\" name\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>";

?>

Ewww, don't use die. Just do an echo, then an exit.


You should really clean input :S



function clean($tobecleaned)
{
$cleaned = strip_tags(addslashes(stripslashes(htmlspecialchar s($tobecleaned))));
return $cleaned;
}
then do

clean($_POST[variablename]);
instead of


$_POST[variablename];
:)

Better clean function:



<?php

function clean($string)
{

$string = htmlspecialchars($string, ENT_QUOTES);

if (get_magic_quotes_gpc())
{

$string = stripslashes($string);

}

$string = str_replace("\"", "", $string);
$string = htmlentities($string);
$string = mysql_real_escape_string($string);

return $string;

}


?>

$string = str_replace("\"", "", $string);

is not just the same as stripslashes?

Lol, but use denta's is looks more complicated and probs better

<?php

//Clean function, comment out if not wanted.

function clean($this){
$this = strip_tags($this);
$this = htmlspecialchars($this, ENT_QUOTES);
$this = mysql_real_escape_string($this);
return $this;
}

if(isset($_POST['submit'])){

//The form was sent, let's do some stuff!

$name = clean($_POST['name']);
$password = clean($_POST['password']);
$email = clean($_POST['email']);
$age = clean($_POST['age']);

if (!isset($name))
{
echo "Whoops! You didn't enter a username. You need that if you want to login!";
exit;
}

if (!isset($password))
{
echo "Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!";
exit;
}

if (!isset($email)
{
echo "Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.";
exit;
}

if (!isset($age))
{
echo "Whoops! You didn't enter your age. We need this to verify you are old enough to register!";
exit;
}

echo("Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br />
Email: $email<br />
Age: $age<br />
<br />
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.
");

}else{

//The form hasn't yet been sent! Display it.

echo("<form action=\"register2.php\" method=\"post\">
Username: <input type=\"text\" name\"name\"><br>
Password: <input type=\"text\" name\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>
");

}

die();

?>
Fixed everything, used a clean function seen as them lot are raving about it ^^

!isset($age)

Anytime you submit a post..

$age = $_POST["age"];

Thats set, you need to check to see if it is blank, not set.

isset() is the same as blank?
PHP assumes if a variable is blank then it is not set.
I.e.


$this = "";
if(!isset($this)){ die('lolnosoz'); }
Correct me if I'm wrong.

Nope:



<?php

$bla = $_GET["hey"];
if (!isset($bla))
{
echo "Not set";
}
else
{
echo "Word: $bla";
}

?>

if you visit filename.php without putting the get, it is unset.

If you visit filename.php?hey it is set, but it is blank :) So it doesn't check to see if it is blank.

Er, that code won't work. Unless I'm mistaken, mysql_real_escape_string requires a connection to the database in order to execute.

it does, and certainly he will use a DB :)

So, wahts is the finished code - I've been having trouble with this.

Seen as it doesn't look like anyone else is going to post it:
Commented out mysql_real_escape_string because it only works if there's a database connection going on, didn't assume there was because there aren't any connections in the file. ;)


<?php

//Clean function, comment out if not wanted.

function clean($this){
//$this = mysql_real_escape_string($this);
$this = strip_tags($this);
$this = htmlspecialchars($this, ENT_QUOTES);
$this = stripslashes($this);
return $this;
}

if(isset($_POST['submit'])){

//The form was sent, let's do some stuff!

$name = clean($_POST['name']);
$password = clean($_POST['password']);
$email = clean($_POST['email']);
$age = clean($_POST['age']);

if ($name == "")
{
echo "Whoops! You didn't enter a username. You need that if you want to login!";
exit;
}

if ($password == "")
{
echo "Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!";
exit;
}

if ($email =="")
{
echo "Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.";
exit;
}

if ($age == "")
{
echo "Whoops! You didn't enter your age. We need this to verify you are old enough to register!";
exit;
}

echo("Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br />
Email: $email<br />
Age: $age<br />
<br />
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.
");

}else{

//The form hasn't yet been sent! Display it.

echo("<form action=\"register2.php\" method=\"post\">
Username: <input type=\"text\" name\"name\"><br>
Password: <input type=\"text\" name\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>
");

}

die();

?>

Complete code:



<?php

//Clean function, comment out if not wanted.

function clean($string)
{

$string = htmlspecialchars($string, ENT_QUOTES);

if (get_magic_quotes_gpc())
{

$string = stripslashes($string);

}

$string = str_replace("\"", "", $string);
$string = htmlentities($string);

/**
* If you want SQL injection protection uncomment the next line
*/

// $string = mysql_real_escape_string($string);

return $string;

}

if ($_GET["action"] == "submit")
{

//The form was sent, let's do some stuff!

$name = clean($_POST["name"]);
$password = clean($_POST["password"]);
$email = clean($_POST["email"]);
$age = clean($_POST["age"]);

if ($name == "")
{
echo "Whoops! You didn't enter a username. You need that if you want to login!";
exit;
}

if ($password == "")
{
echo "Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!";
exit;
}

if ($email == "")
{
echo "Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.";
exit;
}

if ($age == "")
{
echo "Whoops! You didn't enter your age. We need this to verify you are old enough to register!";
exit;
}

echo "Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br />
Email: $email<br />
Age: $age<br />
<br />
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.
";

exit;

}
//The form hasn't yet been sent! Display it.

echo ("<form action=\"register2.php\" method=\"post\">
Username: <input type=\"text\" name\"name\"><br>
Password: <input type=\"text\" name\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>
");

?>

When I use it, I enter everything and it tells me, " Whoops! You didn't enter a username. You need that if you want to login!".

<?php

//Clean function, comment out if not wanted.

function clean($string)
{

$string = htmlspecialchars($string, ENT_QUOTES);

if (get_magic_quotes_gpc())
{

$string = stripslashes($string);

}

$string = str_replace("\"", "", $string);
$string = htmlentities($string);

/**
* If you want SQL injection protection uncomment the next line
*/

// $string = mysql_real_escape_string($string);

return $string;

}

if ($_GET["action"] == "submit")
{

//The form was sent, let's do some stuff!

$name = clean($_POST["name"]);
$password = clean($_POST["password"]);
$email = clean($_POST["email"]);
$age = clean($_POST["age"]);

if ($name == "")
{
echo "Whoops! You didn't enter a username. You need that if you want to login!";
exit;
}

if ($password == "")
{
echo "Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!";
exit;
}

if ($email == "")
{
echo "Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.";
exit;
}

if ($age == "")
{
echo "Whoops! You didn't enter your age. We need this to verify you are old enough to register!";
exit;
}

echo "Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br />
Email: $email<br />
Age: $age<br />
<br />
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.
";

exit;

}
//The form hasn't yet been sent! Display it.

echo ("<form action=\"register2.php\" method=\"post\">
Username: <input type=\"text\" name=\"name\"><br>
Password: <input type=\"text\" name\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>
");

?>

Now, when I regsiter a new page doesn't show up, all that happens is the form comes up again.

<?php

//Clean function, comment out if not wanted.

function clean($string)
{

$string = htmlspecialchars($string, ENT_QUOTES);

if (get_magic_quotes_gpc())
{

$string = stripslashes($string);

}

$string = str_replace("\"", "", $string);
$string = htmlentities($string);

/**
* If you want SQL injection protection uncomment the next line
*/

// $string = mysql_real_escape_string($string);

return $string;

}

if ($_GET["action"] == "submit")
{

//The form was sent, let's do some stuff!

$name = clean($_POST["name"]);
$password = clean($_POST["password"]);
$email = clean($_POST["email"]);
$age = clean($_POST["age"]);

if ($name == "")
{
echo "Whoops! You didn't enter a username. You need that if you want to login!";
exit;
}

if ($password == "")
{
echo "Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!";
exit;
}

if ($email == "")
{
echo "Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.";
exit;
}

if ($age == "")
{
echo "Whoops! You didn't enter your age. We need this to verify you are old enough to register!";
exit;
}

echo "Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br />
Email: $email<br />
Age: $age<br />
<br />
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.
";

exit;

}
//The form hasn't yet been sent! Display it.

echo ("<form action=\"?action=submit\" method=\"post\">
Username: <input type=\"text\" name=\"name\"><br>
Password: <input type=\"text\" name\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>
");

?>

Now it says "Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!".

This is just plain silly. The file he has posted has NO database stuff whatsoever, so why do you need a cleaning function? If it's just displaying HTML then all you need is something like htmlentites & stripslashes :\

Okay, what is the point of the register script if he isn't going to register someone?

He is making a user system.. he is going to end up inserting it somewhere.. best to have a clean function :\

Could be flatfile, if so, most of the cleaning function is unneeded :P

I am pretty sure he wouldn't make a usersystem using flatfile, very unsafe.

Yes, it's going to have a database. Does anybody know the problem?

<?php

//Clean function, comment out if not wanted.

function clean($string)
{

$string = htmlspecialchars($string, ENT_QUOTES);

if (get_magic_quotes_gpc())
{

$string = stripslashes($string);

}

$string = str_replace("\"", "", $string);
$string = htmlentities($string);

/**
* If you want SQL injection protection uncomment the next line
*/

// $string = mysql_real_escape_string($string);

return $string;

}

if ($_GET["action"] == "submit")
{

//The form was sent, let's do some stuff!

$name = clean($_POST["name"]);
$password = clean($_POST["password"]);
$email = clean($_POST["email"]);
$age = clean($_POST["age"]);

if ($name == "")
{
echo "Whoops! You didn't enter a username. You need that if you want to login!";
exit;
}

if ($password == "")
{
echo "Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!";
exit;
}

if ($email == "")
{
echo "Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.";
exit;
}

if ($age == "")
{
echo "Whoops! You didn't enter your age. We need this to verify you are old enough to register!";
exit;
}

echo "Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br />
Email: $email<br />
Age: $age<br />
<br />
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.
";

exit;

}
//The form hasn't yet been sent! Display it.

echo ("<form action=\"?action=submit\" method=\"post\">
Username: <input type=\"text\" name=\"name\"><br>
Password: <input type=\"text\" name=\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>
");

?>

Thank you Caleb!! <3

Just a quick suggestion but instead of using if submit statements I usually put a hidden text field with a set value that way I know if the form has actually been submitted.

Form:

<form>
<input type="hidden" name="submitted" valued="yup">
</form>

Process:

<?php
if($_POST['submitted'] == "yup"){
//Put your form processing code here....
}
?>

Hope that helps :)

Okay, i'll try that after I finish the next code. I'm starting an install script, and I get the following error:
Parse error: syntax error, unexpected $end in /home/anthony/public_html/dev/install.php on line 100


<?php

//Clean function, comment out if not wanted.

function clean($string)
{

$string = htmlspecialchars($string, ENT_QUOTES);

if (get_magic_quotes_gpc())
{

$string = stripslashes($string);

}

$string = str_replace("\"", "", $string);
$string = htmlentities($string);

/**
* If you want SQL injection protection uncomment the next line
*/

// $string = mysql_real_escape_string($string);

return $string;

}

if ($_GET["action"] == "install")
echo "Heya";
{

if ($_GET["action"] == "submit")
{

//The form was sent, let's do some stuff!

$name = clean($_POST["name"]);
$password = clean($_POST["password"]);
$email = clean($_POST["email"]);
$age = clean($_POST["age"]);

if ($name == "")
{
echo "Whoops! You didn't enter a username. You need that if you want to login!";
exit;
}

if ($password == "")
{
echo "Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!";
exit;
}

if ($email == "")
{
echo "Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.";
exit;
}

if ($age == "")
{
echo "Whoops! You didn't enter your age. We need this to verify you are old enough to register!";
exit;
}

echo "Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br />
Email: $email<br />
Age: $age<br />
<br />
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.<br>
<input type=\"submit\" name=\"install\" value=\"Installer\">";

exit;

}
//The form hasn't yet been sent! Display it.

echo ("<form action=\"?action=submit\" method=\"post\">
Username: <input type=\"text\" name=\"name\"><br>
Password: <input type=\"text\" name=\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>
");

?>

Anybody know the problem?

<?php

//Clean function, comment out if not wanted.

function clean($string)
{

$string = htmlspecialchars($string, ENT_QUOTES);

if (get_magic_quotes_gpc())
{

$string = stripslashes($string);

}

$string = str_replace("\"", "", $string);
$string = htmlentities($string);

/**
* If you want SQL injection protection uncomment the next line
*/

// $string = mysql_real_escape_string($string);

return $string;

}

if ($_GET["action"] == "install")
echo "Heya";
}

if ($_GET["action"] == "submit")
{

//The form was sent, let's do some stuff!

$name = clean($_POST["name"]);
$password = clean($_POST["password"]);
$email = clean($_POST["email"]);
$age = clean($_POST["age"]);

if ($name == "")
{
echo "Whoops! You didn't enter a username. You need that if you want to login!";
exit;
}

if ($password == "")
{
echo "Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!";
exit;
}

if ($email == "")
{
echo "Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.";
exit;
}

if ($age == "")
{
echo "Whoops! You didn't enter your age. We need this to verify you are old enough to register!";
exit;
}

echo "Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br />
Email: $email<br />
Age: $age<br />
<br />
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.<br>
<input type=\"submit\" name=\"install\" value=\"Installer\">";

exit;

}
//The form hasn't yet been sent! Display it.

echo ("<form action=\"?action=submit\" method=\"post\">
Username: <input type=\"text\" name=\"name\"><br>
Password: <input type=\"text\" name=\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>
");

?>

Yeah, why do you have?



if ($_GET["action"] == "install")
echo "Heya";
}

You need the bracket before the echo that opens it


if($variable == "statement/string") { // Curly bracket

// information here

} // end bracket


Simon, that still produces an error:
http://i17.tinypic.com/6utvi8m.png

I never saw that :p



<?php

//Clean function, comment out if not wanted.

function clean($string)
{

$string = htmlspecialchars($string, ENT_QUOTES);

if (get_magic_quotes_gpc())
{

$string = stripslashes($string);

}

$string = str_replace("\"", "", $string);
$string = htmlentities($string);

/**
* If you want SQL injection protection uncomment the next line
*/

// $string = mysql_real_escape_string($string);

return $string;

}

if ($_GET["action"] == "install")
{
echo "Heya";
}

if ($_GET["action"] == "submit")
{

//The form was sent, let's do some stuff!

$name = clean($_POST["name"]);
$password = clean($_POST["password"]);
$email = clean($_POST["email"]);
$age = clean($_POST["age"]);

if ($name == "")
{
echo "Whoops! You didn't enter a username. You need that if you want to login!";
exit;
}

if ($password == "")
{
echo "Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!";
exit;
}

if ($email == "")
{
echo "Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.";
exit;
}

if ($age == "")
{
echo "Whoops! You didn't enter your age. We need this to verify you are old enough to register!";
exit;
}

echo "Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br />
Email: $email<br />
Age: $age<br />
<br />
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.<br>
<input type=\"submit\" name=\"install\" value=\"Installer\">";

exit;

}
//The form hasn't yet been sent! Display it.

echo ("<form action=\"?action=submit\" method=\"post\">
Username: <input type=\"text\" name=\"name\"><br>
Password: <input type=\"text\" name=\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>
");

?>

</span>

Okay, when you finish entering your details and they're corect, when you click the 'installer' button it doesnt go anywhere.

EDIT: Nevermind, I figured that out. :)