 Need Feedback On A Function |
|
|
|
|
  |
 Jun 19 2005, 09:38 PM
Post
#1
|
|
|
Super Member  Group: Members Posts: 362 Joined: 2-March 05 From: The Netherlands Member No.: 4,097  |
I'm working hard on a fully self-coded community (after tons of errors you get depressed i know...but i need to see what i can), so i need some feedback on a Function i made (wich is basically reguser.php), here it is:
CODE Function regresult($uname, $pword, $cword, $rname, $country, $day, $month, $year, $gender, $email, $email2){ Global $db; $datab="Users"; if(empty($uname or $pword or $rname or $country or $day or $month or $year or $gender or $email)){ exit("Please fill in every field."); } if($pword=!$cword){ exit("Your passwords do not match."); } if($email=!$email2){ exit("Your emails do not match."); } print "Have you inserted the correct information?<br>"; print "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" bgcolor=\"white\" width=\"400\" height=\"500\" align=\"center\" valign=\"top\">"; print "<tr><td align=\"left\">$uname<br>$pword<br>$rname<br>$country<br>$day-$month-$year<br>$gender<br>$email<br>"; print "<center><a href=\"home.php?module=regresult&answer=yes\">Yes</a> | <a href=\"home.php?module=regresult&answer=no\">No</a></td></tr></table>"; if($answer==yes){ $regtime=date(); $regqry=mysql_query("INSERT INTO Users (username,password,real_name,country,day,month,year,gender,email,registration ) VALUES('$uname','$pword','$rname','$country','$day','$month','$year','$gender','$email','$regtime')") or die("Problem occured when accessing database")"; $db->Execute($regqry); } if($answer==no){ print "<script language=\"javascript\">history.back()</script>"; }} I need to know if there's a problem with this script, any potential errors, maybe potential bugs..the security such as hashing and stripping will be inserted once this script is...approved...  )Thanks in advance.. [b]P.S. My god, the [code] tagging is depressing in this forum version...bit tougher to read.. 
|
 |
 
|
|
Jun 20 2005, 02:29 AM
Post
#2
|
|
|
Advanced Member Group: Members Posts: 117 Joined: 3-May 05 From: A Canadian South of the 49th Parallel Member No.: 6,544 |
QUOTE(HmmZ @ Jun 19 2005, 05:38 PM) CODE // [...] if($answer==yes){ // [...] } if($answer==no){ // [...] } // [...]  When comparing strings you should encapsulate them with single or double quotes, in this situation I would recommend single-quotes, as in: CODE // [...] if($answer=='yes'){ // [...] } if($answer=='no'){ // [...] } // [...] As far as the logic goes, well there are many different ways to do what you want, so yours may suite your needs.. And security? Well, I don't see much there, but you said you were gonna add that after so.. I hope that helps.. |
|
|
|
|
Similar Topics
|
Lo-Fi Version | Time is now: 22nd November 2008 - 06:03 PM |