Hi guys, I am developing a registration form for a forum! I have written almost all the code and also have database table in place, but I am getting an error that unexpected end of file @ the last line of the code when I run it!
Can any one help me! Here’s the code:
<?PHP
session_start();
if (!(isset($_SESSION['login']) && $_SESSION['login'] != '')) {
header("Location: login.php");
} else {
$memberID = $_SESSION['memID'];
}
include forumHTML.php;
$uname = " ";
$pword = " ";
$email = " ";
$errorMessage = " ";
$num_rows = 0;
//ESCAPE DANGEROUS SQL CHARACTERS
function quote_smart($value, $handle) {
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}
if (!is_numeric($value)) {
$value = "'" . mysql_real_escape_string($value, $handle) . "'";
}
return $value;
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
//GET THE CHOSEN USERNAME, PASSWORD AND EMAIL
//AND CHECK FOR DANGEROUS CHARACTERS
$uname = $_POST['username'];
$pword = $_POST['password'];
$email = $_POST['email'];
$uname = htmlspecialchars($uname);
$pword = htmlspecialchars($pword);
$email = htmlspecialchars($email);
//CHECK TO SEE IF U AND P ARE IN CORRECT LENGTH
//AND EMAIL IS IN CORRECT FORMAT
//If no errors occur, then $errorMessage will be blank
$uLength = strlen($uname);
$pLength = strlent($pword);
if (isset($_POST['email'])) {
$email = $_POST['email'];
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errorMessage = "'";
} else {
$errorMessage = $errorMessage . "This is Invalid Email" . "<BR>";
}
if ($uLength >= 10 && $uLength <= 20) {
$errorMessage = "'";
} else {
$errorMessage = $errorMessage . "Username must be between 10 and 20 characters" . "<BR>";
}
if ($pLength >= 8 && $pLength <= 16) {
$errorMessage = "'";
} else {
$errorMessage = $errorMessage . "Password must be between 10 and 20 characters" . "<BR>";
}
//Write to the database
if ($errorMessage == "") {
$user_name = "root";
$pass_word = "";
$database = "dbforum";
$server = "127.0.0.1";
$db_handle = mysql_connect($server, $user_name, $pass_word);
$db_found = mysql_select_db($database, $db_handle);
if ($db_found) {
$uname = quote_smart($uname, $db_handle);
$pword = quote_smart($pword, $db_handle);
$email = quote_smart($email, $db_handle);
$SQL = "SELECT * FROM members WHERE username =$uname AND password =$pword AND email =$email";
$result = mysql_query($SQL);
if ($result) {
$num_rows = mysql_num_rows($result);
if ($num_rows > 0) {
$db_field = mysql_fetch_assoc($result);
$mem = $db_field['memberID'];
} else {
$insert = "INSERT INTO 'members'('username','password','email') VALUES ('.$uname.'
'.md5($pword).''.$email.')";
mysql_query($insert);
mysql_close($db_handle);
session_start();
$_SESSION['login'] = "1";
$_SESSION['memID'] = $mem;
header("Location: welcome.php");
}
} else {
$errorMessage = "Database Not Found";
}
}
}
?>
<html>
<head>
<title>Forum Registration Page</title>
</head>
<body>
<FORM NAME ="form1" METHOD ="POST" ACTION ="register.php">
Username: <INPUT TYPE = 'TEXT' Name ='username' value="<?PHP print $uname; ?>" maxlength="20">
Password: <INPUT TYPE = 'TEXT' Name ='password' value="<?PHP print md5($pword); ?>" maxlength="16">
Email: <INPUT TYPE = 'TEXT' Name ='email' value="<?PHP print $email ?>">
<P>
<INPUT TYPE = "Submit" Name = "Submit1" VALUE = "Register">
</FORM>
</P>
<?PHP print $errorMessage;?>
</body>
</html>