php - Writing to a text file if username doesn't exist -
i'm having issue on writing registration form .txt file if username exist. @ moment, don't want write out file if username exist in user.txt , print out false , if doesn't exist, continue , write out user.txt file.
<?php if($_post['submit']) { $usernameexist = $_post['usernameexist']; $username = $_post['username']; $password = $_post['password']; $firstname = $_post['firstname']; $lastname = $_post['lastname']; $dob = $_post['dob']; $gender = $_post['gender']; $email = $_post['email']; $address = $_post['address']; $membership = $_post['membership']; $creditcard = $_post['creditcard']; $cardexpiry = $_post['cardexpiry']; $duration = $_post['duration']; $name = "/^[a-za-z]+$/"; $emailaddress = "/^\w+([\.-]?\w+)*@\w+([\.-]?\w+)*(\.\w{2,3})+$/"; $male_status = 'unchecked'; $female_status = 'unchecked'; // server side form validation using php. // validate username field if empty or not. if (empty($username)){ $err_username = 'please enter username.'; }else{ // load file , check if username exist $filename = 'user.txt'; if (file_exists($filename)){ $fp = fopen ('user.txt', 'r'); while ($line = fgetcsv($fp,100,",")) { if ( ($line[0] == $_post['username']) ) { $usernameexist = "username exist!"; $err_usernameexist = $usernameexist; } } fclose ($fp); } else{ echo '<p> file not exist! </p>'; } //$val_username = $username; } // validate password field if empty or not. if (empty($password)){ $err_password = 'please enter password.'; }else{ $val_password = $password; } // first name if (empty($firstname)){ $err_firstname = 'please enter first name.'; }else{ $val_firstname = $firstname; } // last name if (empty($lastname)){ $err_lastname = 'please enter valid last name.'; }else{ $val_lastname = $lastname; } // gender if (isset($_post['submit'])){ $selected_radio = $_post['gender']; if($selected_radio == 'male') { $male_status = 'checked'; }else if ($selected_radio == 'female'){ $female_status = 'checked'; } } // email address if (!preg_match($emailaddress, $email)){ $err_email = 'please enter valid email address.'; }else{ $val_email = $email; } if ($_post['membership'] != 0){ $err_membership = 'nothing selected!'; }else{ $val_membership = $membership; } // credit card if (empty($creditcard)){ $err_creditcard = 'field empty, please try again.'; }else{ $val_creditcard = $creditcard; } // card expiry if (empty($cardexpiry)){ $err_cardexpiry = 'field empty, please try again.'; }else{ $val_cardexpiry = $cardexpiry; } // duration if (empty($duration)){ $err_duration = 'field empty, please try again.'; }else{ $val_duration = $duration; } if (!empty($username) && !empty($password) && !empty($firstname) && !empty($lastname) && preg_match($emailaddress, $email) && ($_get['membership'] != '0') && !empty($creditcard) && !empty($cardexpiry) && !empty($duration)){ $fp = fopen ('user.txt', 'r+'); while ($line = fgetcsv($fp,100,",")){ if($line[0] == $_post['username']){ $usernameexist = "username exist!"; $err_usernameexist = $usernameexist; echo 'username exist , wrong'; } else{ $output_string = $username. ", " .$password. ", " .$firstname. ", " .$lastname .", " .$dob .", " .$gender .", " .$email .", " .$address .", " .$membership .", " .$creditcard .", " .$cardexpiry .", " .$duration ."\n"; $fp = fopen ('user.txt', 'a'); fwrite ($fp, $output_string); echo "<p> registration successful! </p>"; } }fclose($fp); } else{ echo 'please re-check field field marked "*" required'; } } ?> any appreciate , please excuse question if seems confusing new.
thanks.
please forgive apparent criticism there lot of issues code , think if point out poor practices first:
- don't keep reassigning variables. use them $_post['whatever'] there no advantage in copying them other memory intensive structures. obfuscates rather clarifying code.
- do not ever store credit card details in plain text file.
- why using custom csv data structure? databases xml @ pinch.
- you test username existence twice, neither in right place fix problem.
for answer:
if (!empty($username) && !empty($password) && !empty($firstname) && !empty($lastname) && preg_match($emailaddress, $email) && ($_get['membership'] != '0') && !empty($creditcard) && !empty($cardexpiry) && !empty($duration)){ $fp = fopen ('user.txt', 'r+'); while ($line = fgetcsv($fp,100,",")){ if($line[0] == $_post['username']){ $usernameexist = "username exist!"; $err_usernameexist = $usernameexist; echo 'username exist , wrong'; } else{ $output_string = $username. ", " etc... seems problem here. says is: "if data wrong, check see if username exists , if does, so, otherwise if data correct, post file. [but don't test username existence first]
essentially, testing existence of username in wrong place.
move username existence check other side of else. (riskily) test strlen($err_usernameexist)>0 return true if username exists.
once again though, dangerous code , although forms interesting exercise in csv file manipulation not appropriate apparent application type seems designed for. break if user puts comma in data.
you use fputcsv creating array immune commas though not quotes:
myarray=array($name,$password,$encryptedcreditcard,$etcetc); fputcsv($fp,$myarray); you should save data in mysql can @ least aes_encrypt confidential data. alternatively, there plenty of aes classes posted free php. mysql handle large data sets whilst yours gets slower , slower time...
Comments
Post a Comment