I have a join form for members to register to the site and it's working just fine except now that I added my captcha image (image.php) to it I can't link the form to the captcha so they can work together. I basically need all fields (name,last name,address etc..) including captcha to be filled by the user before they get approved for registration instead now if the captcha is not typed in they will still be approved for registration.
I tried a few things with no success so i went back to the original script. This is what the first half of my join form script looks like (only php, the second half is the html and the <form>)
<?php
$errorMsg = "";
if (isset($_POST['username'])){
include_once "mysql.php";
$firstname = ereg_replace("[^A-Za-z0-9]", "", $_POST['firstname']);
$lastname = ereg_replace("[^A-Za-z0-9]", "", $_POST['lastname']);
$username = ereg_replace("[^A-Za-z0-9]", "", $_POST['username']); // filter everything but numbers and letters
$country = ereg_replace("[^A-Z a-z0-9]", "", $_POST['country']); // filter everything but spaces, numbers, and letters
$state = ereg_replace("[^A-Z a-z0-9]", "", $_POST['state']); // filter everything but spaces, numbers, and letters
$city = ereg_replace("[^A-Z a-z0-9]", "", $_POST['city']); // filter everything but spaces, numbers, and letters
$email = stripslashes($_POST['email']);
$email = strip_tags($email);
$email = mysql_real_escape_string($email);
$password = ereg_replace("[^A-Za-z0-9]", "", $_POST['password']); // filter everything but numbers and letters
if((!$firstname) || (!$lastname) || (!$username) || (!$country) || (!$state) || (!$city) || (!$email) || (!$password)){
$errorMsg = "You did not submit the following required information!<br /><br />";
if(!$firstname){
$errorMsg .= "--- First Name";
} else if(!$lastname){
$errorMsg .= "--- Last Name";
} else if(!$username){
$errorMsg .= "--- User Name";
} else if(!$country){
$errorMsg .= "--- Country";
} else if(!$state){
$errorMsg .= "--- State";
} else if(!$city){
$errorMsg .= "--- City";
} else if(!$email){
$errorMsg .= "--- Email Address";
} else if(!$password){
$errorMsg .= "--- Password";
}
} else {
$sql_username_check = mysql_query("SELECT id FROM members WHERE username='$username' LIMIT 1");
$sql_email_check = mysql_query("SELECT id FROM members WHERE email='$email' LIMIT 1");
$username_check = mysql_num_rows($sql_username_check);
$email_check = mysql_num_rows($sql_email_check);
if ($username_check > 0){
$errorMsg = "<u>ERROR:</u><br />Your User Name is already in use. Please try another.";
} else if ($email_check > 0){
$errorMsg = "<u>ERROR:</u><br />Your Email address is already in use. Please try another.";
} else {
$hashedPass = md5($password);
$sql = mysql_query("INSERT INTO members (firstname, lastname, username, country, state, city, email, password, signupdate)
VALUES('$firstname','$lastname','$username','$country','$state','$city','$email','$hashedPass', now())") or die (mysql_error());
$id = mysql_insert_id();
mkdir("memberFiles/$id", 0755);
$to = "$email";
$from = "[email protected]";
$subject = "website account activation";
$message = '<html>
<body bgcolor="#FFFFFF">
Hi ' . $username . ',
<br /><br />
Almost there! Complete this step to activate your account.
<br /><br />
Please click the link below to activate now.
<br><br>
<a href="http://website/activation.php?id=' . $id . '">
ACTIVATE ACCOUNT</a>
<br /><br />
Your Login Information is as follows:
<br /><br />
E-mail Address: ' . $email . ' <br />
Password: ' . $password . '
<br /><br />
Thank you for signing up with website.com!
</body>
</html>';
$headers = "From: $from\r\n";
$headers .= "Content-type: text/html\r\n";
$to = "$to";
mail($to, $subject, $message, $headers);
// Then print a message to the browser for the joiner
print "<br /><br /><br /><h4>OK $firstname, one last step to ve
I tried a few things with no success so i went back to the original script. This is what the first half of my join form script looks like (only php, the second half is the html and the <form>)
<?php
$errorMsg = "";
if (isset($_POST['username'])){
include_once "mysql.php";
$firstname = ereg_replace("[^A-Za-z0-9]", "", $_POST['firstname']);
$lastname = ereg_replace("[^A-Za-z0-9]", "", $_POST['lastname']);
$username = ereg_replace("[^A-Za-z0-9]", "", $_POST['username']); // filter everything but numbers and letters
$country = ereg_replace("[^A-Z a-z0-9]", "", $_POST['country']); // filter everything but spaces, numbers, and letters
$state = ereg_replace("[^A-Z a-z0-9]", "", $_POST['state']); // filter everything but spaces, numbers, and letters
$city = ereg_replace("[^A-Z a-z0-9]", "", $_POST['city']); // filter everything but spaces, numbers, and letters
$email = stripslashes($_POST['email']);
$email = strip_tags($email);
$email = mysql_real_escape_string($email);
$password = ereg_replace("[^A-Za-z0-9]", "", $_POST['password']); // filter everything but numbers and letters
if((!$firstname) || (!$lastname) || (!$username) || (!$country) || (!$state) || (!$city) || (!$email) || (!$password)){
$errorMsg = "You did not submit the following required information!<br /><br />";
if(!$firstname){
$errorMsg .= "--- First Name";
} else if(!$lastname){
$errorMsg .= "--- Last Name";
} else if(!$username){
$errorMsg .= "--- User Name";
} else if(!$country){
$errorMsg .= "--- Country";
} else if(!$state){
$errorMsg .= "--- State";
} else if(!$city){
$errorMsg .= "--- City";
} else if(!$email){
$errorMsg .= "--- Email Address";
} else if(!$password){
$errorMsg .= "--- Password";
}
} else {
$sql_username_check = mysql_query("SELECT id FROM members WHERE username='$username' LIMIT 1");
$sql_email_check = mysql_query("SELECT id FROM members WHERE email='$email' LIMIT 1");
$username_check = mysql_num_rows($sql_username_check);
$email_check = mysql_num_rows($sql_email_check);
if ($username_check > 0){
$errorMsg = "<u>ERROR:</u><br />Your User Name is already in use. Please try another.";
} else if ($email_check > 0){
$errorMsg = "<u>ERROR:</u><br />Your Email address is already in use. Please try another.";
} else {
$hashedPass = md5($password);
$sql = mysql_query("INSERT INTO members (firstname, lastname, username, country, state, city, email, password, signupdate)
VALUES('$firstname','$lastname','$username','$country','$state','$city','$email','$hashedPass', now())") or die (mysql_error());
$id = mysql_insert_id();
mkdir("memberFiles/$id", 0755);
$to = "$email";
$from = "[email protected]";
$subject = "website account activation";
$message = '<html>
<body bgcolor="#FFFFFF">
Hi ' . $username . ',
<br /><br />
Almost there! Complete this step to activate your account.
<br /><br />
Please click the link below to activate now.
<br><br>
<a href="http://website/activation.php?id=' . $id . '">
ACTIVATE ACCOUNT</a>
<br /><br />
Your Login Information is as follows:
<br /><br />
E-mail Address: ' . $email . ' <br />
Password: ' . $password . '
<br /><br />
Thank you for signing up with website.com!
</body>
</html>';
$headers = "From: $from\r\n";
$headers .= "Content-type: text/html\r\n";
$to = "$to";
mail($to, $subject, $message, $headers);
// Then print a message to the browser for the joiner
print "<br /><br /><br /><h4>OK $firstname, one last step to ve