Member Avatar for Orgil_1

I have a problem been a long. I am totally lost what is wrong! It does not give compile-time error. But it just doesnt add data to database.

register.php

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>My First Web site</title>
<meta name="keywords" content="" />
<meta name="description" content="" />
<link href="default.css" rel="stylesheet" type="text/css" />
</head>
<body>
<? include("menu.php"); ?>
<div id="logo">
    <h1><a href="#">Enter</a></h1>
    <h2><a href="http://www.freecsstemplates.org/">By Free CSS Templates</a></h2>
</div>
<? 
include("main_reg.php");
include("footer.php");
?>

<div align=center>This template  downloaded form <a href='http://all-free-download.com/free-website-templates/'>free website templates</a></div></body>
</html>

main_reg.php

<div id="content">
    <div id="colA">
    <center>
<form action="user_reg.php" method="post">
<table width="531" border="0">
  <tr>
    <td width="212"><div align="right">username </div></td>
    <td width="303"><input name="username" type="text" id="username" /></td>
  </tr>
   <tr>
    <td width="212"><div align="right">password </div></td>
    <td width="303"><input name="pass1" type="text" id="pass1" /></td>
  </tr>
   <tr>
    <td width="212"><div align="right">password /confirmation/ </div></td>
    <td width="303"><input name="pass2" type="text" id="pass2" /></td>
  </tr>
  <tr>
    <td><div align="right">first name</div></td>
    <td><input name="fname" type="text" id="fname" /></td>
  </tr>
  <tr>
    <td><div align="right">lastname</div></td>
    <td><input name="lname" type="text" id="lname" /></td>
  </tr>
  <tr>
    <td><div align="right">age</div></td>
    <td><input name="age" type="text" id="age" /></td>
  </tr>
  <tr>
    <td><div align="right">sex</div></td>
    <td><select name="sex" id="sex">
      <option value="1">m</option>
      <option value="2">f</option>
      </select>
      </td>
  </tr>

  <tr>
    <td><div align="right">phone</div></td>
    <td><input name="phone" type="text" id="phone" /></td>
  </tr>
  <tr>
    <td><div align="right">Email</div></td>
    <td><input name="email" type="text" id="email" /></td>
  </tr>
    <tr>
    <td><div align="right">
      <input type="reset" name="Reset" value="reset" />
    </div></td>
    <td>

        <div align="center">
          <input type="submit" name="Submit" value="register" />
        </div></td>
    </tr>
</table>

</form>
</center>
</div>

user_reg.php

<?
include("connect_db.php");
//$con=mysqli_connect("localhost", "root", "", "site");
//mysqli_query($con, "SET NAMES utf8");
$reg_query="insert into account values(Null,'" .$_POST['username'] . "', '" . $_POST['pass1']. "', '" .$_POST['fname'] ."', '" .$_POST['lname'] . "', " . $_POST['age'] .", " .$_POST['sex'] . ", '" . $_POST['phone'] . "', '" . $_POST['email'] ."')";
echo $reg_query;
//$reg_query="insert into account values(Null, '$_POST[username]', '$_POST[pass1]', '$_POST[fname]', '$_POST[lname]', '$_POST[age]', '$_POST[sex]', '$_POST[phone]', '$_POST[email]')";
$reg_result=mysqli_query($con, $reg_query);
if($reg_result!=0)
echo header("location: index.php");
else echo "failed! <a href='register.php'> back </a>"
?>

connect_db.php

<?
$con=mysqli_connect("localhost", "root", "", "site");
mysqli_query($con, "SET NAMES utf8");
?>
Edited by Orgil_1
  • 3 Contributors
  • 3 Replies
  • 242 Views
  • 1 Day Discussion Span
  • Latest Post Latest Post by Orgil_1
Member Avatar for gabrielcastillo

I believe you sql statement is incorrect, and some of your logic maybe incorrect as well. I wrote out the code you may want to try. Using $_POST inputs need to be sanitized and valided before you insert in to database. You are leaving yourself open for errors and attacks without.

Here is your query updated to correct format. You were missing field names, the values had nowhere to go.

$reg_query = "INSERT INTO `account` (`field_name`,`field_name`,`field_name`) VALUES('{$_POST['value']}', '{$_POST['value']}')";

    $reg_result = mysqli_query($con, $reg_query);

    if(!$reg_result){
        echo 'Failed! <a href="register.php">Back</a>';
    }else{
        header("Location: index.php");
    }
Member Avatar for diafol

You'll never get a compile-time error.

You are using unsanitized input in your SQL - please bind parameters with prepared queries to make them safer.

Also you do not give "or die" statements with your mysqli functions, so you don't see any errors, if that's where they are.

I don't think we needed register.php - it didn't add anything to the question.

In addition, the form is table-ized for some reason. We tried to stop doing that over 10 years ago. It's also a pain to read all that html. <center> is also dead.

I would suggest reading some tutorials on html and basic php, preferably a very recent one. The php manual is extremely useful: http://php.net

Member Avatar for Orgil_1

Thank you guys for your information! Now it works out with your help! :)

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.