PHP Registration
Posted: Wed Sep 02, 2009 8:36 pm
I am having trouble getting my php registration page to work. I have something just a little wrong in my code because when I preview my page I get some of the PHP script. I believe it starts somewhere around "If (mysql_num_rows($s?>0))"
and down to the closing php line. I have sat here for an hour trying to figure out where the problem is with no avail. Can someone help? I have attached a picture of my preview page and here is my code starting with my PHP where I believe the problem is:
<?php
include("db.php");
if (isset($_POST['username']) && isset($_POST['password']) && isset($_POST['email']) && isset($_POST['firstname']) && isset($_POST['lastname']) && isset($_POST['homestate']) && isset($_POST['sex']))
{
//Prevent SQL injections
$username = mysql_real_escape_string($_POST['username']);
$email = mysql_real_escape_string($_POST['email']);
$firstname = mysql_real_escape_string($_POST['firstname']);
$lastname = mysql_real_escape_string($_POST['lastname']);
$homestate = mysql_real_escape_string($_POST['homestate']);
//Get MD5 hash of password
$password = md5($_POST['password']);
//Check to see if username exists
$sql = mysql_query("SELECT username FROM usersystem WHERE username = 'username'");
If (mysql_num_rows($s?>0))
{
die ("Username taken.");
}
mysql_query("INSERT INTO usersystem (username, password, email, firstname, lastname, homestate, sex) VALUES ( '$username', '$password', '$email', '$firstname', '$lastname'), '$homestate'", '$sex') or die (mysql_error()); echo "Account created.";)
}
?>
</head>
and down to the closing php line. I have sat here for an hour trying to figure out where the problem is with no avail. Can someone help? I have attached a picture of my preview page and here is my code starting with my PHP where I believe the problem is:
<?php
include("db.php");
if (isset($_POST['username']) && isset($_POST['password']) && isset($_POST['email']) && isset($_POST['firstname']) && isset($_POST['lastname']) && isset($_POST['homestate']) && isset($_POST['sex']))
{
//Prevent SQL injections
$username = mysql_real_escape_string($_POST['username']);
$email = mysql_real_escape_string($_POST['email']);
$firstname = mysql_real_escape_string($_POST['firstname']);
$lastname = mysql_real_escape_string($_POST['lastname']);
$homestate = mysql_real_escape_string($_POST['homestate']);
//Get MD5 hash of password
$password = md5($_POST['password']);
//Check to see if username exists
$sql = mysql_query("SELECT username FROM usersystem WHERE username = 'username'");
If (mysql_num_rows($s?>0))
{
die ("Username taken.");
}
mysql_query("INSERT INTO usersystem (username, password, email, firstname, lastname, homestate, sex) VALUES ( '$username', '$password', '$email', '$firstname', '$lastname'), '$homestate'", '$sex') or die (mysql_error()); echo "Account created.";)
}
?>
</head>