Page 1 of 1

HELP php script just inserts one row. there is an auto incre

Posted: Wed Aug 01, 2012 7:25 pm
by rahul19dj
I am having problems with my register form. I cannot insert more than one row in my database. After adding one row it gives me an error saying Querry Failed

Code: Select all

<?php
include ('database_connection.php');

$mumbai=isset($_POST['checkbox']) ? 1 : 0;
$pune=isset($_POST['checkbox']) ? 1 : 0;
$banglore=isset($_POST['checkbox']) ? 1 : 0;
$mysore=isset($_POST['checkbox']) ? 1 : 0;

if (isset($_POST['formsubmitted'])) {
    $error = array();//Declare An Array to store any error message  
    if (empty($_POST['mobileno'])) {//if no name has been supplied 
        $error[] = 'Please Enter a Mobile Number ';//add to array "error"
    } else {
        $mobile = $_POST['mobileno'];//else assign it a variable
    }
    if (empty($_POST['fname'])) {//if no name has been supplied 
        $error[] = 'Please Enter a First name ';//add to array "error"
    } else {
        $fname = $_POST['fname'];//else assign it a variable
    }
    if (empty($_POST['lname'])) {//if no name has been supplied 
        $error[] = 'Please Enter a Last name ';//add to array "error"
    } else {
        $lname = $_POST['lname'];//else assign it a variable
    }
    if (empty($_POST['email'])) {
        $error[] = 'Please Enter your Email ';
    } else {


        if (preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/", $_POST['email'])) {
           //regular expression for email validation
            $email = $_POST['email'];
        } else {
             $error[] = 'Your EMail Address is invalid  ';
        }


    }


    if (empty($_POST['passwd1'])) {
        $error[] = 'Please Enter Your Password ';
    } else {
        $password = $_POST['passwd1'];
    }
    if (empty($_POST['passwd2'])) {
        $error[] = 'Please Verify Your Password ';
    } else {
        $password = $_POST['passwd2'];
    }

    if (empty($error)) //send to Database if there's no error '

    { //If everything's OK...

        // Make sure the mobile no is available:
        $query_verify_mobileno = "SELECT * FROM userdtls WHERE mobileno = '$mobileno'";
        $result_verify_mobileno = mysqli_query($dbc, $query_verify_mobileno);
        if (!$result_verify_mobileno) 
        {//if the Query Failed ,similar to if($result_verify_mobileno==false)
            echo ' Database Error Occured ';
        }

        if (mysqli_num_rows($result_verify_mobileno) == 0) { // IF no previous user is using this number .


            // Create a unique  activation code:
           //$activation = md5(uniqid(rand(), true));


            $query_insert_user = "INSERT INTO userdtls ( `mobileno`, `pass`, `fname`, `lname`, `email`, `MUM`, `PUN`, `BNG`, `MYS` ) VALUES ( '".$mobile"', '".$password."', '".$fname."', '".$lname."', '".$email."', '".$mumbai."', '".$pune."', '".$banglore."', '".$mysore."'  )";
            

            $result_insert_user = mysqli_query($dbc, $query_insert_user);
            if (!$result_insert_user) {
                echo 'Query Failed ';
            }

            if (mysqli_affected_rows($dbc) == 1) { //If the Insert Query was successfull.


                // Send the email:
               /*$message = " To activate your account, please click on this link:\n\n";
                $message .= WEBSITE_URL . '/activate.php?email=' . urlencode($email) . "&key=$activation";
                mail($email, 'Registration Confirmation', $message, 'From: rahul19dj@gmail.com'); */

                // Flush the buffered output.


                // Finish the page:
                echo '<div class="success">Thank you for registering! </div>';


            } else { // If it did not run OK.
                echo '<div class="errormsgbox">You could not be registered due to a system error. We apologize for any inconvenience.</div>';
            }

        } else { // The mobile number is not available.
            echo '<div class="errormsgbox" >That mobile number has already been registered.</div>';
        }

    } else {//If the "error" array contains error msg , display them
        
        

echo '<div class="errormsgbox"> <ol>';
        foreach ($error as $key => $values) {
            
            echo '    <li>'.$values.'</li>';


       
        }
        echo '</ol></div>';

    }
  
    mysqli_close($dbc);//Close the DB Connection

} // End of the main Submit conditional.

Re: HELP php script just inserts one row. there is an auto i

Posted: Thu Aug 02, 2012 3:00 am
by social_experiment
When developing code it's a good idea to have some sort of error reporting present so you can diagnose any problems you might find; Full marks for checking that the query failed but the current message isn't very helpful ;) Take a look at the snippet below.

Code: Select all

<?php
$result_insert_user = mysqli_query($dbc, $query_insert_user);
            if (!$result_insert_user) {
// use mysqli_error() to get information about the last error that occured. 
                echo 'Query Failed. Reason : ' . mysqli_error($dbc);
            }
?>
About mysqli_error()
http://br2.php.net/manual/en/mysqli.error.php

You should also look at escaping data that goes into the database; currently the script is vulnerable to SQL injection. See the url below for help on this
http://br2.php.net/manual/en/mysqli.rea ... string.php