Page 1 of 1

Inserting into a database shouldnt be a problem.....

Posted: Sat Dec 20, 2003 2:12 pm
by toytruck
This is the first part of my code where you insert information
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<form action="register.php" method="post">
<div align="center">Register<br>
</div>
<table width="276" border="1" align="center">
<tr>
<td width="116">Username</td>
<td width="144"><input type="text" name="uname"></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="pass"></td>
</tr>
<tr>
<td>Repeat Password</td>
<td><input type="password" name="passver"></td>
</tr>
<tr>
<td>E-mail</td>
<td><input type="text" name="email"></td>
</tr>
<tr>
<td colspan="2"><input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</form>
</body>
</html>
the second part is right here

Code: Select all

<?php
?>
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<?php
$trigger = 0;
$host = "localhost";
$username = "root";
$db = "worldconquest";

$connection = mysql_connect($host, $username) or die("Couldn't connect to MySql");
mysql_select_db($db, $connection);

$uname = $_POST['uname'];
$pass = $_POST['pass'];
$passver = $_POST['passver'];
$email = $_POST['email'];

$result = mysql_query("SELECT * FROM users");
$row = mysql_num_rows($result);
$row2 = mysql_fetch_array($result);
$unametest = $row2["username"];


if ($uname == $unametest){
echo "Username already taken ";
$trigger = 1;
}
if ($pass == "" | $passver == ""){
echo "A password field was left blank ";
$trigger = 1;
}
if ($pass != $passver){
echo "passwords do not match ";
$trigger = 1;
}
if ($uname == ""){
echo "Username left blank ";
$trigger = 1;
}
if ($email == ""){
echo "Email left blank ";
$trigger = 1;
}
if ($trigger == 1){
include ("preregister.php");
}
else{
$sql = "INSERT INTO users(username,password,email)VALUES($uname,$pass,$email);";
$result2 = mysql_query($sql,$connection) or die("Couldn't 
execute query. ");
}
?>
</body>
</html>
<?php
?>
The first part of my coding works but when i try to insert the user it never works.

Posted: Sat Dec 20, 2003 2:19 pm
by m3mn0n
Change

Code: Select all

<?php
$uname = $_POST['uname']; 
$pass = $_POST['pass']; 
$passver = $_POST['passver']; 
$email = $_POST['email']; 
?>
to

Code: Select all

<?php
if((isset($_POST['uname'])) && (isset($_POST['pass'])) && (isset($_POST['passver'])) && (isset($_POST['email'])))
{
$uname = $_POST['uname']; 
$pass = $_POST['pass']; 
$passver = $_POST['passver']; 
$email = $_POST['email']; 
}
?>
And also you should be comparing the username in the database with the one submit. So...

Code: Select all

<?php
$result = mysql_query("SELECT * FROM users"); 
?>
...should be...

Code: Select all

<?php
$result = mysql_query("SELECT * FROM users WHERE username='$uname'"); 
?>

Posted: Sat Dec 20, 2003 2:24 pm
by toytruck
thank you for the help but this part of my coding still doesnt work

Code: Select all

<?php
else{
$sql = "INSERT INTO users(username,password,email)VALUES($uname,$pass,$email)";
$result2 = mysql_query($sql,$connection) or die("Couldn't 
execute query. ");
}

?>

Posted: Sat Dec 20, 2003 2:29 pm
by Derfel Cadarn
I'm getting a bit tired here, after scripting all day, so perhaps I'm missing the point completely here :lol: but isn't it supposed to be:

Code: Select all

<?php
else{
$sql = "INSERT INTO 'users'(username,password,email)VALUES($uname,$pass,$email)";
$result2 = mysql_query($sql,$connection) or die("Couldn't
execute query. ");
}

?>
..with those '-thingies around the table-name?

=====================================
= Yes, I'm trying to get my 100th posting tonite =
=====================================

Posted: Sat Dec 20, 2003 2:32 pm
by toytruck
Thanks but didnt work either :(

Posted: Sat Dec 20, 2003 9:36 pm
by d3ad1ysp0rk
i don't see why you have $connection in your query.. but try:

Code: Select all

<?php
else{
$sql = "INSERT INTO `users`(username,password,email)VALUES('$uname','$pass','$email')";
$result2 = mysql_query($sql) or die("Couldn't
execute query. ");
}

?>
and what error do you get with this code?

Posted: Sat Dec 20, 2003 9:58 pm
by infolock
just to clarify, don't need ' marks around the table name. you can, but it's not needed.

lilpunkskater pretty much hit the bullseye with that one though. you must specify the values in ' marks.

another way to do this same query is :

Code: Select all

$sql = "INSERT INTO users (username,password,email) VALUES('".$uname."','".$pass."','".$email."')";