I am trying to create a registration form (I have not stopped any SQL injecting, just trying to figure out why it's not working), but it's not inserting the table. Any ideas as to what I did wrong?
<php
$con = mysql_connect("localhost","thedatabase","secretpassword");
mysql_select_db('databasename');
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$password = $_POST['password'];
$email = $_POST['email'];
for ($counter = 0; $counter < 17; $counter++)
{
$digit = rand(0, 61);
$salt = $salt . substr("abcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ", $digit, 1);
}
$sql = "INSERT INTO clients (email, firstname, lastname, password, salt) VALUES ('$email', '$firstname', '$lastname', '$password', '$salt')";
mysql_query($sql);
mysql_close($con);
?>