[SOLVED] DB Error: no such field--huh?

[Lodius2000]

I posted yesterday trying to make sure a potential username wasnt already in the database

 

first I have to say that without the database check the script works perfectly except it will enter duplicate usernames,

 

I think I have this fixed because now if i go to add a username that already exists, the script prints the correct error,

 

the problem now is that when i submit a username that is NOT in use i get the error: DB Error: no such field

 

i have changed a couple little things in the script and maybe i just need some fresh eyes to spot my mistake

 

quick notes:

 

I use PEAR db

the table name is users

the 2 fields are called username and password

 

just in case i have an easy typo that i for some reason cant see that should clear it up for reference

 

heres the code

<?php



//Put this file in admin/accountinfo/ to use correctly, store out of access
require ('../../../install/PEAR/DB.php');
require ('../../../../dbfiles/db_login.php');
require ('../formhelpers/formhelpers.php');
$db->setErrorHandling(PEAR_ERROR_DIE);

//print_r($_POST);

if($_POST['_submit_check']){
if($form_errors = validate_form()){
	show_form($form_errors);
} else {
	process_form();
}
} else {
show_form();
}

function show_form($errors = '') {

if ($errors){
	print 'Please correct these errors: <ul><li>';
	print implode('</li><li>', $errors);
	print '</li></ul>';
}

print '<form method="POST" action="'.$_SERVER['PHP_SELF'].'">';
//begin the unique form

print 'Username:';
input_text('username', $_POST);
print '<br />';

print 'Password:';
input_password('password', $_POST);
print '<br />';

input_submit('submit', 'submit');

print '<input type="hidden" name="_submit_check" value="1" />';
print '</form>';
}

function validate_form(){
global $db;

//check that username is entered
if (trim(strlen($_POST['username'])) == 0) {
	$errors[]= "You must enter a username.";
}

//check that username is less or equal to than 14 characters
if (trim(strlen($_POST['username'])) > 14) {
	$errors[]= "Your username must be 14 characters or less.";
}

//check that username is only letters or numbers
if (! preg_match('/^[a-zA-Z0-9]+$/i', $_POST['username'])){
//if (! preg_match('/^[a-zA-Z0-9]$/i', $_POST['username'])) {
	$errors[]= "Your username must be <i><b>ONLY</b></i> letters or numbers.";
}

//check that the username does not already exist
$q = $db->query("SELECT username FROM users WHERE username = '$_POST[username]'");
if ($q->numrows() > 0 ){
	$errors[] = "Your username is already in use, please choose another";
}


//check that password is entered
if (trim(strlen($_POST['password'])) == 0) {
	$errors[]= "You must enter a password.";
}

//check that password is less or equal to than 32 characters
if (trim(strlen($_POST['password'])) > 32) {
	$errors[]= "Your password must be 32 characters or less.";
}

//check that password is only letters or numbers
if (! preg_match('/^[a-zA-Z0-9]+$/i', $_POST['password'])){
	$errors[]= "Your password must be <i><b>ONLY</b></i> letters or numbers.";
}

return $errors;

}

function process_form() {
global $db;
$password = crypt($_POST['password']);
$username = $_POST['username'];

//add user to database
$sql = ('INSERT INTO users (username, password) VALUES ($username, $password)');

$q = $db->query($sql);
//if (DB::iserror($q)){
//	die($q->getMessage());
//}

print "Congradulations, $username has been registered as a user!<br />\n";
print '<a href="../index.php">Login here</a>';

}

?>

 

thanks in advance for you help

[Lodius2000]

never mind, im an idiot, solved my own problem, forgot to single quote the values of the sql submission in process_form()