rmmo Posted July 3, 2008 Share Posted July 3, 2008 hey everyone... simple question.. what did i do wrong here? can someone point out why these errors come up in the code below? errors : Notice: Undefined variable: customerid in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\artsonlinestorermmonewcustomer.php on line 18 Notice: Undefined variable: custname in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\artsonlinestorermmonewcustomer.php on line 18 Notice: Undefined variable: customeremail in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\artsonlinestorermmonewcustomer.php on line 18 Notice: Undefined variable: vnewpass in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\artsonlinestorermmonewcustomer.php on line 18 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''customer' values ( , , , )' at line 1 <?php // connect to and select db $conn = mysql_connect($host, $dbuser, $dbpass) or trigger_error("SQL", E_USER_ERROR); $db = mysql_select_db($dbname, $conn) or trigger_error("SQL", E_USER_ERROR); $insertnewcustsql ="insert into 'customer' values ($customerid , $custname , $customeremail , $vnewpass)"; if ($_POST['customer_id'] && $_POST['customer_name'] && $_POST['customer_email'] && $_POST['npassword'] && $_POST['vnewpass']) { // sanitize $customerid = mysql_real_escape_string($_POST['customer_id']); $custname = mysql_real_escape_string($_POST['customer_name']); $customeremail = mysql_real_escape_string($_POST['customer_email']); $npassword = mysql_real_escape_string($_POST['npassword']); $vnewpass = mysql_real_escape_string($_POST['vnewpass']); } else { echo "sorry couldnt get posted items"; } if($npassword == $vnewpass) { mysql_query($insertnewcustsql , $conn) or die(mysql_error()); } else { echo "you didnt enter the password the same both times"; } echo "these are your new account details" echo $customerid; echo $custname; echo $customeremail; echo $npassword; echo $vnewpass; ?> thanks in advanced RMMO Quote Link to comment Share on other sites More sharing options...
GingerRobot Posted July 3, 2008 Share Posted July 3, 2008 You appear to be doing your inserting before you check to see if the variables are set. You should also use the isset() function to see if the variables are set: if (isset($_POST['customer_id']) && isset($_POST['customer_name']) && isset($_POST['customer_email']) && isset($_POST['npassword']) && isset($_POST['vnewpass'])) { // sanitize $customerid = mysql_real_escape_string($_POST['customer_id']); $custname = mysql_real_escape_string($_POST['customer_name']); $customeremail = mysql_real_escape_string($_POST['customer_email']); $npassword = mysql_real_escape_string($_POST['npassword']); $vnewpass = mysql_real_escape_string($_POST['vnewpass']); $insertnewcustsql ="insert into 'customer' values ($customerid , $custname , $customeremail , $vnewpass)"; mysql_query($insertnewcustsql) or trigger_error(mysql_error()); //you didn't execute your query either. I assume you meant to Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.