Help with mysql form

[ReeceSayer]

Im creating a login/register form in php for my uni work but i can't seem to get my registration to write to my table.

Below is the form code:

<?php 
require_once "header.php"; 
?>
<html>
	<form action="authenticate.php" method="POST">
		<label>First Name: </label><br>
		<input type="text" name="FirstName" id="FirstName"><br>
		<label>Second Name: </label><br />
		<input type="text" name="SecondName" id="SecondName"><br>
		<label>House Number: </label><br>
		<input type="number" name="HouseNumber" id="HouseNumber"><br>
		<label>Address: </label><br>
		<input type="text" name="Address" id="Address"><br>
		<label>Address Line 2: </label><br>
		<input type="text" name="AddressLine2" id="AddressLine2"><br>
		<label>Town: </label><br />
		<input type="text" name="Town" id="Town"><br>
		<label>City: </label><br>
		<input type="text" name="City" id="City"><br>
		<label>Post Code: </label><br />
		<input type="text" name="PostCode" id="PostCode"><br>
		<label>Username: </label><br>
		<input type="text" name="username" id="username"><br>
		<label>Password: </label><br />
		<input type="password" name="password" id="password"><br>
        <label>Confirm: </label><br>
        <input type="password" name="password2" id="password2"><br>
        <label>Email address:</label><br>
        <input type="text" name="email" id="email"><br>
		<input type="submit" name="submit" id="submit" value="Submit"> <a href="login.php"> Login </a>
	</form>
</html>
<?php 
require_once "footer.php"; 
?>

 

and this is the php:

<?php 
require_once "header.php"; 
// Include the database connection file.
include("connection.php");
// Check if a person has clicked on submit.
if(isset($_POST['submit'])) { 

if(empty($_POST['username']) || empty($_POST['password']) || empty($_POST['password2']) || empty($_POST['email'])) {
	echo "You have to fill in everything in the form."; // Display the error message.
	header("Location: register.php"); // Redirect to the form.
	exit; // Stop the code to prevent the code running after redirecting.
} 

// Create variables from each $_POST.
$username = $_POST['username'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
$email = $_POST['email'];
$FirstName = $_POST['FirstName'];
$SecondName = $_POST['SecondName'];
$HouseNumber = $_POST['HouseNumber'];
$Address = $_POST['Address'];
$AddressLine2 = $_POST['AddressLine2'];
$Town = $_POST['Town'];
$City = $_POST['City'];
$PostCode = $_POST['PostCode'];

// Now, compare passwords and check if they're the same.

if($password != $password2) {
	// If the passwords are NOT the same. Again display an error message and redirect.
	echo "Sorry, wrong password.";
	header("Location: register.php");
	exit;
}
// Secure the password using an md5 hash.
$password = md5($password);

// Create a variable containing the SQL query.
$query = "INSERT INTO `users` (username, password, email) VALUES ('$username', '$password', '$email')";
$query2 = "INSERT INTO `customerinfo` (FirstName, SecondName, HouseNumber, Address, AddressLine2, Town, City, PostCode) VALUES ('$FirstName', '$SecondName', '$HouseNumber', '$Address', '$AddressLine2', '$Town', '$City', '$PostCode')";
// Perform the SQL query on the database.
$result = mysql_query($query);
$result2 = mysql_query($query2);
// If the query failed, display an error.
if(!$result && !$result2) { 
	echo "Registration failed because of " . mysql_error() . "<br>"; // The dot seperates PHP code and plain text.
	echo "<a href=\"register.php\"> Try Again By Returning To The Registration Screen</a>";
} else {
	// Display a success message!
	echo "Welcome " . $username . " You are now registered";
	echo "<a href=\"login.php\"> Continue To Login!</a>";
}
}
require_once "footer.php"; 
?>
      </div>
      <!-- Footer Section -->
       <div id="footer">
         <p>Created by <a href="metitsolutions.html">Met It Solutions</a></p>
      </div>

   </div> 
   <!-- end container -->
</body>
</html>

 

I didn't write this code but i have tried to edit it to suit my needs...  Thanks

[Maq]

Which table doesn't it INSERT to?  There are two, 'users' and 'customerinfo'.

 

Also, change this line to:

 

   if(!$result || !$result2) { 

 

|| - meaning OR, will check if either query failed, rather than both.  Reason being is that your if wouldn't execute if 1 of the queries was successful and one failed.

 

Also, what exactly happens?  You should try to echo things out to see where your script actually goes.

[ReeceSayer]

its the customerinfo table that it doesn't insert to, the insert into users works perfectly.

Ive just changed the && to an || and i get no difference, maybe that part of the script doesn't work?

When I click submit on the form i get the message "Welcome RSayer You Are Now Registered" plus the next echo just like it should... so i guess the session is still remembering me.

 

The table 'customerinfo' contains the following:

 

userID : INT(11) : Auto-Increment

FirstName : VARCHAR(255)

SecondName : VARCHAR(255)

HouseNumber : INT(2)

Address : VARCHAR(255)

AddressLine2 : VARCHAR(255)

Town : VARCHAR(255)

City : VARCHAR(255)

PostCode : VARCHAR(255)

 

Not sure wether that will help.

I think this is ok but not 100% as its the first time I've used either php or mysql

 

Thanks again

[Maq]

Echo $query2 right underneath the string, to see what is actually being passed.

 

Also change this line to:

 

   $result2 = mysql_query($query2) or die(mysql_error());

 

This will tell you if the query is failing.

[ReeceSayer]

i added the line:

$result2 = mysql_query($query2) or die(mysql_error());

 

i also wrote in the echo... not sure if this is right or where you suggested:

 

	echo "Welcome " . $username . " You are now registered";
	echo "<a href=\"login.php\"> Continue To Login!</a>";
	echo $query2;

 

The outcome is still the same... i get a success message but no actual result in my database.

 

Thanks for the quick replies btw... its like 3.30am over here lol

[Maq]

      echo $query2;

 

What does that print out?

[ReeceSayer]

Nothing... theres only the same success message... does that mean that the query failed?

I just tried to test it by typing the following into the mysql run bar for the database:

 

INSERT INTO `customerinfo` (FirstName, SecondName, HouseNumber, Address, AddressLine2, Town, City, PostCode) VALUES ('Reece', 'Sayer', '18', 'Rushymoor', 'Askern', 'Doncaster', 'Yorkshire', 'DN60NG');

 

This worked out fine...

[ReeceSayer]

anyone with any idead would be very much appreciated! thankyou

[Ken2k7]

1. Does this echo do much?

   if(empty($_POST['username']) || empty($_POST['password']) || empty($_POST['password2']) || empty($_POST['email'])) {
      echo "You have to fill in everything in the form."; // Display the error message.
      header("Location: register.php"); // Redirect to the form.
      exit; // Stop the code to prevent the code running after redirecting.
   } 

It seems to me that if you have the header there, the user will barely see the echo. Same with all the other echo followed by a redirect header. I could be wrong. :-\

 

2. Maybe an entry is messing up the quotes. Can you use mysql_real_escape_string on each $_POST data? It also prevents SQL injection. It goes like -

$username = mysql_real_escape_string($_POST['username']);

[ReeceSayer]

Thanks For Your Help Everyone!! I've managed to sort it out... it was a case of me being an idiot and keeping to many backups and things open in notepad++ i had 2 files called authenticate.php in seperate locations but it was the wrong one running in my apache server... so i just dragged and dropped the other 1 to replace the old one and it worked fine... sorry to have wasted your time & thanks again!!