[SOLVED] PHP - MySQL adding to table doesn't work.

[AshleyByrom]

Well basically I am trying to create a register page. The page has been created and the form's action is executeRegister2.php

 

in execute register2.php i have the following code:

<?PHP

session_start();

require("dbconfig.php");

$_SESSION["company"] = $_POST["cname"];
$_SESSION["fname"] = $_POST["fname"];
$_SESSION["sname"] = $_POST["sname"];
$_SESSION["uname"] = $_POST["fname"] . $_POST["sname"];
$_SESSION["password"] = $_POST["dpass"];
$_SESSION["admin"] = $_POST["admin"];
$_SESSION["dob"] = $_POST["yyyy"] . $_POST["mm"] . $_POST["dd"];
$_SESSION["class"] = $_POST["class"];
$_SESSION["email"] = $_POST["email"];

$company = $_POST["cname"];
$fname = $_POST["fname"];
$sname = $_POST["sname"];
$uname = $_POST["fname"] . $_POST["sname"];
$password = $_POST["dpass"];
$admin = $_POST["admin"];
$class = $_POST["class"];
$email = $_POST["email"];

if( strcmp($_POST["dpass"], $_POST["conpass"]) != 0 ) {
	header("location:itfailed.php");
}

$connect = mysql_connect(DB_HOST, DB_USER, DB_PASS);
if(!$connect) {
die("Unable to connect to database.");	
}

$theDB = mysql_select_db(DB_NAME);
if (!$theDB) {
die("Unable to select database.");	
}

//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
	$str = @trim($str);
	if(get_magic_quotes_gpc()) {
		$str = stripslashes($str);
	}
	return mysql_real_escape_string($str);
}

//Sanitize the POST values
$company = clean($_POST['company']);
$fname = clean($_POST['fname']);
$sname = clean($_POST['sname']);
$uname = clean($_POST['uname']);
$password = clean($_POST['dpass']);
$admin = clean($_POST['admin']);
$dob = clean($_POST["yyyy"] . "-" . $_POST["mm"] . "-" . $_POST["dd"]);
$class = clean($_POST['class']);
$email = clean($_POST['email']);

$encryptedpassword = md5($password);

$sql = "INSERT INTO users (company, admin, username, password, firstname, lastname, email, dob, class) VALUES('$company', '$admin', '$uname', '$encryptedpassword', '$fname', '$sname', '$email', '$dob', '$class'";
$result = @mysql_query($sql);


if($result) {
	header("registerd.php");
	exit();
}else {
	die("Query failed" . mysql_error());
}



?>

 

When i try it, i fill out the form, click register and i get this error:

 

Query failedYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

 

I know it is from where $result has not worked but I cannot work myself around it.

 

This is seriously stressing me out. Any help would be HIGHLY appreciated. I bet it is one little mistake I have made...

 

thanks!!!!

 

[AshleyByrom]

problem solved. I just realized I had no ')' at the end of $sql.

 

I am now getting a 500 internal server error, can anbody answer why that may be?

[HPWebSolutions]

It's difficult to diagnose a 500 server error without having access to it and the code. Basically, all it means is that the server has met an error it doesn't know how to handle.  What are you doing right before you get the error?

[AshleyByrom]

Thanks for the reply.

 

I found the error, there was a few SQL errors etc. that I was stupid enough not to put in.

 

Everything works fine now though. Thanks!

[HPWebSolutions]

No problem, let me know if you have any more trouble.