AshleyByrom Posted July 20, 2009 Share Posted July 20, 2009 Well basically I am trying to create a register page. The page has been created and the form's action is executeRegister2.php in execute register2.php i have the following code: <?PHP session_start(); require("dbconfig.php"); $_SESSION["company"] = $_POST["cname"]; $_SESSION["fname"] = $_POST["fname"]; $_SESSION["sname"] = $_POST["sname"]; $_SESSION["uname"] = $_POST["fname"] . $_POST["sname"]; $_SESSION["password"] = $_POST["dpass"]; $_SESSION["admin"] = $_POST["admin"]; $_SESSION["dob"] = $_POST["yyyy"] . $_POST["mm"] . $_POST["dd"]; $_SESSION["class"] = $_POST["class"]; $_SESSION["email"] = $_POST["email"]; $company = $_POST["cname"]; $fname = $_POST["fname"]; $sname = $_POST["sname"]; $uname = $_POST["fname"] . $_POST["sname"]; $password = $_POST["dpass"]; $admin = $_POST["admin"]; $class = $_POST["class"]; $email = $_POST["email"]; if( strcmp($_POST["dpass"], $_POST["conpass"]) != 0 ) { header("location:itfailed.php"); } $connect = mysql_connect(DB_HOST, DB_USER, DB_PASS); if(!$connect) { die("Unable to connect to database."); } $theDB = mysql_select_db(DB_NAME); if (!$theDB) { die("Unable to select database."); } //Function to sanitize values received from the form. Prevents SQL injection function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } //Sanitize the POST values $company = clean($_POST['company']); $fname = clean($_POST['fname']); $sname = clean($_POST['sname']); $uname = clean($_POST['uname']); $password = clean($_POST['dpass']); $admin = clean($_POST['admin']); $dob = clean($_POST["yyyy"] . "-" . $_POST["mm"] . "-" . $_POST["dd"]); $class = clean($_POST['class']); $email = clean($_POST['email']); $encryptedpassword = md5($password); $sql = "INSERT INTO users (company, admin, username, password, firstname, lastname, email, dob, class) VALUES('$company', '$admin', '$uname', '$encryptedpassword', '$fname', '$sname', '$email', '$dob', '$class'"; $result = @mysql_query($sql); if($result) { header("registerd.php"); exit(); }else { die("Query failed" . mysql_error()); } ?> When i try it, i fill out the form, click register and i get this error: Query failedYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 I know it is from where $result has not worked but I cannot work myself around it. This is seriously stressing me out. Any help would be HIGHLY appreciated. I bet it is one little mistake I have made... thanks!!!! Quote Link to comment Share on other sites More sharing options...
AshleyByrom Posted July 20, 2009 Author Share Posted July 20, 2009 problem solved. I just realized I had no ')' at the end of $sql. I am now getting a 500 internal server error, can anbody answer why that may be? Quote Link to comment Share on other sites More sharing options...
HPWebSolutions Posted July 21, 2009 Share Posted July 21, 2009 It's difficult to diagnose a 500 server error without having access to it and the code. Basically, all it means is that the server has met an error it doesn't know how to handle. What are you doing right before you get the error? Quote Link to comment Share on other sites More sharing options...
AshleyByrom Posted July 21, 2009 Author Share Posted July 21, 2009 Thanks for the reply. I found the error, there was a few SQL errors etc. that I was stupid enough not to put in. Everything works fine now though. Thanks! Quote Link to comment Share on other sites More sharing options...
HPWebSolutions Posted July 23, 2009 Share Posted July 23, 2009 No problem, let me know if you have any more trouble. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.