Jump to content

Insert a row in SQL using textbox error


WatsonN

Recommended Posts

Hi,

I am working on a script that will add 3 sets of information to a MySQL table. I had a script that had the fields of username password and password2. It worked just fine when password2 was used for verification to make sure you typed it right.

But now I want to take password and turn it into a new data field that is submitted into the new row with the other information.

The problem is it wont add the row. The script says it worked just fine but i check the db and no new row.

here it is:

<?php // Connects to your Database 
mysql_connect("//", "//", "//") or die(mysql_error()); 
mysql_select_db("//") or die(mysql_error()); 
//This code runs if the form has been submitted
if (isset($_POST['submit'])) { 

//This makes sure they did not leave any fields blank
if (!$_POST['username'] | !$_POST['pass'] | !$_POST['pass2'] ) {
		die('You did not complete all of the required fields');
	}

// checks if the username is in use
	if (!get_magic_quotes_gpc()) {
		$_POST['username'] = addslashes($_POST['username']);
	}
$usercheck = $_POST['username'];
$check = mysql_query("SELECT username FROM users WHERE username = '$usercheck'") 
or die(mysql_error());
$check2 = mysql_num_rows($check);

//if the name exists it gives an error
if ($check2 != 0) {
		die('Sorry, the username '.$_POST['username'].' is already in use.');
				}
// this makes sure both passwords entered match
	if ($_POST['pass'] != $_POST['pass']) {
		die('Your passwords did not match. ');
	}

	// here we encrypt the password and add slashes if needed
	$_POST['pass'] = md5($_POST['pass']);
	if (!get_magic_quotes_gpc()) {
		$_POST['pass'] = addslashes($_POST['pass']);
		$_POST['username'] = addslashes($_POST['username']);
		$_POST['pass2'] = addslashes($_POST['pass2']);
			}

// now we insert it into the database
	$insert = "INSERT INTO users (username, password, Human-Readable)
			VALUES ('".$_POST['username']."', '".$_POST['pass']."', '".$_POST['pass2']."')";
	$add_member = mysql_query($insert);
	?>

<h1>Registered</h1>
<p>Thank you, you have registered - you may now login</a>.</p>
<?php } 
else {	 ?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table border="0">
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="60">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="10">
</td></tr>
<tr><td>HR:</td><td>
<input type="password" name="pass2" maxlength="10">
</td></tr>
<tr><th colspan=2><input type="submit" name="submit" 
value="Register"></th></tr> </table>
</form>
<?php
} ?> 

And incase you want to see it here is the original:

<?php // Connects to your Database 
mysql_connect("//", "//", "//") or die(mysql_error()); 
mysql_select_db("//") or die(mysql_error()); 
//This code runs if the form has been submitted
if (isset($_POST['submit'])) { 

//This makes sure they did not leave any fields blank
if (!$_POST['username'] | !$_POST['pass'] | !$_POST['pass2'] ) {
		die('You did not complete all of the required fields');
	}

// checks if the username is in use
	if (!get_magic_quotes_gpc()) {
		$_POST['username'] = addslashes($_POST['username']);
	}
$usercheck = $_POST['username'];
$check = mysql_query("SELECT username FROM users WHERE username = '$usercheck'") 
or die(mysql_error());
$check2 = mysql_num_rows($check);

//if the name exists it gives an error
if ($check2 != 0) {
		die('Sorry, the username '.$_POST['username'].' is already in use.');
				}
// this makes sure both passwords entered match
	if ($_POST['pass'] != $_POST['pass2']) {
		die('Your passwords did not match. ');
	}

	// here we encrypt the password and add slashes if needed
	$_POST['pass'] = md5($_POST['pass']);
	if (!get_magic_quotes_gpc()) {
		$_POST['pass'] = addslashes($_POST['pass']);
		$_POST['username'] = addslashes($_POST['username']);
			}

// now we insert it into the database
	$insert = "INSERT INTO users (username, password)
			VALUES ('".$_POST['username']."', '".$_POST['pass']."')";
	$add_member = mysql_query($insert);
	?>

<h1>Registered</h1>
<p>Thank you, you have registered - you may now login</a>.</p>
<?php } 
else {	 ?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table border="0">
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="60">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="10">
</td></tr>
<tr><td>Confirm Password:</td><td>
<input type="password" name="pass2" maxlength="10">
</td></tr>
<tr><th colspan=2><input type="submit" name="submit" 
value="Register"></th></tr> </table>
</form>
<?php
} ?> 

 

Many Thanks in advanced :)

Link to comment
Share on other sites

<?php 
error_reporting(E_ALL);
// Connects to your Database 
mysql_connect("//", "//", "//") or die(mysql_error()); 
mysql_select_db("//") or die(mysql_error()); 
//This code runs if the form has been submitted
if (isset($_POST['submit'])) { 

//This makes sure they did not leave any fields blank
if (!$_POST['username'] | !$_POST['pass'] | !$_POST['pass2'] ) {
		die('You did not complete all of the required fields');
	}

// checks if the username is in use
	if (!get_magic_quotes_gpc()) {
		$_POST['username'] = addslashes($_POST['username']);
	}
$usercheck = $_POST['username'];
$check = mysql_query("SELECT username FROM users WHERE username = '$usercheck'") 
or die(mysql_error());
$check2 = mysql_num_rows($check);

//if the name exists it gives an error
if ($check2 != 0) {
		die('Sorry, the username '.$_POST['username'].' is already in use.');
				}
// this makes sure both passwords entered match
	if ($_POST['pass'] != $_POST['pass']) {
		die('Your passwords did not match. ');
	}

	// here we encrypt the password and add slashes if needed
	$_POST['pass'] = md5($_POST['pass']);
	if (!get_magic_quotes_gpc()) {
		$_POST['pass'] = addslashes($_POST['pass']);
		$_POST['username'] = addslashes($_POST['username']);
		$_POST['pass2'] = addslashes($_POST['pass2']);
			}

// now we insert it into the database
	$insert = "INSERT INTO users (username, password, Human-Readable)
			VALUES ('".$_POST['username']."', '".$_POST['pass']."', '".$_POST['pass2']."')";
	if (!@mysql_query($insert))
        {
             echo mysql_error(); exit;
        }
	?>

<h1>Registered</h1>
<p>Thank you, you have registered - you may now login</a>.</p>
<?php } 
else {	 ?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table border="0">
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="60">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="10">
</td></tr>
<tr><td>HR:</td><td>
<input type="password" name="pass2" maxlength="10">
</td></tr>
<tr><th colspan=2><input type="submit" name="submit" 
value="Register"></th></tr> </table>
</form>
<?php
} ?> 

Run that and see what error you are getting in your query, then fix it accordingly.

Link to comment
Share on other sites

I changed that and changed the SQL command to one from phpMyAdmin to

 // now we insert it into the database
	$insert = "INSERT INTO  `users` (
`ID` ,
`username` ,
`password` ,
`Human-Readable`
)
VALUES (
NULL ,  '$_POST['username']',  '$_POST['pass']',  '$_POST['pass2']'
);"

But still no luck.

Link to comment
Share on other sites

I changed the SQL output again and it still wont add the row to the database

 	$username = mysql_real_escape_string($_POST['username']);
$pass = mysql_real_escape_string($_POST['pass']);
$pass2 = mysql_real_escape_string($_POST['pass2']);
$insert = "INSERT INTO `table1` VALUES (NULL,'$username','$pass','$pass2');";
	if (!@mysql_query($insert))
        {
             echo mysql_error(); exit;
        }

 

 

Heres the whole thing:

<?php 
error_reporting(E_ALL);
// Connects to your Database 
mysql_connect("*", "*", "*") or die(mysql_error()); 
mysql_select_db("*") or die(mysql_error());  
//This code runs if the form has been submitted
if (isset($_POST['submit'])) { 

//This makes sure they did not leave any fields blank
if (!$_POST['username'] || !$_POST['pass'] || !$_POST['pass2'] ) {
		die('You did not complete all of the required fields');
	}

// checks if the username is in use
	if (!get_magic_quotes_gpc()) {
		$_POST['username'] = addslashes($_POST['username']);
	}
$usercheck = $_POST['username'];
$check = mysql_query("SELECT username FROM users WHERE username = '$usercheck'") 
or die(mysql_error());
$check2 = mysql_num_rows($check);

//if the name exists it gives an error
if ($check2 != 0) {
		die('Sorry, the username '.$_POST['username'].' is already in use.');
				}
// this makes sure both passwords entered match
	if ($_POST['pass'] != $_POST['pass2']) {
		die('Your passwords did not match. ');
	}

	// here we encrypt the password and add slashes if needed
	$_POST['pass'] = md5($_POST['pass']);
	if (!get_magic_quotes_gpc()) {
		$_POST['pass'] = addslashes($_POST['pass']);
		$_POST['username'] = addslashes($_POST['username']);
		$_POST['pass2'] = addslashes($_POST['pass2']);
			}

// now we insert it into the database
	$username = mysql_real_escape_string($_POST['username']);
$pass = mysql_real_escape_string($_POST['pass']);
$pass2 = mysql_real_escape_string($_POST['pass2']);
$insert = "INSERT INTO `table1` VALUES (NULL,'$username','$pass','$pass2');";
	if (!@mysql_query($insert))
        {
             echo mysql_error(); exit;
        }
	?>

<h1>Registered</h1>
<p>Thank you, you have registered - you may now login</a>.</p>
<?php } 
else {	 ?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table border="0">
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="60">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="10">
</td></tr>
<tr><td>HR:</td><td>
<input type="password" name="pass2" maxlength="10">
</td></tr>
<tr><th colspan=2><input type="submit" name="submit" 
value="Register"></th></tr> </table>
</form>
<?php
} ?> 

 

I'm kinda like  :wtf: on this, but I'm still looking.

 

 

Link to comment
Share on other sites

I finaly gave up and wrote my own and added remove to it to

The fields in the table are "ID" "username" "password" "Human-Readable"

To remove a user it requires the initials of the person just to make sure they don't accidently do it.

 

Form:

<tr>
                            <th>Add User</th>
                            <th>Username</th>
                            <th>Password</th>
                            <th>H.R. Pass</th>
                            <th>
                        </tr>
                        <tr><form method="post" action="post.php">
                            <td class="style1">- Add User </td>
                            <td><input type="text" name="username" maxlength="60"></td>
                            <td><input type="password" name="pass" maxlength="10"></td>
                            <td><input type="password" name="pass2" maxlength="10"></td>
                            <td><input type="submit" name="submit" value="Add User" /></td>
                        </form></tr>
                        <tr>
                    </table>
                </div>
                
                <div class="table">
                    <table class="listing" cellpadding="0" cellspacing="0">
                        <tr>
                            <th>Remove User</th>
                            <th>ID</th>
                            <th>Initials</th>
                            <th>
                        </tr>
                        <tr><form method="post" action="post.php">
                            <td class="style1">- Remove User </td>
                            <td><input type="text" name="ID" maxlength="60"></td>
                            <td><input type="text" name="initals" maxlenght="5"></td>
                            <td><input type="submit" name="remove" value="Remove User" /></td>
                        </tr>
                    </table></form>

 

Post.php

<?php header("Location: ./?p=UCP"); ?>
<?php 
// Connects to your Database 
mysql_connect("SERVER", "USERNAME", "PASSOWRD") or die(mysql_error()); 
mysql_select_db("TABLE") or die(mysql_error());  


if (isset($_POST['submit'])) {

if ($_POST['pass'] != $_POST['pass2']) {
		die('Your passwords did not match. ');
	}
$_POST['pass'] = md5($_POST['pass']);
	if (!get_magic_quotes_gpc()) {
		$_POST['pass'] = addslashes($_POST['pass']);
		$_POST['username'] = addslashes($_POST['username']);
		$_POST['pass2'] = addslashes($_POST['pass2']);
			}



$name=$_POST['username']; 
$pass=$_POST['pass']; 
$pass2=$_POST['pass2'];
//echo $name;
//echo "<br>";
//echo $pass;
//echo "<br>";
//echo $pass2;
//echo "<br>";
mysql_query("INSERT INTO `loginwatsonn`.`users` (`ID`, `username`, `password`, `Human-Readable`) VALUES (NULL, '$name', '$pass', '$pass2')");
}


if (isset($_POST['remove'])) {

//echo $_POST['ID'];
//echo $_POST['initals'];
$id=$_POST['ID'];
if($_POST['initals'] == "INSERT_INITALS_HERE") {
	mysql_query("DELETE FROM `users` WHERE `users`.`ID` = $id LIMIT 1");
}
echo "User Removed.";
}
?>

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.