ess14 Posted September 27, 2006 Share Posted September 27, 2006 im trying to do a basic signup form in php and mysql.i dont know what the hells goin on here. i cant get it to insert anything into the database.any help would really save me some hair. i know the variables are being passed, there must be something up with my statemens. arghh[code]<?php$usr_name = $_POST['formName'];$usr_pass = $_POST['formPass'];//lets check if username exists already$sql_username_check = mysql_query("SELECT usr_name FROM users WHERE usr_name=".$usr_name."");//does it return any resutls?$username_check = @mysql_num_rows($sql_username_check);if($username_check > 0){header("Location: http://www.motorgym.com/modgarage/signup.php?err=1"); exit(); // exit the script so that we do not create this account! }//username check passed begin account creationif(isset($submit)){// Enter info into the Database.$sql = mysql_query("INSERT INTO users (usr_name, usr_pass) VALUES('$usr_name', '$usr_pass')") or die (mysql_error()); }if(!$sql){ echo 'There has been an error creating your account. Please contact the webmaster.<br> <a href="signup.php">go back</a>'; print mysql_error();} else {echo'Account creation success.<br> <a href="login.php">Login</a>';}?>[/code] Quote Link to comment Share on other sites More sharing options...
tomfmason Posted September 27, 2006 Share Posted September 27, 2006 Change[code=php:0]$sql_username_check = mysql_query("SELECT usr_name FROM users WHERE usr_name=".$usr_name."");[/code]To[code=php:0]$sql_username_check = mysql_query("SELECT usr_name FROM users WHERE usr_name='$usr_name'") or die(mysql_error());[/code]Also, you should sanitize the data imputed with something like this.[code=php:0]$usr_name = mysql_real_escape_string(trim(strip_tags($_POST['formname']))));//the same for the other field.//you should aslo add something like thisif ((!$usr_name) || (!$whatever)) { if (!$usr_name) { echo "You did not enter your username"; } if (!$whatever) { echo "Something else"; } include("yourform.html"); exit();}[/code]Hope this helps.Tom Quote Link to comment Share on other sites More sharing options...
ess14 Posted September 27, 2006 Author Share Posted September 27, 2006 hey thanks for the help on the coding. i will add some of those checks to it.but you know what the problem actually was?! my submit button was named/valued 'Submit' and i was checking for isset($submit)!what a waste of time. well, not entirely.. now i can use some of ur code. cheers! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.