foreverandeveralone Posted March 24, 2012 Share Posted March 24, 2012 Hi there! Thanks for your time, and thank you for taking a look at my post, I really hope you can help me out I just started on php, and I'm currently trying to develop a login/registration system. The login part works fine, but I'm getting this mysql error when i execute my registration code: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''users' ('username', 'password', 'email', 'name') VALUES ('test','098f' at line 1 I have been trying to troubleshoot this for hours now, and decided to turn to professionals Below is my code and explanations for the registration. (register.php) The visual part. There shouldn't be any bugs here. <?php session_start();?> <html> <head> <title>SHAT Registration</title> <link rel="stylesheet" type"text/css" href="style.css"> </head> <body> <div class="loginform"> <center> <img src="logo.png"> <h3> -the only place thats cool enough</h3> <br> </center> <?php if (!isset($_SESSION['uid'])) { echo "<p>Please Register or <a href='index.php'>Log in</a></p>"; } else { header( 'Location: shat.php' ) ; } ?> <table border="0" cellspacing="3" cellpadding="3"> <form method="post" action="registration.php"> <tr><td>Username</td><td><input type="text" name="username"></td></tr> <tr><td>Password</td><td><input type="password" name="password"></td></tr> <tr><td>Confirm</td><td><input type="password" name="passconf"></td></tr> <tr><td>E-mail</td><td><input type="text" name="email"></td></tr> <tr><td>Name</td><td><input type="text" name="name"></td></tr> <tr><td colspan="2" align="center"><input type="submit" name="submit" value="Register!"></td></tr> </form></table> </div> </body> </html> (functions.php) The security and connection code. <?php function protect ($string) { $string = mysql_real_escape_string($string); $string = strip_tags ($string); $string = addslashes($string); return $string; } function connect () { $con = mysql_connect("localhost", "root", "lol123") or die (mysql_error()); $db = mysql_select_db("login", $con); } ?> (registration.php) The main part, errorcheck insert etc. <?php include_once "functions.php"; connect(); $username = protect ($_POST['username']); $password = protect ($_POST['password']); $confirm = protect ($_POST['passconf']); $email = protect ($_POST['email']); $name = protect ($_POST['name']); $errors = array(); if (!$username) { $errors[] = "Username is not defined!?"; } if (!$password) { $errors[] = "Password is not defined!?"; } if ($password) { if (!$confirm) { $errors[] = "Confirmation password is not defined!?"; } } if (!$email) { $errors[] = "E-mail is not defined!?"; } if (!$name) { $errors[] = "Name is not defined!?"; } if($username) { if(!ctype_alnum ($username)) { $errors[] = "Username can only contain numbers and letters!"; } $range = range(1,32); if(!in_array(strlen($username),$range)){ $errors[] = "Username too long!"; } } if($email){ $checkemail = "/^[a-z0-9]+([_\\.-][a-z0-9]+)*@([a-z0-9]+([\.-][a-z0-9]+)*)+\\.[a-z]{2,}$/i"; if(!preg_match($checkemail, $email)){ $errors[] = "E-mail is not valid, must be name@server.tld!"; } } if($name){ $range2 = range(3,64); if(!in_array(strlen($name),$range2)){ $errors[] = "Your name might be to short... or too long! How long is your name really niggurh?!"; } } if ($username) { $sql = "SELECT * FROM users WHERE username ='($username)'"; $res = mysql_query($sql) or die (mysql_error()); if(mysql_num_rows($res) > 0) { $errors[] = "The username is already taken!"; } } if($email){ $sql2 = "SELECT * FROM users WHERE email='($email)'"; $res2 = mysql_query ($sql2) or die (mysql_error()); if(mysql_num_rows($res2) > 0) { $errors[] = "E-mail is already registered!"; } } if (count($errors) > 0){ foreach($errors AS $error){ echo $error . "<br>\n"; } }else { $sql4 = "INSERT INTO 'users' ('username', 'password', 'email', 'name') VALUES ('".$username."','".md5($password)."','".$email."','".$name."')"; $res4 = mysql_query ($sql4) or die (mysql_error()); echo "<b>".$username."</b>, you have successfully registered! Welcome to SHAT! Please <a href='index.php'>log in</a>"; } ?> Mysql info Database: Login Table: users Columns: id, username, password, email, name Now this genius can tell that my problem is related to my, mysql. I just don't know how to fix it, I feel like Ive tried everything. If anyone could help me with this, or give some advice, or maybe just link to a related post, I would appreciated it very much! Quote Link to comment Share on other sites More sharing options...
dragon_sa Posted March 24, 2012 Share Posted March 24, 2012 the problem is here you have 'users' when it should just be users $sql4 = "INSERT INTO 'users' ('username', 'password', 'email', 'name') VALUES ('".$username."','".md5($password)."','".$email."','".$name."')"; And when you post sql queries be sure to remove database usernames and passwords from the code you put up Quote Link to comment Share on other sites More sharing options...
foreverandeveralone Posted March 24, 2012 Author Share Posted March 24, 2012 Thank you for the reply ! although it gave me a new error You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''username', 'password', 'email', 'name') VALUES ('test','098f6bcd4621d373ca' at line 2 But now i know what section my problem is in. I still can't seem to figure out how to fix it... maybe I should get of the computer for a couple of hours and return... Quote Link to comment Share on other sites More sharing options...
dragon_sa Posted March 24, 2012 Share Posted March 24, 2012 try replacing that line with this $passInsert = md5($password); $sql4 = "INSERT INTO users (username, password, email, name) VALUES ('$username','$passInsert','$email','$name')"; Quote Link to comment Share on other sites More sharing options...
foreverandeveralone Posted March 24, 2012 Author Share Posted March 24, 2012 Thank you good sir! You made my day. Quote Link to comment Share on other sites More sharing options...
AyKay47 Posted March 24, 2012 Share Posted March 24, 2012 I like your usage of different font sizes, colors and images to convey your issue/emotions to us. Just kidding. Quote Link to comment Share on other sites More sharing options...
foreverandeveralone Posted March 25, 2012 Author Share Posted March 25, 2012 I know it may seem immature. But it breaks the everyday formal-straightforward-black&white-way-of-communication. Which tends to be the norm of many boards like this. I mean it's good and all, and very professional, but it gets really boring and "dry" in many cases Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.