posting form data into sql database?

Kez323 · March 8, 2013

Hey,

Im new to PHP and am trying to make a simple form where it puts the form data into a table called "users"

This is the form:

<p><form method="post" action="register.php">
<table border="0" align="center">
<tr>
<td>Username</td><td><input type="text" name="username" size="15" >
</tr>
<br />
<tr>
<td>Password</td><td><input name="password" type="password" size="15"></td>
</tr>
<br />
<td><input type="submit" value="Sign Up"/></td><td></td>
</table>

This is the php code:

<?php
$dbhost  = '';
$dbname  = '';
$dbuser  = '';
$dbpass  = ''; 

mysql_connect($dbhost,$dbuser,$dbpass);
mysql_select_db($dbname);

$order = "INSERT INTO users
			(username, password)
			VALUES
			('$username',
			'$password')";


$result = mysql_query($order);
if($result){
	echo("<br>It Worked!");
} else{
	echo("<br>It Failed!");
}
?>

But when i upload it to the server and try it, it says there was a entry but its blank.....

When i upload it to a server and try it, it automaticly seems to post the data to the database before i even enter a username/password!

when i type a username/password in and post it again it says there was another entry but its blank.....

any help?

- Thanks!

Barand · March 8, 2013

echo $order;

to see what the query looks like

You missed out a couple of lines before the query. You need to get the POSTed data and sanitize it.

$username = mysql_real_escape_string($_POST['username'];
$password= mysql_real_escape_string($_POST['password'];

Kez323 · March 8, 2013

Oh!

Thanks

Sign In

posting form data into sql database?

Recommended Posts

Kez323

Link to comment

Share on other sites

Barand

Link to comment

Share on other sites

Kez323

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information