current community

your communities

more stack exchange communities

Stack Exchange
tour help
careers 2.0
Take the 2-minute tour ×
Stack Overflow is a question and answer site for professional and enthusiast programmers. It's 100% free, no registration required.
up vote 0 down vote favorite

Register.php

<?php

include("db.php");
if (isset($_POST['email']) && isset($_POST['password']) && isset($_POST['name']) &&  isset($_POST['password2']) && isset($_POST['name']) && isset($_POST['address']) && isset($_POST['city']) && isset($_POST['state']))

{
    $con=mysqli_connect("localhost", "useradmin", "FNEpsTa6qvmRjBBf", "userdata") or die("failed to connect");
    //Prevent SQL injections
    $name = mysql_real_escape_string($_POST['name']);
    $email = mysql_real_escape_string($_POST['email']);
    $address = mysql_real_escape_string($_POST['address']);
    $city = mysql_real_escape_string($_POST['city']);
    $password = mysql_real_escape_string($_POST['password']);
    $password2 = mysql_real_escape_string($_POST['password2']);

    //Get MD5 hash of password
    $password = md5($_POST['password']);
    $query="SELECT email FROM users WHERE email = '".$email."'";
    $query2="INSERT INTO users (name, email, address, city, state, password) VALUES ('$name', '$email', '$address', '$city', '$state', '$password');";
    //Check to see if email exists
    $sql = mysqli_query($con, $query);
    $rows=(mysqli_num_rows($sql));
    if($rows>0)
    {
        die ("email taken.");
    }
    if($password<>$password2)
    {
        die ("passwords do not match");
    }

    $sql = mysqli_query($con, $query2);
    if($sql)
        header(location:welcome.php);

}
?>

<html></html>
<center>
<form action="register.php" method="post">
<table>
<tr><td>Name: </td><td><input name="name" type="text" /></td></tr>
<tr><td>Email:</td><td> <input name="email" type="text" /></td></tr>
<tr><td>Address: </td><td><input name="address" type="text" /></td></tr>
<tr><td>City: </td><td><input name="city" type="text" /></td></tr>
<tr><td>State: </td><td><select name="State"> 
<option value="" selected="selected">Select a State</option> 
<option value="AL">Alabama</option> 
<option value="AK">Alaska</option> 
<option value="AZ">Arizona</option> 
<option value="AR">Arkansas</option> 
<option value="CA">California</option> 
<option value="CO">Colorado</option> 
<option value="CT">Connecticut</option> 
<option value="DE">Delaware</option> 
<option value="DC">District Of Columbia</option> 
<option value="FL">Florida</option> 
<option value="GA">Georgia</option> 
<option value="HI">Hawaii</option> 
<option value="ID">Idaho</option> 
<option value="IL">Illinois</option> 
<option value="IN">Indiana</option> 
<option value="IA">Iowa</option> 
<option value="KS">Kansas</option> 
<option value="KY">Kentucky</option> 
<option value="LA">Louisiana</option> 
<option value="ME">Maine</option> 
<option value="MD">Maryland</option> 
<option value="MA">Massachusetts</option> 
<option value="MI">Michigan</option> 
<option value="MN">Minnesota</option> 
<option value="MS">Mississippi</option> 
<option value="MO">Missouri</option> 
<option value="MT">Montana</option> 
<option value="NE">Nebraska</option> 
<option value="NV">Nevada</option> 
<option value="NH">New Hampshire</option> 
<option value="NJ">New Jersey</option> 
<option value="NM">New Mexico</option> 
<option value="NY">New York</option> 
<option value="NC">North Carolina</option> 
<option value="ND">North Dakota</option> 
<option value="OH">Ohio</option> 
<option value="OK">Oklahoma</option> 
<option value="OR">Oregon</option> 
<option value="PA">Pennsylvania</option> 
<option value="RI">Rhode Island</option> 
<option value="SC">South Carolina</option> 
<option value="SD">South Dakota</option> 
<option value="TN">Tennessee</option> 
<option value="TX">Texas</option> 
<option value="UT">Utah</option> 
<option value="VT">Vermont</option> 
<option value="VA">Virginia</option> 
<option value="WA">Washington</option> 
<option value="WV">West Virginia</option> 
<option value="WI">Wisconsin</option> 
<option value="WY">Wyoming</option>
</select></td></tr>
<tr><td>Password: </td><td><input type="password" name="password" /></td></tr>
<tr><td>Confirm Password: </td><td><input type="password" name="password2" /></td></tr>
<tr><td><input type="submit" value="Submit" /></td></tr>
</table>
</form></center>

page runs without errors but does not show up in database I enter the data and hit submit, which returns me to the page without errors, but the information is never inserted into my database. Also the database connection is good as I've checked it. But below is an export of the database.

CREATE DATABASE userdata;
USE userdata;


CREATE TABLE IF NOT EXISTS `users` (
  `Name` varchar(50) NOT NULL,
  `Address` varchar(50) NOT NULL,
  `City` varchar(25) NOT NULL,
  `State` varchar(2) NOT NULL,
  `Email` varchar(25) NOT NULL,
  `Password` varchar(25) NOT NULL,
  PRIMARY KEY (`Email`),
  UNIQUE KEY `Password` (`Password`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

created the user with that password in php myadmin so I know it is good.

share|improve this question
    
here changed some code it helped but now I'm getting undefined index for state. Here is the changed code –  TwoEyedDan Apr 15 '13 at 16:12

2 Answers 2

up vote 0 down vote

Since you're using the mysqli extension, not mysql, you must use mysqli_real_escape_string() rather than mysql_real_escape_string().

But you really should be using prepared statements instead of interpolating variables into the query. Then you don't have to worry about escaping the values at all. This is one of the main benefits of using mysqli or PDO rather than mysql.

share|improve this answer
    
will change the function, I wouldn't know how to go about using prepared statements though. Could you send me a link for that in manual? –  TwoEyedDan Apr 14 '13 at 18:49
    
php.net/manual/en/mysqli.quickstart.prepared-statements.php –  Barmar Apr 14 '13 at 19:01
up vote 0 down vote

Try to add 

if ($con->connect_error) {
die('Connect Error (' . $con->connect_errno . ') '
        . $con->connect_error);
}

after you connecting to DB. Also I would add

$sql = mysqli_query($con, $query2);
if($sql) {
    header(location:welcome.php);
} else {
    echo mysqli_error($con);
}

to see possible errors of your quesries.

share|improve this answer
    
added both and still seeing no errors, still not showing up in the database either though –  TwoEyedDan Apr 14 '13 at 18:49

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.