simple MySQL problem 2

[Murugs]

My HTML
<html>
<head>
<h1>
User Registration
</h1>
<form method=post action=&quot;create_entry.php&quot;>
</head>
<body bgcolor=&quot;green&quot;>
<b>
<br>
Username
<br>
</b>
<input type=text size=15 name=username>
<br>
<b>
UserPassword
</b>
<br>
<input type=password size=15 name=password>
<br>
<input type=submit name=submit value=&quot;Register&quot;>
<input type=reset name=reset value=&quot;Clear&quot;>
</form>
</body>
</html>

This is My PHP create_entry.php script
<?php

mysql_connect(&quot;localhost&quot;, &quot;root&quot;, &quot;root&quot or
die (&quot;Could not connect to database&quot;
mysql_select_db(&quot;user&quot or
dir (&quot;Could not select database&quot;

if ($submit == &quot;Register&quot
{
$query = &quot;insert into users (username, password) values ('$username', '$password')&quot;;
mysql_query($query) or
die (mysql_error());
}
?>
<h3>You are now registered</h3>
<a href=&quot;login.html&quot;>Go back to main page</a>

user is my database
users is my table inside the database.

But when I enter some username and password nothing is updated in to the database.

where is the problem..

regards
MP

 

[sleipnir214]

I see multiple problems here.

First, none of your code will work without the PHP runtime configuration directive &quot;register_globals&quot; being set to &quot;on&quot;. The default is &quot;off&quot;, and it should be left that way (

http://us4.php.net/manual/en/security.registerglobals.php).

You should reference your variables via the superglobal arrays, specifically in this case $_POST (

http://us4.php.net/manual/en/reserved.variables.php).

Second, your code depends on a submit button's actually submitting something to the server. This is not necessarily the case, particularly with newer browsers. Check for the presence of one of your text fields instead.

General debugging advice: faq434-2999

Want the best answers? Ask the best questions:

http://www.catb.org/~esr/faqs/smart-questions.html

TANSTAAFL!!

 

[appcim]

Try echoing $submit to check its value. I think you need to use $_GET($submit). (Also for $username & $password)

Also, I would put in some logic to let you know the update happened. If it didn't it will exit the IF ($submit == &quot;Register&quot statement and still give a message that you are registered. (include the message within the IF statment and create an ELSE statement with an error message).

Regards,

 

[appcim]

sorry, it should have been $_POST(...) to get the form variable not $_GET.....

 

[sleipnir214]

It also should be &quot;$_POST['submit']&quot;, not &quot;$_POST($submit)&quot;.

In any regard, some browsers do not send values from submit buttons.

Want the best answers? Ask the best questions:

http://www.catb.org/~esr/faqs/smart-questions.html

TANSTAAFL!!

 

[Murugs]

Finally It worked ..
if ($_POST['submit'] == &quot;Register&quot

and

$query = &quot;INSERT INTO users values
('$_POST[username]','$_POST[password]')&quot;;

Thanks guys...

 

[Murugs]

I am really new to PHP and MySQl..What is this register_globals..and how important is this php.ini file.
My current case is set for register_globals to off.

 

[sleipnir214]

Read the link I posted earlier, the one that points to a file called security.registerglobals.php.

Want the best answers? Ask the best questions:

http://www.catb.org/~esr/faqs/smart-questions.html

TANSTAAFL!!

 

[Murugs]

Hello Sleipnir..
I have read thru the link and getting a feel of PHP...
Today is my first day in PHP..I know I need to do more homework..Thanks for ur tips and suggestions...But now I am in next part...and again same problem..
Now I am authenticating the users with the values entered in to the database.


if ($_POST['submit'] == &quot;Login&quot
{
mysql_connect(&quot;localhost&quot;, &quot;root&quot;, &quot;root&quot or
die (&quot;Could not connect to database&quot;

mysql_select_db(&quot;user&quot or
dir (&quot;Could not select database&quot;

$result=mysql_query(&quot;select * from user where username='$_POST[username]'&quot
or die (&quot;cant do it&quot;

while ($row=mysql_fetch_array($result)) {
if ($row[&quot;password&quot;]=='$_POST[password]' )
{
printf(&quot;Successfully Logged In!&quot;
}else{
print(&quot;Nope&quot;

getting execution errors all the time.

 

[sleipnir214]

&quot;execution errors all the time&quot; is awfully vague.

PHP's error messages are pretty good. The only one that really gives people fits is &quot;Parse error&quot;, but this is only because PHP does not report the line number at which it became confused, but rather the line number at which it realized it became confused. A lot of the time, the actual code error that forced a parse error exists on a line earlier than reported.

Beyond that advice, I can only comment generally.

This line:

result=mysql_query("select * from user where username='$_POST[username]'") or die ("cant do it");

is going to give PHP heartburn. PHP doesn't handle well associative array references inside of quotes. I've generally found it safer to use something like:

result=mysql_query("select * from user where username='" . $_POST['username'] . "'") or die ("cant do it");

Want the best answers? Ask the best questions:

http://www.catb.org/~esr/faqs/smart-questions.html

TANSTAAFL!!