I am trying to insert user input into a database on submit. I am required to use POSTBACK method but i am having problems. When open the registration page under al the text boxes it is saying Notice: Undefined variable: firstname in I:\twa\twa291\assignment1ego.php on line 147
Notice: Undefined variable: middlename in I:\twa\twa291\assignment1ego.php on line 147
Notice: Undefined variable: lastname in I:\twa\twa291\assignment1ego.php on line 147
Notice: Undefined variable: user in I:\twa\twa291\assignment1ego.php on line 147
ETC ETC ETC....
Doesnt it have to wait for the user to input? Why is this happening? Here is my code:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<link rel="stylesheet" type="text/css" href="stylesheet.css" />
<title>Registration</title>
<script>
function validateForm()
{
var x=document.forms["rego"]["gname"].value;
if (x==null || x=="")
{
alert("Given name must be filled out");
return false;
}
var x=document.forms["rego"]["mname"].value;
if (x==null || x=="")
{
alert("Middle name must be filled out");
return false;
}
var x=document.forms["rego"]["surname"].value;
if (x==null || x=="")
{
alert("Surname must be filled out");
return false;
}
var x=document.forms["rego"]["username"].value;
if (x==null || x=="")
{
alert("Username must be filled out");
return false;
}
var x=document.forms["rego"]["address"].value;
if (x==null || x=="")
{
alert("Address must be filled out");
return false;
}
var x=document.forms["rego"]["postcode"].value;
if (x==null || x=="")
{
alert("Postcode must be filled out");
return false;
}
var x=document.forms["rego"]["state"].value;
if (x==null || x=="")
{
alert("State must be filled out");
return false;
}
var x=document.forms["rego"]["tel"].value;
if (x==null || x=="")
{
alert("Telephone must be filled out");
return false;
}
var x=document.forms["rego"]["password"].value;
if (x==null || x=="")
{
alert("Password must be filled out");
return false;
}
var x=document.forms["rego"]["passconfirm"].value;
if (x==null || x=="")
{
alert("Confirmation of password must be filled out");
return false;
}
}
</script>
</head>
<body>
<div id="container">
<div id="header">
<h1>Registration</h1></div>
<div id="menu">
<a href="home.php"><h2>Homepage</h2></a><br />
<a href="rego.php"><h2>Registration</h2></a><br />
<a href="userlogin.php"><h2>User Login</h2></a><br />
<a href="adminlogin.php"><h2>Administrator Login</h2></a><br />
<a href="tipping.php"><h2>Tipping</h2></a><br />
<a href="termsnconditions.php"><h2>Terms & Conditions</h2></a><br />
</div>
<form id="rego" action="<?php echo
htmlspecialchars($_SERVER["PHP_SELF"]);?>" method="post" onSubmit="return validateForm()">
<label>Given Name:</label> <input type="text" name="gname"><br />
<br />
<label>Middle Name: </label><input type="text" name="mname"><br />
<br />
<label>Family Name:</label> <input type="text" name="surname"><br />
<br />
<label>Chosen Username:</label> <input type="text" name="username"><br />
<br />
<label>Address:</label> <input type="text" name="address"><br />
<br />
<label>Postcode: </label><input type="text" name="postcode"><br />
<br />
<label>State:</label> <input type="text" name="state"><br />
<br />
<label>Tel number: </label><input type="text" name="tel"><br />
<br />
<label>Password:</label> <input type="password" name="password"><br />
<br />
<label>Password confirmation:</label> <input type="password" name="passconfirm"><br />
<br />
<input type="submit" value="submit" name="submit">
</div>
</form>
<?php
require_once("conn.php");
if (isset($_REQUEST["submit"]))
{
if (isset($_POST["submit"]))
{
$firstname = mysql_real_escape_string($_POST["gname"]);
$middlename = mysql_real_escape_string($_POST["mname"]);
$lastname = mysql_real_escape_string($_POST["surname"]);
$user = mysql_real_escape_string($_POST["username"]);
$addy = mysql_real_escape_string($_POST["address"]);
$post = mysql_real_escape_string($_POST["postcode"]);
$sta = mysql_real_escape_string($_POST["state"]);
$telephone = mysql_real_escape_string($_POST["tel"]);
$pass = mysql_real_escape_string($_POST["password"]);
$systemuser= mysql_real_escape_string($_POST["susername"]);
}
}
$sql = "INSERT INTO users(gname, mname, surname, username, address, postcode, state, tel, password)
VALUES('$firstname', '$middlename', '$lastname', '$user', '$addy', '$post', '$sta', '$telephone',
'$pass')";
$rs = mysql_query($sql, $conn);
if (!$rs) {
die('Problem with query' . mysql_error());
}
echo "1 record added";
mysql_close($conn);
?>
</body>
</html>
PLEASE NOTE: i understand that mysql is being removed or something like that. But i am currently studying it in University and have no choice but to do it. I finish the subject in a week so if you could please bear with me itll be great. Thank you!
You're creating your SQL query before the variables are defined.
<?php
require_once("conn.php");
if (isset($_REQUEST["submit"]))
{
if (isset($_POST["submit"]))
{
$firstname = $_POST["gname"];
$middlename = $_POST["mname"];
$lastname = $_POST["surname"];
$user = $_POST["username"];
$addy = $_POST["address"];
$post = $_POST["postcode"];
$sta = $_POST["state"];
$telephone = $_POST["tel"];
$pass = $_POST["password"];
}
$sql = "INSERT INTO users(gname, mname, surname, username, address, postcode, state, tel, password)
VALUES('$firstname', '$middlename', '$lastname', '$user', '$addy', '$post', '$sta', '$telephone',
'$pass')";
$rs = mysql_query($sql, $conn);
if (!$rs) {
die('Problem with query' . mysql_error());
}
echo "1 record added";
mysql_close($conn);
}
?>
Your db query isn't in your if statement, so is happening every time the script runs
You're trying to run SQL queries outside the IF statement that checks for user submission.
<?php
require_once("conn.php");
if (isset($_REQUEST["submit"]))
{
if (isset($_POST["submit"]))
{
$firstname = $_POST["gname"];
$middlename = $_POST["mname"];
$lastname = $_POST["surname"];
$user = $_POST["username"];
$addy = $_POST["address"];
$post = $_POST["postcode"];
$sta = $_POST["state"];
$telephone = $_POST["tel"];
$pass = $_POST["password"];
$sql = "INSERT INTO users(gname, mname, surname, username, address, postcode, state, tel, password)
VALUES('$firstname', '$middlename', '$lastname', '$user', '$addy', '$post', '$sta', '$telephone',
'$pass')";
$rs = mysql_query($sql, $conn);
if (!$rs) {
die('Problem with query' . mysql_error());
}
echo "1 record added";
}
}