This code inserts data from a form into a database named "test" and table named "signup". The insert query is not working:
<?php
echo"working2";
if(isset($_POST['submit']))
{
echo"woerking";
$conn = mysql_connect("localhost", "root", "", "test") or die("error connecting");
echo"woerking1";
$flag=0;
$Rno=$_POST['rno'];
echo$Rno;
$fname=$_POST['fname'];
echo $fname;
$lname=$_POST['lname'];
$email=$_POST['uemail'];
$pswd=$_POST['pswd'];
$repswd=$_POST['repswd'];
//$choice="select Rollno from signup where Rollno='$Rno' ";
//$chk=mysql_query($choice);
//echo $chk;
//while($row=mysql_fetch_array($chk))
//{
//echo "<font color='red'>ROLL-NUMBER ALREADY EXIST!!!!</font>";
//$flag=1;
//}
if($flag==0)
{
$query="INSERT INTO `signup`(`Rollno`, `fname`, `lname`, `email-id`, `password`, `retype`) VALUES($Rno,'$fname','$lname','$email','$pswd','$repswd')";
*##//query not working##*
$tem=mysql_query($query);
if(isset($tem))
{
echo"REGISTERED SUCCESSFULLY";
}
}
}
?>
Try this change to start:
$tem=mysql_query($query) or die(mysql_error());
That will tell you the problem with the query. Unfortunately it won't tell you about the SQL injection vulnerabilities in your code - but please fix them anyway!
$query="INSERT INTO `signup`(`Rollno`,`fname`,`lname`,`email-id`,`password`,`retype`)VALUES('".$Rno."','".$fname."','".$lname."','".$email."','".$pswd."','".$repswd."')";
try it like this..