I'm currently working on my website's login/register page but the issue I'm having is that the PHP script isn't adding rows into the database. I've been trying to figure this problem out for a few days but I haven't come up with a solution. There are no errors present on the page upon submission either...
<?php
mysql_connect("localhost", "username", "password") or die(mysql_error());
mysql_select_db("test") or die(mysql_error());
if(isset($_POST['f_name']) && !empty($_POST['f_name']) &&
isset($_POST['l_name']) && !empty($_POST['l_name']) &&
isset($_POST['reg_email']) && !empty($_POST['reg_email']) &&
isset($_POST['conf_email']) && !empty($_POST['conf_email']) &&
isset($_POST['password']) && !empty($_POST['password']) &&
$_POST['birthday-day'] != 0 &&
$_POST['birthday-month'] != 0 &&
$_POST['birthday-year'] != 0)
{
$f_name = mysql_real_escape_string($_POST['f_name']);
$l_name = mysql_real_escape_string($_POST['l_name']);
$reg_email = mysql_real_escape_string($_POST['reg_email']);
$conf_email = mysql_real_escape_string($_POST['conf_email']);
$password = mysql_real_escape_string($_POST['password']);
$b_day = $_POST['birthday-day'];
$b_month = $_POST['birthday-month'];
$b_year = $_POST['birthday-year'];
$search = mysql_query("SELECT email FROM users WHERE email='".$reg_email."'");
$match = mysql_num_rows($search);
if($reg_email !== $conf_email) {
$msg = "The emails dont match.";
}
if (!preg_match("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$^", $reg_email)) {
$msg = "The email you have entered is invalid. Please try again.";
}
if ($match > 0) {
$msg = "Email address already registered. Please enter a different one.";
} else {
mysql_query("INSERT INTO userstest (f_name, l_name, email, password) VALUES(
'".$f_name."',
'".$l_name."',
'".$reg_email."',
'".$password."') ") or die(mysql_error());
}
}
else {
//code
}
Form...
<form name="register" action="<?php print ($_SERVER['PHP_SELF']); ?>" method="post" class="regform" >
<input type="text" name="f_name" class="f_name" placeholder="First Name" />
<input type="text" name="l_name" class="l_name" placeholder="Last Name" />
<input type="text" name="reg_email" class="reg_email" placeholder="Email" />
<input type="text" name"conf_email" class="conf_email" placeholder="Re-enter Email" />
<input type="password" name="password" class="reg_pass" placeholder="Password" />
<div id="birthday">
<h1>
BIRTHDAY
</h1>
<select name="birthday-day" id="day" class="day">
<option value="0">Day</option>
<option value="01">1</option>
<option value="02">2</option>
<option value="03">3</option>
<option value="04">4</option>
<option value="05">5</option>
...etc
</select>
<select name="birthday-month" class="month">
<option value="0">Month</option>
<option value="01">Jan</option>
<option value="02">Feb</option>
<option value="03">Mar</option>
<option value="04">Apr</option>
</select>
<select name="birthday-year" class="year">
<option value="0">Year</option>
<option value="1994">1994</option>
</select>
</div>
<div id="submitbutton">
<input type="submit" name="submit" class="reg_submit" value="REGISTER" />
</div>
</form>
It may be a simple syntax error I'm not seeing but I appreciate any help I get.
Below is my original answer, which spawned the thread that led to the answer. Since this won't help many people looking for a solution, this will make things clearer:
At the top of the form, after it has been displayed but before it has been submitted, add this code:
$super_test = (
isset($_POST['f_name']) && !empty($_POST['f_name'])
&& isset($_POST['l_name']) && !empty($_POST['l_name'])
&& isset($_POST['reg_email']) && !empty($_POST['reg_email'])
&& isset($_POST['conf_email']) && !empty($_POST['conf_email'])
&& isset($_POST['password']) && !empty($_POST['password'])
&& $_POST['birthday-day'] != 0
&& $_POST['birthday-month'] != 0
&& $_POST['birthday-year'] != 0
) ;
dump($_POST);
die(dump($super_test));
This immediately showed a missing field in the $_POST variable (conf_email) which was then narrowed down to a missing '=' sign in this case.
And the magic function dump() was nicked from @PhilSturgeon:
function dump()
{
list($callee) = debug_backtrace();
$arguments = func_get_args();
$total_arguments = count($arguments);
echo '<fieldset style="background: #fafafa !important; border:2px cornflowerblue solid; padding:6px; font-size: 10px;">';
echo '<legend style="background:lightgrey; padding:5px;">'.$callee['file'].' @ line: '.$callee['line'].'</legend><pre>';
$i = 0;
foreach ($arguments as $argument)
{
echo '<br/><strong>Debug #'.(++$i).' of '.$total_arguments.'</strong>: ';
if ( (is_array($argument) || is_object($argument)) && count($argument))
{
print_r($argument);
}
else
{
var_dump($argument);
}
}
echo '</pre>' . PHP_EOL;
echo '</fieldset>' . PHP_EOL;
}
-- end of summary --
$reg_email = mysql_real_escape_string($_POST['reg_email']);
and then you have
$search = mysql_query("SELECT email FROM users WHERE email='".$reg_email."'");
It's possible that the query never matches because something is happening the $reg_email that makes it a different value from the database column.
At any rate I would:
mysql_select that read die(print_r($_POST)) to see what was coming from the input page (first debug step)if match ... to echo $msg because it's possible it's being overwritten.I would split the query building into two phases and force an output there as well, and I would move it above the if ($match so that you can see the query always regardless of the logic:
$query = "INSERT INTO userstest (f_name, l_name, email, password) VALUES( '".$f_name."', '".$l_name."', '".$reg_email."', '".$password."') "; echo $query; mysql_query($query) ...