Welcome to the Treehouse Community
Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.
Looking to learn something new?
Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.
Start your free trialMurray Dare
11,035 PointsCan't get my php code to post into my mysql database
Hi there,
I am creating a simple form to post some information into a database. I can't work out what I am doing wrong. I keep getting the 'Sorry, your registration failed. Please go back and try again.'. First time I tried it, it worked. I can't work out why it hasn't worked since.
The first stage works: $checkusername = mysql_query("SELECT * FROM users WHERE username = '".$username."'"); as if I type in a matching name then I get the ' Sorry, that username is taken. Please go back and try again.' message.
I just can't get the code to insert into my db and then give me the success message!
I know that this code is not very safe at this stage and I need to update my mysql_query statements, I just want my code to work so I can get onto these bigger problems.
I have been looking at this for a day I can't work out why, some help would be much appreciated, none of the courses on treehouse really cover this area.
Thank you very much in advance.
Here's the code:
<?php include "connection.php"; ?>
<?php if(!empty($_POST['username']) && !empty($_POST['password'])) { $username = mysql_real_escape_string($_POST['username']); $password = md5(mysql_real_escape_string($_POST['password'])); $email = mysql_real_escape_string($_POST['email']);
$checkusername = mysql_query("SELECT * FROM users WHERE username = '".$username."'");
if(mysql_num_rows($checkusername) == 1)
{
echo "<h1>Error</h1>";
echo "<p>Sorry, that username is taken. Please go back and try again.</p>";
}
else
{
$registerquery = mysql_query("INSERT INTO users (username, password, email) VALUES('".$username."', '".$password."', '".$email."')");
mysql_query($registerquery);
if($registerquery)
{
echo "<h1>Success</h1>";
echo "<p>Your account was successfully created. Please <a href=\"login.php\">click here to login</a>.</p>";
}
else
{
echo "<h1>Error</h1>";
echo "<p>Sorry, your registration failed. Please go back and try again.</p>";
}
}
} else { ?>
<h1>Register</h1>
<p>Please enter your details below to register.</p>
<form method="post" action="register.php" name="registerform" id="registerform">
<fieldset>
<label for="username">Username:</label><input type="text" name="username" id="username" /><br />
<label for="password">Password:</label><input type="password" name="password" id="password" /><br />
<label for="email">Email Address:</label><input type="text" name="email" id="email" /><br />
<input type="submit" name="register" id="register" value="Register" />
</fieldset>
</form>
<?php
} ?>
2 Answers
Murray Dare
11,035 PointsHi Matthew,
Thanks for getting back to me, just tried your suggestions with no avail. I have decided to start back at the beginning, trying to work out the problem whilst learning about php PDO's as I the code I have written was going to have to be replaced anyway with PDO. Using the 'Integrating PHP with databases' course as it should cover what I want even though it doesn't completely align to what I am trying to do.
Matthew Underhill
20,363 PointsI have done the old course with the Shirts4Mike store with PDO.
It was pretty good and is obviously the way to go.
Have a play around with your use of quotations where you specify your variables in your statements.
Sometimes it can be as simple as an issue like too many quotes used.
Murray Dare
11,035 PointsI spoke to one of my friends who does PHP and he pointed it out the PDO point. Long winded, but got to do it properly, PHP coding doesn't seem to have many shortcuts!
Thanks for your help, really appreciated.
Matthew Underhill
20,363 PointsMatthew Underhill
20,363 PointsI'm no expert, but are the "." required at the start and beginning of each time to specify one of your variables in the SQL statement?
e.g should .$username. just be $username or do varaibales have to be concatenated into the SQL statement like this?
I would also question whether the use of all the double quotes is causing a problem and that the quotes maybe need to be escaped for the statement to run.
A Treehouse course covering stuff like this would be great as creating users, login in pages etc are something that many people would like to create.