0

I have a "Windows Apache MySQL PHP" server on my laptop. I get absolutely no error messages, but when I send things to MySQL via PHP script, nothing happens in MySQL (I also sent something via the MySQL command prompt and it looks like it just made a test table and didn't put anything in it like I asked, but I'm not positive I did everything I should have in this case). I've rescripted my whole page a different way and it still doesn't work.

Here is a picture of my form and how the table looks in MySQL:

http://tinypic.com/view.php?pic=21kjgno&s=5

System:

Windows 7 Home Premium SP1 64 bit-- Apache 2.4.4 32 bit with ssl0.9.8-- PHP 5.4.11 32 bit VC9-- MySQL 5.5.31 64 bit with Navicat Lite

<?php  
define('DB_HOST', 'localhost');
define('DB_NAME', 'projectedin');
define('DB_USER','root');
define('DB_PASSWORD','');

$con=mysql_connect(DB_HOST,DB_USER,DB_PASSWORD) or die("Failed to connect to MySQL: " . mysql_error());
$db=mysql_select_db(DB_NAME,$con) or die("Failed to connect to MySQL: " .mysql_error());

function NewUser()
{
    $userName = $_POST['username'];
    $firstname = $_POST['firstname'];
    $lastname = $_POST['lastname'];
    $password =  $_POST['password'];
    $birthday =  $_POST['birthday'];
    $gender =  $_POST['gender'];
    $query = "INSERT INTO users (username,firstname,lastname,password,birthday,gender) VALUES ('$username','$firstname','$lastname','$password','$birthday','$gender')";
    $data = mysql_query ($query)or die(mysql_error());
    if($data)
    {
        echo "YOUR REGISTRATION IS COMPLETED...";
    }
}

function SignUp()
{
    if(!empty($_POST['username']))   //checking the 'user' name which is from Sign-Up.html, is it empty or have some text
    {
    $query = mysql_query("SELECT * FROM users WHERE username = '$_POST[username]' AND password = '$_POST[password]'") or die(mysql_error());

    if(!$row = mysql_fetch_array($query) or die(mysql_error()))
    {
        newuser();
    }
    else
    {
        echo "SORRY...YOU ARE ALREADY REGISTERED USER...";
    }
    }
}
if(isset($_POST['submit']))
{
    SignUp();
}
mysqli_close ($con);
?>
Improve this question
3
  • the way you use the functions is wrong. also you need to check on the conditions to take action onto. you code needs a different approach. Not logical Commented Dec 17, 2013 at 1:17
  • 1
    Why you have both mysql and mysqli functions? Commented Dec 17, 2013 at 1:18
  • $con and $db need to be declared as global within each function i.e. global $con, $db; Commented Dec 17, 2013 at 1:55

2 Answers 2

Reset to default
2

There are a number of concerns here (more on that later), but this might be an issue for you:

You try to call your new user function like this:

newuser();

However it is named NewUser. This is case sensitive and will not work. Look at your error logs to see the errrs you are getting here.

Other issues:

  • You are using deprecated mysql_* functions. If you are learning PHP, learn the right way and use mysqli or PDO.
  • You are not escaping your input at all, and are therefore very prone to SQL injection attacks.
  • You are kind of randomly using functions when they don't really bring you any value.
  • You are kind of going outside of typical PHP coding standard when having your function names start with uppercase letter. This is a bit unusual for PHP, though this would actually work.
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

I have changed the code with mysqli functions and escaped everything in the function newuser except for the query. (Am I supposed to call the $db connection before $POST when I do this?) I also made the functions lowercase and added single quotes where Ignacio suggested. It still doesn't do anything. I click submit and I get a white screen without feedback. There was another script I used, which gave me some feedback (improperly), but it still did not post to MySQL.
@Enki Check your error logs. If you don;t have error logging turned on, turn it on.
I couldn't find the default error log, so I set it to make one in the PHP directory. I ran the page and hit submit, but no log was created. I'm thinking maybe there's something wrong with my PHP MySQL installation. I may have to do it over because it just acts like it's not even attempting communication between the two programs.
I have reinstalled PHP and MySQL. I check and made sure I had VC 9, 10, and 11 just to make sure that couldn't be the problem. I realized I'd installed 64bit MySQL and reinstalled it will 32bit, and then I made sure a 32bit libmysql.dll was in my PHP directory (I was amazed that MySQL hadn't pointed this out, but this installation has been acting differently than normal all the way through). It still doesn't work, and I'm positive it isn't the script now because I have a test script that isn't working either. Any ideas?
0

You have an error in your Signup query:

$query = mysql_query("SELECT * FROM users WHERE username = '$_POST['username']' AND password = '$_POST['password']'") or die(mysql_error());

I changed $_POST[username] to $_POST['username'] and $_POST[password] to $_POST['password']

Also, you are vulnerable for MySQL injections, you should use mysql_real_scape_string function to clean each $_POST var: $userName = mysql_real_scape_string($_POST['username']);

Finally, you should not use mysql* functions, they are deprecated.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.