1

I don't know what I'm doing wrong but it's not inserting the data I want it to put into the database. No code error is being given to me except the one that I have created mysql such as the 'Error Inserting' and stuff like that. I also have done lots of a Google searches about login sources and try to see what the difference is but it's no use. I can't find what's wrong! Please help.

<?php
include_once('connect.php')

$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];

if (isset($_POST['dalol'])){
    test();
}

function test(){
    $sql = "INSERT INTO members (username, email, password) VALUES ('".$GLOBALS['username']."','".$GLOBALS['email']."','".$GLOBALS['password']."')";
    if (mysql_query($sql)){
        echo '<p>Successfully Executed!</p>';
    } else {
        echo '<p>Failed!</p>';
    }
}
?>
<!DOCTYPE html>
<html>
<head>
    <title>Insert Test</title>
</head>
<body>
    <form>
        Username: <input type="text" name="username"/><br>
        Email: <input type="email" name="email"/><br>
        Password: <input type="password" name="password"/><br>
        <input type='submit' name='dalol'/>
    </form>
</body>

Improve this question
3
  • You can try without using $globals Commented Feb 16, 2015 at 7:19
  • add echo mysql_error() to your "Failed" output. Commented Feb 16, 2015 at 7:19
  • 1
    Note: The mysql_* functions are deprecated. If you write new code (and especially if you are learning) don't use them. Use mysqli_ or PDO instead. Commented Feb 16, 2015 at 7:20

3 Answers 3

Reset to default
1

You can use global variables !

that is way:

<?php
function test(){
global $username,$email,$password;
$sql = "INSERT INTO members (username, email, password) VALUES ('".$username."','".$email."','".$password."')";
    if (mysql_query($sql)){
        echo '<p>Successfully Executed!</p>';
    } else {
        echo '<p>Failed!</p>';
    }
} ?>

Prevent sql injection

 <?php
    $username = mysql_real_escape_string($_POST['username']);
    $email = mysql_real_escape_string($_POST['email']);
    $password = mysql_real_escape_string($_POST['password']);
     ?>
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Okay thanks for the feedback and will definitely do that. But do you see any reason for it to not insert the data into my database?
Change <form> to <form method="POST" action ="filename.php">
0

It is happening because of the scope of variables.Try with - 

test($username, $email, $password);

And

function test($uname, $email, $password) {
    $sql = "INSERT INTO members (username, email, password) VALUES ('".$uname."','".$email."','".password'."')";
    if (mysql_query($sql)){
        echo '<p>Successfully Executed!</p>';
    } else {
        echo '<p>Failed!</p>';
    }
}

Use mysqli or PDO instead of mysql.

Improve this answer

Comments

0

As all the variables are on same page so you can access the variables without global variable:

Use this:

$sql = "INSERT INTO members (username, email, password) VALUES ('".$username."','".$email."','".$password."')";

And you need to give the method in form tag to as by default it will be get type:

make change in form tag.

<form method="POST">

You need to give the method in form tag as POST because of you are getting the data by POST if you will not give the method then it will be consider it as GET method.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.