This is probably the most asked question here. I have made a simple user registration form. The values are not inserted into the database. I used echo and the query is returning false. The form was working well before but then i separated the name into first and last name and dropped the previous table and made a new one. Here is the registration page code:
<!DOCTYPE html>
<?php
session_start();
include('includes/connect.php');
?>
<html>
<head>
<?php
if(isset($_POST['register_ok'])){
global $con;
$user_first_name = $_POST['user_first_name'];
$user_last_name = $_POST['user_last_name'];
$email = $_POST['email'];
$password = $_POST['password'];
echo "<script type='text/javascript'>alert(\"$user_first_name\");</script>"; //This echo is returning username successfully!
$query = "insert into user(user_first_name, user_last_name, user_email, password) values('$user_first_name', '$user_last_name', '$email', '$password')";
if(mysqli_query($con, $query)){
$_SESSION['user'] = 'user';
$_SESSION['user_first_name'] = $user_first_name;
echo "header('Location:index.php')";
} else {
echo "<script type='text/javascript'>alert(\"Values not inserted\");</script>"; //This is running which means query is not successfull.
}
} else {
echo "<script type='text/javascript'>alert(\"Page didn't receive post values\");</script>";
}
?>
<link rel="stylesheet" type="text/css" href="styles/register_style.css">
<title>New User Registration</title>
</head>
<body>
<div class="wrapper">
<header></header>
<div class="form_div">
<div class="form">
<form id="register_form" method="post" action="" autocomplete="autocomplete">
<table>
<tr>
<td id="label">First Name: </td>
<td id="input"><input type="text" name="user_first_name" required="required" id="input_box"></td>
</tr>
<tr>
<td id="label">Last Name: </td>
<td id="input"><input type="text" name="user_last_name" required="required" id="input_box"></td>
</tr>
<tr>
<td id="label">Email: </td>
<td id="input"><input type="text" name="email" required="required" id="input_box"></td>
</tr>
<tr>
<td id="label">Password: </td>
<td id="input"><input type="password" name="password" id="input_box"></td>
</tr>
<tr>
<td id="label">Confirm Password: </td>
<td id="input"><input type="password" name="confirm_password" id="input_box"></td>
</tr>
<tr id="button_row">
<td colspan="2"><input type="reset" value="Reset" id="button">
<input type="submit" value="Register" id="button" name="register_ok"></td>
</tr>
</table>
</form>
</div>
</div>
</div>
</body>
</html>
And this is the table :
The table is empty and the first alert is returning user first name and the second alert runs when the query returns false. It is returning false.
I think it may be a typo but cannot narrow it down. Any help would be welcome.
Change your column types from int to varchar. I'm talking about string columns (names and email). Mysql has an option to check for the data type you are trying to insert and fail if they don`t match.
Firstly,
Change column name from INT to VARCHAR using this query.
"ALTER TABLE `user`
MODIFY COLUMN `user_first_name` VARCHAR(225),
MODIFY COLUMN `user_last_name` VARCHAR(225),
MODIFY COLUMN `user_email` VARCHAR(225),
MODIFY COLUMN `password` VARCHAR(225);";
Secondly,
You kept id for both input & <td> as same in each and every row. ID can't be same.
Change it to.
<table>
<tr>
<td id="label1">First Name: </td>
<td id="input1"><input type="text" name="user_first_name" required="required" id="input_box1"></td>
</tr>
<tr>
<td id="label2">Last Name: </td>
<td id="input2"><input type="text" name="user_last_name" required="required" id="input_box2"></td>
</tr>
<tr>
<td id="label3">Email: </td>
<td id="input3"><input type="text" name="email" required="required" id="input_box3"></td>
</tr>
<tr>
<td id="label4">Password: </td>
<td id="input4"><input type="password" name="password" id="input_box4"></td>
</tr>
<tr>
<td id="label5">Confirm Password: </td>
<td id="input5"><input type="password" name="confirm_password" id="input_box5"></td>
</tr>
<tr id="button_row">
<td colspan="2"><input type="reset" value="Reset" id="button">
<input type="submit" value="Register" id="button" name="register_ok"></td>
</tr>
</table>
You need to learn about sql injections and also about securing your passwords, use mysqli prepared statements / PDO what ever you find easy to learn
<!DOCTYPE html>
<?php
session_start();
include('includes/connect.php');
?>
<html>
<head>
<?php
if(isset($_POST['register_ok'])){
$user_first_name = $_POST['user_first_name'];
$user_last_name = $_POST['user_last_name'];
$email = $_POST['email'];
$password = $_POST['password'];
// Lets encrypt the password;
$hash = pasword_hash($password,PASSWORD_DEFAULT);
// lets insert then
$query = $con->prepare("INSERT INTO user (user_id,user_first_name, user_last_name, user_email, password) VALUES(?,?,?,?)");
$query->bind_param("ssss", $user_first_name, $user_last_name, $email,$hash);
$query->execute();
if ($query->execute()) {
echo "<script type='text/javascript'>alert(\"$user_first_name\");</script>"; //This echo is returning username successfully!
} else {
echo "<script type='text/javascript'>alert(\"Values not inserted\");</script>"; //This is running which means query is not successfull.
}
}
?>
<link rel="stylesheet" type="text/css" href="styles/register_style.css">
<title>New User Registration</title>
</head>
<body>
<div class="wrapper">
<header></header>
<div class="form_div">
<div class="form">
<form id="register_form" method="post" action="" autocomplete="autocomplete">
<table>
<tr>
<td id="label">First Name: </td>
<td id="input"><input type="text" name="user_first_name" required="required" id="input_box"></td>
</tr>
<tr>
<td id="label">Last Name: </td>
<td id="input"><input type="text" name="user_last_name" required="required" id="input_box"></td>
</tr>
<tr>
<td id="label">Email: </td>
<td id="input"><input type="text" name="email" required="required" id="input_box"></td>
</tr>
<tr>
<td id="label">Password: </td>
<td id="input"><input type="password" name="password" id="input_box"></td>
</tr>
<tr>
<td id="label">Confirm Password: </td>
<td id="input"><input type="password" name="confirm_password" id="input_box"></td>
</tr>
<tr id="button_row">
<td colspan="2"><input type="reset" value="Reset" id="button">
<input type="submit" value="Register" id="button" name="register_ok"></td>
</tr>
</table>
</form>
</div>
</div>
</div>
</body>
</html>
NB : You need to check if the username does not exist before inserting it.
In my case, the strict mode setting was causing the issue. It requires values for all the columns to be specified in the INSERT command. Everything worked after the strict mode setting was disabled.
Check for strict mode (this should be blank):
SHOW VARIABLES LIKE 'sql_mode';
Turn off strict mode:
SET GLOBAL sql_mode = '';
Turn on strict mode:
SET GLOBAL sql_mode = 'STRICT_TRANS_TABLES';
Credit: this post
Related
i have some code that controls duplicate entries in particular the USER ID. it checks in the database at submit and if that USER ID exists already it gives that notification. now the problem is when i submit and if that USER ID entered already exists in the database, all the other entries on the form are cleared, prompting me to re_enter all the other details again. i find this annoying and retrogressive. i want some help on how better i can do it such that only the USER ID text box returns empty, keeping other details safe/unchanged or indeed alternatively keeping/buffering/caching all details previously entered so that i can also review the duplicate USER ID before changing it.
new_user.php
<h1 align="center">Create New User</h1>
<p align="center" style="color:#F00"><?php if(isset($_GET['dup'])){ echo "That User ID Already Exists!"; } ?> </p>
<form id="form1" method="post" action="add_user.php">
<table width="100%">
<tr>
<td width="204"><div align="right">User ID:</div></td>
<td width="286">
<input type="text" name="user_id" id="user_id" />
</td>
</tr>
<tr>
<td><div align="right">Full Names:</div></td>
<td>
<input type="text" name="fname" id="fname" />
</td>
</tr>
<tr>
<td><div align="right">Gender:</div></td>
<td><select id="sex" name="sex">
<option selected="selected" value="male">Male</option>
<option name="female">Female</option>
</select></td>
</tr>
<tr>
<td><div align="right">NRC Number:</div></td>
<td>
<input type="number" name="nrcno" id="nrcno" min="1" />
</td>
</tr>
<tr>
<td><div align="right">Phone Number:</div></td>
<td>
<input type="number" name="cellno" id="cellno" />
</td>
</tr>
<tr>
<td><div align="right">Email Address:</div></td>
<td>
<input type="email" name="emailad" id="emailad" />
</td>
</tr>
<tr>
<td><div align="right">Position Held:</div></td>
<td>
<input type="text" name="posh" id="posh" />
</td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="create" id="create" value="Add User" /></td>
</tr>
</table>
</form>
add_user.php
<?php
$user_id=$_POST['user_id'];
$fname = $_POST['fname'];
$sex= $_POST['sex'];
$name= $_POST['name'];
$nrcno = $_POST['nrcno'];
$cellno= $_POST['cellno'];
$emailad = $_POST['emailad'];
$posh = $_POST['posh'];
require("get_func.php");
checkID($id);
include("connect.php");
mysql_select_db("ceec", $con);
$query = "INSERT INTO user VALUES ('$user_id', '$fname', '$sex','$name', '$nrcno', '$cellno', '$emailad', '$posh')";
if (mysql_query($query)){
header("Location: success.php");
}
else {echo "Nada" . mysql_error(); }
mysql_close($con);
?>
get_func.php
<?php
function checkID($id){
include_once("connect.php");
mysql_select_db("ceec",$con);
$query = "SELECT * FROM user WHERE user_id = '$id'";
$result= mysql_query($query);
if($row = mysql_fetch_array($result))
{
header("Location: new_user.php?dup=true");
break;
}
else {}
}
?>
<input type="text" name="user_id" id="user_id"
<?php if(isset($_POST['user_id'])){echo htmlentities($_POST['user_id'];} ?>/>
I am making a change password page in php, i am having problem. Kindly guide me where i am getting problem.
<form action="do_change_password.php" method="post">
<table width="70%" cellpadding="0" cellspacing="0" align="center" border="0">
<tr>
<td colspan="2" align="center">
<h2>CHANGE PASSWORD</h2>
</td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td width="40%" height="30">Current Password
</td>
<td width="60%">
<input name="password" type="password" id="password" size="30"/>
</td>
</tr>
<tr>
<td height="30">New Password</td>
<td>
<input name="newpassword" type="password" id="newpassword" size="30"/>
</td>
</tr>
<tr>
<td height="30">Confirm New Password</td>
<td>
<input name="confirmnewpassword" type="password" id="confirmnewpassword" size="30"/>
</td>
</tr>
<tr>
<td height="30" colspan="2" align="center">
<input name="submit" type="submit" value="Submit" id="submit_btn"/>
<input name="reset" type="reset" value="Reset" id="reset"/>
</td>
</tr>
</table>
</form>
do_change_password.php
<?php
include 'includes/dbConnect.php';
$password = $_POST['password'];
$newpassword = $_POST['newpassword'];
$confirmnewpassword = $_POST['confirmnewpassword'];
$error_msg = "Field(s) cannot be empty";
if ($password == '' || $newpassword == '' ||$confirmnewpassword == '')
{
echo $error_msg;
exit;
}
$result = mysql_query("SELECT password FROM users WHERE password='$password'");
if
($password != mysql_result($result< 0))
{
echo "Entered an incorrect password";
}
if($newpassword == $confirmnewpassword)
{
$sql = mysql_query("UPDATE registration SET password = '$newpassword' WHERE password='$current_password'");
}
if(!$sql)
{
echo "Congratulations, password successfully changed!";
}
else
{
echo "New password and confirm password must be the same!";
}
?>
dbConnect.php
<?php
error_reporting(E_ERROR);
global $link;
$servername='localhost';
$dbname='school';
$dbusername='root';
$dbpassword='';
$table_Name="students";
$link = mysql_connect($servername,$dbusername,$dbpassword);
if (!$link) {
die('Could not connect: ' . mysql_error());
}
else
{
mysql_select_db($dbname,$link) or die ("could not open db".mysql_error());
}
?>
I am getting this error, i am not able to change the password:
Entered an incorrect passwordCongratulations, password successfully changed! cannot change the password
Kindly tell me where i am doing mistake.
Thanks in advance
I believe you mixed up id with name in the input tags.
Replace...
<input name="current" type="password" id="password" size="30"/>
...with...
<input id="current" type="password" name="password" size="30"/>
Basically whatever you specify as name in your input tags is what you'll be able to get through $_POST.
So <input name="whatever" /> will be $_POST['whatever'].
<input name="current" type="password" id="password" size="30" name="password"/>
$password = $_POST['password'];
$_POST it should be accept name attribute from html tag.
Try to replace your form with this .... your mistake to change your field names, and try to improve your php code see this SQL injection
<form action="do_change_password.php" method="post">
<table width="70%" cellpadding="0" cellspacing="0" align="center" border="0">
<tr>
<td colspan="2" align="center">
<h2>CHANGE PASSWORD</h2>
</td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td width="40%" height="30">Current Password
</td>
<td width="60%">
<input name="password" type="password" id="password" size="30"/>
</td>
</tr>
<tr>
<td height="30">New Password</td>
<td>
<input name="newpassword" type="password" id="newpassword" size="30"/>
</td>
</tr>
<tr>
<td height="30">Confirm New Password</td>
<td>
<input name="confirmnewpassword" type="password" id="confirmnewpassword" size="30"/>
</td>
</tr>
<tr>
<td height="30" colspan="2" align="center">
<input name="submit" type="submit" value="Submit" id="submit_btn"/>
<input name="reset" type="reset" value="Reset" id="reset"/>
</td>
</tr>
</table>
</form>
<form action="do_change_password.php" method="post">
<table width="70%" cellpadding="0" cellspacing="0" align="center" border="0">
<tr>
<td colspan="2" align="center">
<h2>CHANGE PASSWORD</h2>
</td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td width="40%" height="30">Current Password
</td>
<td width="60%">
<input name="password" type="password" id="password" size="30"/>
</td>
</tr>
<tr>
<td height="30">New Password</td>
<td>
<input name="newpassword" type="password" id="newpassword" size="30"/>
</td>
</tr>
<tr>
<td height="30">Confirm New Password</td>
<td>
<input name="confirmnewpassword" type="password" id="confirmnewpassword" size="30"/>
</td>
</tr>
<tr>
<td height="30" colspan="2" align="center">
<input name="submit" type="submit" value="Submit" id="submit_btn"/>
<input name="reset" type="reset" value="Reset" id="reset"/>
</td>
</tr>
</table>
</form>
try this..it will work fine.
You must capture:
$password = $_POST['current'];
$newpassword = $_POST['new'];
$confirmnewpassword = $_POST['confirm-new'];
Or replace the name of your inputs.
<?php
if(isset($_POST['submit']))
{
$uname=$_POST['uname'];
$pswd=$_POST['pswd'];
$cpswd=$_POST['cpswd'];
$fname=$_POST['fname'];
$lname=$_POST['lname'];
$email=$_POST['email'];
$address=$_POST['add'];
$mobile=$_POST['mobile'];
$con=mysqli_connect("localhost","root","","registration");
$sql1="select usname, email from registration1 where usname='$uname' or email='$email'";
$query=mysqli_query($con,$sql1) or die(mysqli_error($con));
$rownum=mysqli_num_rows($query);
if($rownum != 0)
{
echo "User With This User Name or Email Address Is Already Available";
}
else
{
$sql2="insert into registration1 (usname,psswd,fsname,lsname,email,address,mobileno) values ('$uname','$pswd','$fname','$lname','$email','$address','$mobile')";
mysqli_query($con,$sql2) or die(mysqli_error($con));
echo "Registration Successful";
}
}
?>
I am redirecting to home.php which is written in form action, the php code in this is not executing. can anybody help me to resolve this
this is my html code i am redirecting to home .php on clicking submit button values entered in textbox is not entering into database on clicking submit button.
`<html>
<head>
<title>Registration Form</title>
</head>
<body>
<center>
<form method="post" action="home.php">
<table>
<tr>
<td>
<p>User Name</p>
</td>
<td>
<input type="text" name="uname"/>
</td>
</tr>
<tr>
<td>
<p>Password</p>
</td>
<td>
<input type="password" name="pswd" />
</td>
</tr>
<tr>
<td>
<p>Confirm Password</p>
</td>
<td>
<input type="password" name="cpswd" />
</td>
</tr>
<tr>
<td>
<p>First Name</p>
</td>
<td>
<input type="text" name="fname" />
</td>
</tr>
<tr>
<td>
<p>Last Name</p>
</td>
<td>
<input type="text" name="lname" />
</td>
</tr>
<tr>
<td>
<p>Email Address</p>
</td>
<td>
<input type="email" name="email" />
</td>
</tr>
<tr>
<td>
<p>Address</p>
</td>
<td>
<input type="text" name="add" />
</td>
</tr>
<tr>
<td>
<p>Mobile No.</p>
</td>
<td>
<input type="text" name="mobile" />
</td>
</tr>
<tr>
<td>
<input type="submit" value="submit" name="submit" />
</td>
</tr>
</table>
</form>
</center>
</body>
</html>`
If there is no Output / No Errors .. Please Make Sure $_POST['submit'] Variable is Posted Vai From..
at first want to say please describe the error properly.there can be many reason.
option 1:maybe $_POST['submit'] or other values is not initialized properly.then it wont enter the if block ever
option 2:$con=mysqli_connect("localhost","root","password"); check if this connection establishment is okay or not.
option 3:i am not sure.but i think while fetching multiple column you need to use an array().
please debug the code..find out after which line the code stop executing.you can do this by using echo 'xxx'; as checkpoint in your code and report us
note:use mysqli_real_escape_string() and various php mysqli function to be safe from mysqli injection
<input type="submit" value="submit" name="submit" />
<input type="hidden" name="submit" value="submit" />
</form>
this is how your form should be done..add that hidden type
EDIT 1: if it doesn't work.then put echo 'step 1,2,3...' in your home.php.and check after which statement it stops executing.for exemple you can put a echo right after if() to check if it is entering in your if block or not
This question is unlikely to help any future visitors; it is only relevant to a small geographic area, a specific moment in time, or an extraordinarily narrow situation that is not generally applicable to the worldwide audience of the internet. For help making this question more broadly applicable, visit the help center.
Closed 10 years ago.
I have a point system were there's a quiz. when they click submit from the quiz i want them to get +1 into points in mysql. i got a datbase called login and table users, and in the users i want the points to be updated with 1+ when they have taken the quiz.
the code for the quiz_form i use:
:<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Registration Form</title>
</head>
<body>
<table width="328" border="0" align="center">
<form id="form1" name="form1" method="post" action="script.php">
<tr>
<td colspan="2"><h2 style="color:#FF0000">Quiz1</h2></td>
</tr>
<tr>
<td>UserName:</td>
<td>
<input name="txtusername" type="text" id="txtusername" value="<?php
session_start();
if ($_SESSION['username'])
{
echo "".$_SESSION['username'];
}
else
header ("location: welcome1.html");
?>
" />
</td>
</tr>
<tr>
<td>Who is Obama?</td>
<td><input type="password" name="txtPassword" id="txtPassword" /></td>
</tr>
<tr>
<td>What was the bing thing that were going to happend in 2012?</td>
<td><input type="text" name="txtemail" id="txtemail" /></td>
</tr>
<tr>
<td>What is a farrari?</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td>What is a spoon used for?</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td>Witch letter does this url start with?</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td>Are COD a game?</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td colspan="2" align="center">
<input type="submit" name="btnRegister" id="btnRegister" value="submit" />
</td>
</tr>
</form>
</table>
<table width="328" border="0" align="center">
<form id="form1" name="form1" method="post" action="script2.php">
<tr>
<td colspan="2"><h2 style="color:#FF0000">Quiz2</h2></td>
</tr>
<tr>
<td>UserName:</td>
<td>
<input name="txtusername" type="text" id="txtusername" value="<?php
if ($_SESSION['username'])
{
echo "".$_SESSION['username'];
}
else
header ("location: welcome1.html");
?>
" />
</td>
</tr>
<tr>
<td>Who evented facebook?</td>
<td><input type="password" name="txtPassword" id="txtPassword" /></td>
</tr>
<tr>
<td>What is a cat?</td>
<td><input type="text" name="txtemail" id="txtemail" /></td>
</tr>
<tr>
<td>What is a lamborgini?</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td>What is goodel used for?</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td>What is the last letter in this url</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td>Are Counter strik a game?</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td colspan="2" align="center">
<input type="submit" name="btnRegister" id="btnRegister" value="submit" />
</td>
</tr>
</form>
</table>
<table width="328" border="0" align="center">
<form id="form1" name="form1" method="post" action="script3.php">
<tr>
<td colspan="2"><h2 style="color:#FF0000">Quiz3</h2></td>
</tr>
<tr>
<td>UserName:</td>
<td>
<input name="txtusername" type="text" id="txtusername" value="<?php
if ($_SESSION['username'])
{
echo "".$_SESSION['username'];
}
else
header ("location: welcome1.html");
?>
" />
</td>
</tr>
<tr>
<td>What is yourube used for?</td>
<td><input type="password" name="txtPassword" id="txtPassword" /></td>
</tr>
<tr>
<td>What is a dog?</td>
<td><input type="text" name="txtemail" id="txtemail" /></td>
</tr>
<tr>
<td>What is a kebab?</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td>Who is the most famed tenager in 2012/13?</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td>What is the 4th letter in this url?</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td>100*2 - 5 +105 -55 +45= </td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td colspan="2" align="center">
<input type="submit" name="btnRegister" id="btnRegister" value="submit" />
</td>
</tr>
</form>
</table>
</body>
</html>
here is the script i use for the quiz:
<?php
//=============Configuring Server and Database=======
$host = 'localhost';
$user = 'root';
$password = '';
//=============Data Base Information=================
$database = 'login';
$conn = mysql_connect($host,$user,$password) or die('Server Information is not Correct'); //Establish Connection with Server
mysql_select_db($database,$conn) or die('Database Information is not correct');
//===============End Server Configuration============
//=============Starting Registration Script==========
$username = mysql_real_escape_string($_POST['txtusername']);
//=============To Encrypt Password===================
//============New Variable of Password is Now with an Encrypted Value========
if(isset($_POST['btnRegister'])) //===When I will Set the Button to 1 or Press Button to register
{
$query = mysql_query("SELECT * FROM quiz WHERE username='$username'");
if(mysql_num_rows($query) > 0 ){
echo "Sorry but you can only take a quize once:S";
}else{
mysql_query ("insert into quiz(username)values('$username')");
$sql = "UPDATE users SET points = COALESCE(level,0)+1 WHERE username = $username";
header('location: succes.php');
}
}
?>
again, this work great. but i just need so they get 1 more points. so if they have 10 points and take this quiz they get 11 after clicking submit
Try this update query
$qry = "UPDATE users SET points = points+1 WHERE username = $username"
and as was said in comments, start using PDO or MySqli with prepared statements for your future codes, as old mysql commands are deprecated.
I think you have a problem over here:
$sql = "UPDATE users SET points = COALESCE(level,0)+1 WHERE username = $username";
so, if you are doing like this.
try this,
$sql = "UPDATE users SET points = COALESCE(level+1,0) WHERE username = $username";
I wonder whether someone may be able to help me please.
I'm trying to put together functionality which allows an administrator to search for user details in a mySQL database using the email address as the search criteria. Once the search has taken place I would like the 'first' and 'surname' fields in my form to be completed with the record retrieved.
I think the search is working as the form refreshes but it doesn't retrieve any visible information.
I just wondered whether it would be at all possbible please that someone could take a look at my code below and let me know where I've gone wrong.
Many thanks
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<?php
require("phpfile.php");
// Opens a connection to a MySQL server
$connection=mysql_connect ("hostname", $username, $password);
if (!$connection) { die('Not connected : ' . mysql_error());}
// Set the active MySQL database
$db_selected = mysql_select_db($database, $connection);
if (!$db_selected) {
die ('Can\'t use db : ' . mysql_error());
}
$email = $_POST['email'];
$result = mysql_query("SELECT * FROM userdetails WHERE emailaddress like '%$email%'");
?>
<title>Map!</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<script src="js/gen_validatorv4.js" type="text/javascript"></script>
</head>
<h1> </h1>
<form name="userpasswordreset" id="userpasswordreset" method="post">
<div class="container">
<p align="justify"> </p>
<div class="title1">
<h2>User Details </h2>
</div>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="26%" height="25"><strong>Email Address</strong></td>
<td width="4%"> </td>
<td width="70%"><input name="email" type="email" id="email" size="50" /></td>
</tr>
<tr>
<td height="25"><strong>Confirm Email Address </strong></td>
<td> </td>
<td><input name="conf_email" type="email" id="conf_email" size="50" /></td>
</tr>
<tr>
<td height="25"><label>
<input type="submit" name="Submit" value="Search" />
</label></td>
<td> </td>
<td> </td>
</tr>
<tr>
<td height="25"> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td height="25"><strong>First Name </strong></td>
<td> </td>
<td><input name="fname" type="text" id="fname" size="30" value="<?php echo $row['forename']; ?>" /> </td>
</tr>
<tr>
<td height="25"><strong>Last Name </strong></td>
<td> </td>
<td><input name="lname" type="text" id="lname" size="30" value="<?php echo $row['surname']; ?>" /></td>
</tr>
<tr>
<td height="25"> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td height="25"><strong>Password</strong></td>
<td> </td>
<td><input name="pass" type="password" id="pass" size="30" /></td>
</tr>
<tr>
<td height="25"><strong>Confirm Password </strong></td>
<td> </td>
<td><input name="conf_pass" type="password" id="conf_pass" size="30" /></td>
</tr>
<tr>
<td height="25"> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td height="25"><strong>Password Hint </strong></td>
<td> </td>
<td><input name="hint" type="text" id="hint" size="30" /></td>
</tr>
<tr>
<td height="25"> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td height="25"> </td>
<td> </td>
<td> </td>
</tr>
</table>
</div>
</form>
<script language="JavaScript" type="text/javascript">
// Code for validating the form
var frmvalidator = new Validator("userpasswordreset");
frmvalidator.addValidation("email","req","Please provide your email address");
frmvalidator.addValidation("email","email","Please enter a valid email address");
frmvalidator.addValidation("conf_email","eqelmnt=email", "The confirmed email address is not the same as the email address");
</script>
</div>
</body>
</html>
UPDATED CODE
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<?php
require("phpfile.php");
// Opens a connection to a MySQL server
$connection=mysql_connect ("hostname", $username, $password);
if (!$connection) { die('Not connected : ' . mysql_error());}
// Set the active MySQL database
$db_selected = mysql_select_db($database, $connection);
if (!$db_selected) {
die ('Can\'t use db : ' . mysql_error());
}
$email = mysql_real_escape_string($_POST['email']); // make the value safe for in the query
$result = mysql_query("SELECT * FROM userdetails WHERE emailaddress like '%$email%'");
$rows = array();
while ($row = mysql_fetch_assoc($result)) {
$rows[] = $row;
}
// $rows is now a multi dimensional array with values found by the query
?>
<title>Map</title>
<script src="js/gen_validatorv4.js" type="text/javascript"></script>
<h1> </h1>
<form name="userpasswordreset" id="userpasswordreset" method="post">
<p align="justify"> </p>
<div class="title1">
<h2>Your Details </h2>
</div>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="26%" height="25"><strong>Email Address </strong></td>
<td width="4%"> </td>
<td width="70%"><input name="email" type="email" id="email" size="50" /></td>
</tr>
<tr>
<td height="25"><strong> Confirm Email Address </strong></td>
<td> </td>
<td><input name="conf_email" type="email" id="conf_email" size="50" /></td>
</tr>
<tr>
<td height="25"><label>
<input type="submit" name="Submit" value="Search" />
</label></td>
<td> </td>
<td> </td>
</tr>
<tr>
<td height="25"><strong>First Name </strong></td>
<td> </td>
<td><input name="fname" type="text" id="fname" size="30" /></td>
</tr>
<tr>
<td height="25"><strong>Last Name</strong></td>
<td> </td>
<td><input name="lname" type="text" id="lname" size="30" /></td>
</tr>
<tr>
<td height="25"> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td height="25"> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td height="25"><strong>Password</strong></td>
<td> </td>
<td><input name="pass" type="password" id="pass" size="30" /></td>
</tr>
<tr>
<td height="25"><strong>Confirm Password </strong></td>
<td> </td>
<td><input name="conf_pass" type="password" id="conf_pass" size="30" /></td>
</tr>
<tr>
<td height="25"> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td height="25"><strong>Password Hint </strong></td>
<td> </td>
<td><input name="hint" type="text" id="hint" size="30" /></td>
</tr>
<tr>
<td height="25"> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td height="25"> </td>
<td> </td>
<td> </td>
</tr>
</table>
</form>
<script language="JavaScript" type="text/javascript">
// Code for validating the form
// Visit http://www.javascript-coder.com/html-form/javascript-form-validation.phtml
// for details
var frmvalidator = new Validator("userpasswordreset");
frmvalidator.addValidation("email","req","Please provide your email address");
frmvalidator.addValidation("email","email","Please enter a valid email address");
frmvalidator.addValidation("conf_email","eqelmnt=email", "The confirmed email address is not the same as the email address");
</script>
</body>
</html>
Aren't you missing the step where you actually run the mysql_fetch_assoc function against your query? Just assigning the result of mysql_query to the variable $result is not enough!
Add something like this after your call to mysql_query:
if($result)
{
$row = mysql_fetch_assoc($result));
}
Edit: mysql_fetch_assoc PHP documentation
To get all the rows resulted with the query you would need to use a mysql fetch function (there are several).
The preffered method is definitly mysql_fetch_assoc
The relevant part of your code would look something like this:
$email = mysql_real_escape_string($_POST['email']); // make the value safe for in the query
$result = mysql_query("SELECT * FROM userdetails WHERE emailaddress like '%$email%'");
$rows = array();
while ($row = mysql_fetch_assoc($result)) {
$rows[] = $row;
}
// $rows is now a multi dimensional array with values found by the query
Just going over your code breifly, I dont think your passing the value of the email to in your sql query correctly.
try using this.
$result = mysql_query("SELECT * FROM userdetails WHERE emailaddress like '%" . $email . "%'");