I have a user table that links to a booking table so I can tell what users have made what bookings. I have tried to left join the user table with the booking table but it didn't work. I also experimented with trying to pass the session userID but again it didn't work. My PHP code is presented below that I'm trying to pass through at the minute.
<?php
include "config.php";
//Booking point
if(isset($_POST['booking']))
{
//get values for variables
$pitchID = $_POST['pitchID'];
$start_date = $_POST['start_date'];
$start_hour = $_POST['start_hour'];
$end_hour = $_POST['end_hour'];
$booking_age = $_POST['booking_age'];
$pitch_size = $_POST['pitch_size'];
$light_tokens = $_POST['light_tokens'];
$q = $db->prepare("SELECT *
FROM booking
LEFT JOIN user
ON booking.userID=user.userID");
$query = $q-> execute();
if($query)
{
$q = $db->prepare("INSERT INTO booking SET pitchID = ?, start_date = ?, start_hour = ?, end_hour = ?, booking_age = ?, pitch_size = ?, light_tokens = ?");
$query = $q->execute(array($pitchID,$start_date,$start_hour,$end_hour,$booking_age,$pitch_size,$light_tokens));
$count = $q->rowCount();
if($count == 1){
echo "Your booking has been made";
header("Location:home2_template.html");
return;
}else {
echo "Fail";
}
} else {
echo"Booking already exists";
}
}
?>
I added the session variable in the login section of my system then passed it through from there.
Login section below:
<?php
include "config.php";
if(isset($_POST['submit'])){
$username = $_POST['username'];
$password = $_POST['password'];
$q = $db->prepare("SELECT * FROM user WHERE username = ? AND password = ?");
$query = $q->execute(array($username, $password));
while($dbRow = $q->fetch(PDO::FETCH_ASSOC)) {
$userID = $dbRow['userID'];
}
$count = $q->rowCount();
if($count == 1){
session_start();
$_SESSION['userID'] = $userID;
header("Location:home2_template.html");
return;
}else{
echo "You have entered an incorrect login/password";
}
}
?>
I also removed the join in the PHP code and ended up with this below. It passed through my userID but there are still bugs in this code for anyone who is viewing this. I had to declare the variable userID at the top of my page then again in my prepare statement.
<?php
session_start();
$userID = $_SESSION['userID'];
?>
<?php
include "config.php";
echo $userID;
//Booking point
if(isset($_POST['booking']))
{
//get values for variables
$pitchID = $_POST['pitchID'];
$start_date = $_POST['start_date'];
$start_hour = $_POST['start_hour'];
$end_hour = $_POST['end_hour'];
$booking_age = $_POST['booking_age'];
$pitch_size = $_POST['pitch_size'];
$light_tokens = $_POST['light_tokens'];
$q = $db->prepare("INSERT INTO booking SET pitchID = ?, start_date = ?, start_hour = ?, end_hour = ?, booking_age = ?, pitch_size = ?, light_tokens = ?, userID='$userID'");
$query = $q->execute(array($pitchID,$start_date,$start_hour,$end_hour,$booking_age,$pitch_size,$light_tokens));
$count = $q->rowCount();
if($count == 0)
{
echo "Your booking has been made";
header("Location:home2_template.html");
return;
}else {
echo "That booking already exists";
}
}
?>
Related
When I login it's suppose to insert, but instead does nothing.. On my register php it inserts data to accounts, but when i insert data into online it won't work..
PS- I'm new to PDO so I don't know what i'm doing wrong
<?php
session_start();
if(isset($_SESSION['users']) != ""){
echo '<script type="text/javascript">','index();','</script>';
}
include('../php/dbConnect.php');
$username = $_POST['username'];
$password = $_POST['password'];
$query = 'SELECT * FROM `accounts` WHERE username = ?';
$queryprepare = $conn->prepare($query);
$queryprepare->bindParam(1, $username, PDO::PARAM_STR);
$queryprepare->execute();
$row = $queryprepare->fetch();
if($row['password'] == md5($password))
{
$_SESSION['online'] = true;
$_SESSION['users'] = $username;
$_SESSION['userid'] = $row['id'];
$_SESSION['name'] = $row['name'];
$_SESSION['age'] = $row['age'];
$_SESSION['image'] = $row['image'];
$check_row = 'SELECT * FROM `online` WHERE username = ?';
$check_row_fetch = $conn->prepare($check_row);
$check_row_fetch->bindParam(1, $username, PDO::PARAM_STR);
$check_row_fetch->execute();
$number_of_rows = $check_row_fetch->rowCount();
if($number_of_rows != 0) {
echo '<script type="text/javascript">','redirect();','</script>';
}
else{
$online_insert = 'INSERT INTO online (username, name, age, image) VALUES (?, ?, ?, ?)';
$online_insert_fetch = $conn->prepare($online_insert);
$online_insert_fetch->bindParam(1, $SESSION['users'], PDO::PARAM_STR);
$online_insert_fetch->bindParam(2, $SESSION['name'], PDO::PARAM_STR);
$online_insert_fetch->bindParam(3, $SESSION['age'], PDO::PARAM_STR);
$online_insert_fetch->bindParam(4, $SESSION['image'], PDO::PARAM_STR);
$online_insert_fetch->execute();
echo '<script type="text/javascript">','redirect();','</script>';
}
}
else{
echo("Wrong Credentials");
}
?>
I have two tables
tbl_cars and tbl_user
Where tbl_user has userID as Primary key
I declared it as a Foreign key on my tbl_cars
Whenever a user logs in it can't post an item to the tbl_cars I get this error
Cannot add or update a child row: a foreign key constraint fails
(u850332371_car.tbl_cars, CONSTRAINT tbl_cars_ibfk_1 FOREIGN KEY
(userID) REFERENCES tbl_user (userID))
This is my code for inserting.
Insert.php
<?PHP
$conn = new mysqli('******', '******', '******', '******');
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
error_reporting(E_ALL);
ini_set('display_errors',1);// at top of page
if(isset($_POST['txtCarModel']) && isset($_POST['txtCarType']) &&
isset($_POST['txtCapacity']) && isset($_POST['image']) &&
isset($_POST['txtFuelType']) && isset($_POST['txtPlateNumber'])){
$now = DateTime::createFromFormat('U.u', microtime(true));
$id = $now->format('YmdHis');
$upload_folder = "upload";
$path = "$upload_folder/$id.jpeg";
$image = $_POST['image'];
$fullpath = "http://carkila.esy.es/$upload_folder/$id.jpeg";
$Car_Model = $_POST['txtCarModel'];
$Car_Type = $_POST['txtCarType'];
$Capacity = $_POST['txtCapacity'];
$Fuel_Type = $_POST['txtFuelType'];
$PlateNumber = $_POST['txtPlateNumber'];
$Image = $_POST['image'];
$stmt = $conn->prepare("INSERT INTO tbl_cars (Car_Model, Car_Type, Capacity, fuelType, carPlatenuNumber, Image) VALUES (?, ?, ?,?,?,?)");
$query = "INSERT INTO tbl_cars(Car_Model, Car_Type, Capacity,fuelType, carPlatenuNumber, Image)
VALUES ('$Car_Model', '$Car_Type', $Capacity, '$Fuel_Type', '$PlateNumber', '$fullpath')";
$stmt->bind_param("ssssss", $Car_Model, $Car_Type, $Capacity,$Fuel_Type,$PlateNumber, $fullpath);
$result = $stmt->execute();
if($result === false ) {
die('execute() failed: ' . htmlspecialchars($stmt->error));
}else{
echo "New records created successfully";
}
$stmt->close();
$conn->close();
}
?>
UPDATE
This is my login with sessions. I want the userID to be in the insertion of data to the database.
login.php
<?php
require 'database-config.php';
session_start();
$username = "";
$password = "";
if(isset($_POST['username'])){
$username = $_POST['username'];
}
if (isset($_POST['password'])) {
$password = $_POST['password'];
}
$q = 'SELECT * FROM tbl_user WHERE username=:username AND password=:password';
$query = $dbh->prepare($q);
$query->execute(array(':username' => $username, ':password' => $password));
if($query->rowCount() == 0){
header('Location: index.php?err=1');
}else{
$row = $query->fetch(PDO::FETCH_ASSOC);
session_regenerate_id();
$_SESSION['sess_user_id'] = $row['userID'];
$_SESSION['sess_username'] = $row['username'];
$_SESSION['sess_userrole'] = $row['roles'];
echo $_SESSION['sess_userrole'];
session_write_close();
if( $_SESSION['sess_userrole'] == "renter"){
echo "owner";
}else if ($_SESSION['sess_userrole'] == "owner"){
echo"renter";
}
}
?>
Thank you guys. :)
whenever a user logs in it can't post an item...
Since you know which user is trying to add a record to tbl_cars, include userID in your insert.
$userID = ... //<- put the user id in this variable
$sql = 'INSERT INTO tbl_cars ('.
'userID,Car_Model,Car_Type,Capacity,fuelType,carPlatenuNumber,Image'.
') VALUES (?, ?, ?, ?, ?, ?, ?)';
$stmt = $conn->prepare($sql);
$stmt->bind_param("sssssss", $userID $Car_Model, $Car_Type, $Capacity,
$Fuel_Type,$PlateNumber, $fullpath);
$result = $stmt->execute();
I believe your problem is that userID is a required field, but the DB cannot insert a default value for you when you don't provide one because the value must be bound to a primary key in tbl_user
I am trying to avoid duplicate entries of automatically generated random numbers in an SQLite3 DB through PHP. For that i have prepared Statements in a do while loop. The random numbers are generated and then a query checks if the number already exists. If Yes, generate again, if no, carry on.
Atleast, this is what i am trying to achieve...
But for some reason unknown to me, the PHP log keeps showing me that the maximum execution Time of 30 secs has been exeeded at the query line. Firstly, i tried doing the whole thing without prepared statements and it didn't work. I thought that was because i had php variables in the query. So i switched to Prepared Statements without success.
I checked all the POST Variables via Firebug and everything seems to be fine there. It is the Prepared Statement which is giving me diarrhea!!
Can you guys please help me ?
The PHP Code:
<?php
$adate = $_POST['adate'];
$ddate = $_POST['ddate'];
$ad = $_POST['ad'];
$dd = $_POST['dd'];
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$email = $_POST['email'];
$address = $_POST['address'];
$postal = $_POST['postal'];
$city = $_POST['city'];
$country = $_POST['country'];
$tel = $_POST['tel'];
$message = $_POST['message'];
$price = $_POST['price'];
$bkfst = $_POST['bkfst'];
$rnum = $_POST['rnum'];
$rtype = $_POST['rtype'];
$robotest = $_POST['blnk'];
$bid = 0;
$cid = 0;
$adate = $adate . " 20:00:00";
$ddate = $ddate . " 13:00:00";
if ($robotest)
$error = "You are a gutless robot.";
else {
function bid()
{
$bid = mt_rand(111111, 999999);
if (($bid % 10) == 0) {
$bid = $bid + 123;
}
}
function cid()
{
$cid = mt_rand(11111, 99999);
if (($cid % 10) == 0) {
$cid = $cid + 123;
}
}
include 'connect.php';
do {
cid();
--> $sth = $db->prepare("SELECT COUNT (CustomerID) from Customer WHERE CustomerID = ?");
$sth->execute(array($cid));
} while ($sth->fetchColumn() > 0);
$sth = $db->prepare("INSERT INTO Customer (CustomerID, FirstName, LastName, Address, PostalCode, City, Country, EMail, Phone) VALUES ('$cid', '$fname', '$lname', '$address', '$postal', '$city', '$country', '$email', '$tel')");
$sth->execute();
do {
bid();
--> $sth = $db->prepare("SELECT COUNT (BookingID) from Booking WHERE BookingID = ?");
$sth->execute(array($bid));
} while ($sth->fetchColumn() > 0);
$sth = $db->prepare("INSERT INTO Booking (BookingID, Arrival, Checkout, RoomNumber, CustomerID, Breakfast, Comment, Paid) VALUES ('$bid', '$adate', '$ddate', '$rnum', '$cid', '$bkfst', '$message', 'N')");
$sth->execute();
$subject = "Your Booking";
$message = "Hi $fname,\n\nA $rtype from $ad to $dd has been booked for you.\n\nYour Booking Code is $bid.\n\nRegards.";
mail($email, $subject, $message);
echo 'The Booking completed successfully! Check your E-Mail for further Information.';
}
?>
Lines beginning with --> in the code are the problematic lines.
And Yes, I am a Newbie who is learning by doing and also learning by annoying people in the Stack Overflow Forums :)
Thanks.
EDIT:
This is how my Code looks now. All the errors are gone but php is not inserting anything to the DB. The Email is sent correctly with the generated number.
<?php
$adate = $_POST['adate'];
$ddate = $_POST['ddate'];
$ad = $_POST['ad'];
$dd = $_POST['dd'];
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$email = $_POST['email'];
$address = $_POST['address'];
$postal = $_POST['postal'];
$city = $_POST['city'];
$country = $_POST['country'];
$tel = $_POST['tel'];
$message = $_POST['message'];
$price = $_POST['price'];
$bkfst = $_POST['bkfst'];
$rnum = $_POST['rnum'];
$rtype = $_POST['rtype'];
$robotest = $_POST['blnk'];
$adate = $adate . " 20:00:00";
$ddate = $ddate . " 13:00:00";
$cid;
$bid;
if ($robotest)
$error = "You are a gutless robot.";
else {
function bid()
{
global $bid;
$bid = mt_rand(111111, 999999);
if (($bid % 10) == 0) {
$bid = $bid + 123;
}
}
function cid()
{
global $cid;
$cid = mt_rand(11111, 99999);
if (($cid % 10) == 0) {
$cid = $cid + 123;
}
}
include 'connect.php';
do {
global $cid;
cid();
$sth = $db->prepare('SELECT COUNT (CustomerID) from Customer WHERE CustomerID = ?');
$sth->execute(array($cid));
} while ($sth->fetchColumn() > 0);
global $cid;
$sth = $db->prepare('INSERT INTO Customer (CustomerID, FirstName, LastName, Address, PostalCode, City, Country, EMail, Phone) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)');
$sth->execute(array($cid, $fname, $lname, $address, $postal, $city, $country, $email, $tel));
do {
global $bid;
bid();
$sth = $db->prepare('SELECT COUNT (BookingID) from Booking WHERE BookingID = ?');
} while ($sth->fetchColumn() > 0);
global $bid;
global $cid;
$sth = $db->prepare('INSERT INTO Booking (BookingID, Arrival, Checkout, RoomNumber, CustomerID, Breakfast, Comment, Paid) VALUES (?, ?, ?, ?, ?, ?, ?, ?)');
$sth->execute(array($bid, $adate, $ddate, $rnum, $cid, $bkfst, $message, 'N'));
$subject = "Your Booking";
global $bid;
$message = "Hi $fname,\n\nA $rtype from $ad to $dd has been booked for you.\n\nYour Booking Code is $bid.\n\nRegards.";
mail($email, $subject, $message);
echo 'The Booking completed successfully! Check your E-Mail for further Information.';
}
?>
hhmmm...
This is an infinite loop:
do {
cid();
$sth = $db->prepare("SELECT COUNT (CustomerID) from Customer WHERE CustomerID = ?");
$sth->execute(array($cid));
} while ($sth->fetchColumn() > 0);
Since your cid/bid() functions are badly constructed, the $cid you're using inside this do() loop will NEVER change from the $cid = 0 you did at the top of the script.
So the loop starts, you prepare/execute the query with CustomerID = 0, get back one of row of data with the count() results, which you fetch.
Then the loop rolls around again, and you RE-EXECUTE the query, with the exact same $cid = 0 value, so you continue reset the loop termination condition - you never end up with a value, because you keep query with the same bad/invalid cid=0.
It's pretty much the same like the good old BASIC program: 10 GOTO 10.
It's working now:
<?php
$adate = $_POST['adate'];
$ddate = $_POST['ddate'];
$ad = $_POST['ad'];
$dd = $_POST['dd'];
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$email = $_POST['email'];
$address = $_POST['address'];
$postal = $_POST['postal'];
$city = $_POST['city'];
$country = $_POST['country'];
$tel = $_POST['tel'];
$message = $_POST['message'];
$price = $_POST['price'];
$bkfst = $_POST['bkfst'];
$rnum = $_POST['rnum'];
$rtype = $_POST['rtype'];
$robotest = $_POST['blnk'];
$adate = $adate . " 20:00:00";
$ddate = $ddate . " 13:00:00";
$cid;
$bid;
if ($robotest)
$error = "You are a gutless robot.";
else {
function bid()
{
global $bid;
$bid = mt_rand(111111, 999999);
if (($bid % 10) == 0) {
$bid = $bid + 123;
}
}
function cid()
{
global $cid;
$cid = mt_rand(11111, 99999);
if (($cid % 10) == 0) {
$cid = $cid + 123;
}
}
include 'connect.php';
$sth = $db->prepare('SELECT COUNT (EMail) from Customer WHERE EMail = ?');
$sth->execute(array($email));
if($sth->fetchColumn() < 1){
do {
global $cid;
cid();
$sth = $db->prepare('SELECT COUNT (CustomerID) from Customer WHERE CustomerID = ?');
$sth->execute(array($cid));
} while ($sth->fetchColumn() > 0);
global $cid;
$sth = $db->prepare('INSERT INTO Customer (CustomerID, FirstName, LastName, Address, PostalCode, City, Country, EMail, Phone) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)');
$sth->execute(array($cid, $fname, $lname, $address, $postal, $city, $country, $email, $tel));
}else{
global $cid;
$sth = $db->prepare('SELECT CustomerID from Customer WHERE EMail = ?');
$sth->execute(array($email));
$id = $sth->fetch(PDO::FETCH_ASSOC);
$cid = $id['CustomerID'];
}
do {
global $bid;
bid();
$sth = $db->prepare('SELECT COUNT (BookingID) from Booking WHERE BookingID = ?');
} while ($sth->fetchColumn() > 0);
global $bid;
global $cid;
$booktime = date('Y-m-d H:i:s');
$sth = $db->prepare('INSERT INTO Booking (BookingID, Arrival, Checkout, RoomNumber, CustomerID, Breakfast, Comment, Paid, BookTime, Invoice) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)');
$sth->execute(array($bid, $adate, $ddate, $rnum, $cid, $bkfst, $message, 'N', $booktime, NULL));
$subject = "Your Booking";
global $bid;
$message = "Hi $fname,\n\nA $rtype from $ad to $dd has been booked for you.\n\nYour Booking Code is $bid.\n\nMention this Code if you need to get in touch with us.\n\nRegards.";
mail($email, $subject, $message);
echo 'The Booking completed successfully! Check your E-Mail for further Information.';
}
?>
No Clue, if this is the best way to do it but it is working perfectly.
Thanks for all the hints.
I tried to access page after login procedure but can't do it because session write command doesn't work. After searching through this website I can still find no solution.
I tried all possible solutions, but none worked for me, because that I asking for solution with the session problem.
include 'config.php';
$cdate = date("d.m.Y");
$cdate = date("d.m.Y");
if($_POST['kontrol'] == 'register'){
$un = $_POST['nick'];
$email = $_POST['email'];
$password = $_POST['password'];
$kontrol = $db-query("SELECT * FROM user WHERE username = '{$un}'")->fetch(PDO::FETCH_ASSOC);
$kontrol2 = $db->query("SELECT * FROM user WHERE email = '{$email}'")->fetch(PDO::FETCH_ASSOC);
if($kontrol['username'] == $un){
echo "<font color='red'> The username is already being used !";
}else{if($kontrol2['email'] == $email){echo "<font color='red'> The Email adress is already being used !";}
else{
$query = $db->prepare("INSERT INTO user SET
username = ?,
pass = ?,
fullname = ?,
email = ?,
cdate = ?,
status = ?,
lastlogin = ?,
bday = ?,
pnum = ?
");
$insert = $query->execute(array(
$_POST['nick'], md5($_POST['pass1']), $_POST['fullname'], $_POST['email'], $cdate, "0", $cdate, $_POST['bday'], $_POST['pnum']
));
if ( $insert ){
print "<font color='red'>Your registration has been successfully completed";
}else{
echo "<font color='red'>Your registration has failed";
}
}
}
// ------------------- Login ------------------
}else if($_POST['kontrol1'] == 'login'){
$username = $_POST['nick1'];
$password = md5($_POST['pass']);
if (!$username || !$password ){
echo "Enter your user name and password";
}else{
$query = $db->query("SELECT * FROM user WHERE username = '$username' && pass = '$password'")->fetch(PDO::FETCH_ASSOC);
if ($query){
session_start();
$_SESSION['login'] = true;
$_SESSION['id'] = $query["id"];
$_SESSION['status'] = $query["status"];
$_SESSION['username'] = $query["username"];
$_SESSION['password'] = $query["password"];
} else{
echo "<font color='red'> The username or password you entered is incorrect </font>";
}
}
}
You need to add session_start() on the top of every page.
I have a registration form that the user enters data in. Then after it is posted to the same page and checked for null fields, the variables are put in the $_SESSION array and the user is directed to another form to enter another set of data in a table. After posting those variables, the variables from the previous page are extracted from $_SESSION and the new values are checked for null entries. After they are checked in a for loop, php script mysteriously stops (die("<h1> GOT HERE! </h1>") no longer appears on the screen) and the page keeps loading. After waiting for a while the page reloads itself.
I've been using die() for a while now to find the error, but it just doesn't echo between the for-loop and the if statement, and there is no apparent reason why it shouldn't. Here have a look:
<?php
session_start();
function sanitize($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
if($_SESSION["registering"] != 1){
die("This page is to be used only when registering. Go to home page and select the seminar you want and click Register");
}else if($_SESSION["registered"] == 1){
die("You have already registered. Thank you. You can no longer access this page. To view your registration report, click here. ");
}else{
$id = sanitize($_SESSION["id"]);
$attendees = sanitize($_SESSION["attendees"]);
$ref_code = sanitize($_SESSION["Ref_Code"]);
$email = sanitize($_SESSION["email"]);
$prefix = sanitize($_SESSION["prefix"]);
$first_name = sanitize($_SESSION["first_name"]);
$last_name = sanitize($_SESSION["last_name"]);
$company = sanitize($_SESSION["company"]);
$address1 = sanitize($_SESSION["address1"]);
$address2 = sanitize($_SESSION["address2"]);
$user_city = sanitize($_SESSION["city"]);
$phone = sanitize($_SESSION["phone"]);
$responsibility = sanitize($_SESSION["responsibility"]);
$who_referred = sanitize($_SESSION["who-referred"]);
$role = sanitize($_SESSION["role"]);
$server = "MYREAL_DATABASE_SERVER";
$username = "CORRECT_USERNAME";
$password = "CORRECT_PASSWORD";
$dbname = "DB_NAME";
$conn = new mysqli($server, $username, $password, $dbname);
$query = "
SELECT *
FROM Seminar_Detail
WHERE Detail_id = '". $id ."'
";
$result = $conn->query($query);
if($result->num_rows == 0 ){
header("Location: ManagementSeminars.php");
}
$seminar = $result->fetch_assoc();
$name = $seminar["Seminar_Name"];
$city = $seminar["City"];
$from = $seminar["From"];
$to = $seminar["To"];
$fee = '';
$query = "SELECT Value FROM Fee WHERE Seminar_Name = '". $name ."' AND Currency = 'GBP'";
$result = $conn->query($query);
if($result->num_rows > 0){
$row = $result->fetch_assoc();
$fee = $row["Value"];
}
if($_SERVER["REQUEST_METHOD"] == "POST"){
$terminate = 0;
for($i = 1; i < ($attendees + 1); $i++){
if(isset($_POST["prefix-".$i]) && isset($_POST["first_name-".$i]) && isset($_POST["last_name-".$i]) && isset($_POST["position-".$i])){
$terminate = 0;
}else{
$terminate = 1;
}
}
die("<h1>".$terminate."</h1>");
if($terminate != 1){
$server = "SERVER";
$username = "USERNAME";
$password = "PASSWORD";
$dbname = "DBNAME";
$conn = new mysqli($server, $username, $password, $dbname);
$query = "
INSERT INTO Registry (Seminar_Name, Number_Attendees, Email, Prefix, First_Name, Last_Name, Company, `Address 1`, `Address 2`, City, Phone, Responsibility, Role, Who_Referred, Ref_Code)
VALUES ('". $name ."', '". $attendees ."', '".$email."', '".$prefix."', '".$first_name."', '".$last_name."', '".$company."', '".$address1."', '".$address2."', '".$user_city."', '".$phone."', '".$responsibility."', '".$role."', '".$who_referred."', '".$ref_code."')
";
$conn->query($query);
//ignore this part please
/*$query = "SELECT Registry_ID FROM Registry WHERE Ref_Code = '". $_SESSION["Ref_Code"] ."'";
$result = $conn->query($query);
$row = $result->fetch_assoc();
$registry_id = $row["Registry_ID"];
$attendee_first_name = "";
$attendee_last_name = "";
$attendee_position = "";
$stmt = $conn->prepare("
INSERT INTO Attendee (First_Name, Last_Name, Position, Registry_ID)
Values (?, ?, ?, ?)
");
$stmt->bindParam("ssss", $attendee_first_name, $attendee_last_name, $attendee_position, $registry_id);
for($i = 1; $i < $_SESSION["attendees"] + 1; $i++){
$attendee_first_name = sanitize($_POST["first_name-".$i]);
$attendee_last_name = sanitize($_POST["last_name-".$i]);
$attendee_position = sanitize($_POST["position-".$i]);
$stmt->execute();
}*/
}else{
$errorMessage = "<div class='alert alert-danger alert-dismissable'>
<strong>Oops!</strong> You have not entered all values.
</div>";
}
}
}
?>
I am positive that it is not a syntax error. Any help is appreciated!
The problem might be in this line
for($i = 1; i < ($attendees + 1); $i++){
You missed $ sign in i. It should be:
for($i = 1; $i < ($attendees + 1); $i++){
Having used error reporting, would have signaled an undefined constant i notice.
Add error reporting to the top of your file(s) which will help find errors.
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
// rest of your code
Sidenote: Error reporting should only be done in staging, and never production.