i want to update rows in my table postgresql using php , i can't have my rows updated , and no error is displayed , i don't see the problem in my script ! here is my table structure:
CREATE TABLE chercheur
(
nomcher text,
idfcher text NOT NULL,
precher text,
passcher text,
mailcher text,
gradcher text,
naisscher date,
lieucher text,
divicher text,
CONSTRAINT "Chercheur_pkey" PRIMARY KEY (idfcher)
)
and the program:
$conn = pg_pconnect("dbname=postgres host=localhost port=5432 user=postgres password=postgres");
if ($conn) {
//print "Successfully connected to database: " . pg_dbname($conn) .
// " on " . pg_host($conn) . "</br>\n";
$id = pg_escape_string($_POST['identif']);
$result = pg_query($conn, "SELECT * from chercheur WHERE idfcher='" . $id . "';");
} else {
print pg_last_error($conn);
exit;
}
if (!$result) {
$errormessage = pg_last_error();
echo "Error with query: " . $errormessage;
exit();
} else {
while ($myrow = pg_fetch_row($result)) {
echo '<hr><h2>Informations du chercheur trouvé:</h2>';
echo '<table>
<tr>
<td><label for="nom">Nom du chercheur</label></td>
<td><input value="' . $myrow[0] . '" name="nom" id="nom" type="text" /></td>
</tr>
<td> <label for="prenom">Prenom du chercheur</label></td>
<td> <input value="' . $myrow[2] . '" name="prenom" id="prenom" type="text" /></td>
</tr>
<tr>
<td><label for="user">Identifiant </label></td>
<td><input value="' . $myrow[1] . '" name="user" id="user" type="text" /></td>
</tr>
<tr>
<td><label for="pass">Mot de passe</label></td>
<td><input value="' . $myrow[3] . '" name="pass" id="pass" type="password" /></td>
</tr>
<td><label for="mail">Email du chercheur</label></td>
<td><input value="' . $myrow[4] . '" name="mail" id="mail" type="email" /></td>
</tr>
<td><label for="grade">Grade</label></td>
<td> <input value="' . $myrow[5] . '" name="grade" id="grade" type="text" /></td>
</tr>
<tr>
<td><label for="naiss">Date de naissance</label></td>
<td><input value="' . $myrow[6] . '" name="naiss" id="naiss" type="date" /></td>
</tr>
<tr>
<td><label for="lieu">Lieu de naissance</label></td>
<td><input value="' . $myrow[7] . '" name="lieu" id="lieu" type="text" /></td>
</tr>
<tr>
<td><label for="divis">Division</label></td>
<td><input value="' . $myrow[8] . '" name="divis" id="divis" type="text" /></td>
</tr><tr><td> </td></tr>
<tr>
<td></td> <td><button name="submit2" id="submit2" type="submit" >Mettre à jour</button>
<button name="annuler" id="annuler" type="reset" >Réinitialiser</button></td>
</tr>
</table>';
if ((isset($_POST['submit2']))) {
$idf = pg_escape_string($_POST['user']);
$pass = pg_escape_string($_POST['pass']);
$name = pg_escape_string($_POST['nom']);
$pre = pg_escape_string($_POST['prenom']);
$mail = pg_escape_string($_POST['mail']);
$naissance = pg_escape_string($_POST['naiss']);
$lieu = pg_escape_string($_POST['lieu']);
$division = pg_escape_string($_POST['divis']);
$gr = pg_escape_string($_POST['grade']);
$result = pg_query($conn, "UPDATE chercheur SET nomcher='" . $name . "' and
precher='" . $pre . "' and passcher='" . $pass . "' and mailcher='" . $mail . "' and naisscher=date('" . $naissance . "')
and lieucher='" . $lieu . "' and divicher='" . $division . "'and gradcher='" . $gr . "'
where idfcher='" . $idf . "';");
if (!$result) {
$errormessage = pg_last_error();
echo "Error with query: " . $errormessage;
exit();
} else {
echo "mise à jour avec succès";
}
}
}
}
pg_free_result($result);
pg_close();
?>
Related
I have a PHP page that queries a database, and populates multiple tables with values. Those values need to be modified and placed in a separate table.
I know how to look through the database to show all the tables, but I can't find anything about how to loop through the html tables to reinsert the new values. I can't simply use an id and a ton of functions because there is an indeterminate number of rows.
Here is a list of the columns in the table I am accessing:
Here is a snippet of my code that I am using to access the database and populate the tables:
function tableAddData( $tableNum )
{
// Access Global Variables
global $noteId, $itemId, $quantityId, $costId, $laborHoursId, $totalHoursId, $materialCostId, $laborCostId, $totalCostId, $itemNumberId, $servername, $username, $password, $dbname, $quantityChangeId, $qtyRow;
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "select
`note` as `Note`,
`item` as `Item`,
`qty` as `Quantity`,
`cost` as `Cost`,
`hrsLabor` as `Labor Hours`,
`rate` as `Labor Rate`,
`qty` * `hrsLabor` as `Total Hours`,
FORMAT(`qty` * `cost`, 2) as `Material Cost`,
FORMAT(`qty` * `rate` * `hrsLabor`, 2) as `Labor Cost`,
FORMAT(( `qty` * `cost` ) + ( `qty` * `hrsLabor` * `rate` ), 2) as `Total Cost`,
`itemNo` as `Item Number`
from
`test_newtable`,
labor_rates
where
test_newtable.laborRate = labor_rates.id AND test_newtable.tableNo = " . $tableNum . ";";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
if ($row["Note"] != "" ) {
$noteHtml = '<td id="Note" class="text-center">
<span data-toggle="tooltip" data-placement="top" title="' . $row["Note"] . '">
<span class="glyphicon glyphicon-comment text-danger"></span>
</span>
</td>';
}
else {
$noteHtml = '<td></td>';
};
echo '
<tr>'
. $noteHtml . '
<td id="Item" >' . '<input class="text-left" value="' . $row["Item"] . '" disabled/></td>
<td id="Quantity">' . '<input class="text-center qty" id="qty-' . $qtyRow . '" value="' . $row["Quantity"] . '" /></td>
<td class="dollarRight" style="padding-left:0;padding-right:0; width:20px;">' . '<input class="text-center text-muted" value="$" disabled/></td>
<td id="Cost" class="dollarLeft">' . '<input class="text-right" id="cost-' . $qtyRow . '" value="' . $row["Cost"] . '" /></td>
<td id="Labor Hours">' . '<input class="text-right" id="laborHours-' . $qtyRow . '" value="' . $row["Labor Hours"] . '" /></td>
<td id="Total Hours">' . '<input class="text-right totalHours-' . $tableNum . '" id="totalHours-' . $qtyRow . '" value="' . $row["Total Hours"] . '" disabled/></td>
<td class="dollarRight" style="padding-left:0;padding-right:0; width:20px;">' . '<input class="text-center text-muted" value="$" disabled/></td>
<td id="Material Cost" class="dollarLeft">' . '<input class="text-right" id="materialCost-' . $qtyRow . '" value="' . $row["Material Cost"] . '" disabled/></td>
<td class="dollarRight" style="padding-left:0;padding-right:0; width:20px;">' . '<input class="text-center text-muted" value="$" disabled/></td>
<td id="Labor Cost" class="dollarLeft">' . '<input class="text-right" id="laborCost-' . $qtyRow . '" value="' . $row["Labor Cost"] . '" disabled/></td>
<td class="success dollarRight" width="1%" style="padding-left:0">' . '<input class="text-muted" value="$" disabled/></td>
<td id="Total Cost" class="success dollarLeft">' . '<input class="text-right totalCost-' . $tableNum . '" id="totalCost-' . $qtyRow . '" value="' . $row["Total Cost"] . '" disabled/></td>
<td id="Item Number">' . '<input class="text-left" value="' . $row["Item Number"] . '" disabled /></td>
</tr>
';
update($tableNum);
$qtyRow = $qtyRow + 1;
}
}
}
Here is an example of what the page looks like now:
You need to update the database with news values from a form in html?
you could use the name field in the input like name="tablename-columnname-rownumber", then in post php
foreach($_POST as $key=> $value){
$array = preg_split("/-/",$key);
if(count($array)==3) // if had 3 values
{
// update table $array[0] set $array[1] = $value where id = $array[2]
// update table (table name) set (column name) = (value from post) where id = (row number)
}
}
but is better if you put all in an array and just do one update by row
$arraytemp = array();
foreach($_POST as $key=> $value){
$array = preg_split("/-/",$key);
if(count($array)==3) // if had 3 values
{
$arraytemp[$array[0]][$array[2]][$array[1]]=$value;
}
}
foreach($arraytemp as $tablename => $tabledata){
$query = "update ".$tablename;
foreach($tabledata as $id => $columndata){
foreach($columndata as $columnname => $value){
$query .=' set '.$columnname'='.$value.';
}
$query.=' where id='.$id;
//exceute query
}
}
(i don't try it, just is what came to my mind, hope it works)
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 8 years ago.
Improve this question
<?php
include("Header.php");
echo "<br>";
$stockCode = "";
$stockItem = "";
$stockLeft = "";
$stockOut = "";
$minimum = "";
$pricePI = "";
$location = "";
// Check if posts are set
if(isset($_POST['stockCode'])){
$stockCode = $_POST['stockCode'];
}
if(isset($_POST['stockItem'])){
$stockItem = $_POST['stockItem'];
}
if(isset($_POST['stockLeft'])){
$stockLeft = $_POST['stockLeft'];
}
if(isset($_POST['stockOut'])){
$stockOut = $_POST['stockOut'];
}
if(isset($_POST['minimum'])){
$minimum = $_POST['minimum'];
}
if(isset($_POST['pricePI'])){
$pricePI = $_POST['pricePI'];
}
if(isset($_POST['location'])){
$location = $_POST['location'];
}
// Do validation before adding to database
if(
($stockCode == null)||
($stockItem == null)||
($stockLeft == null)||
($stockOut == null)||
($pricePI == null)||
($location == null)||
($location == "Select Location")
){
echo "<div class='font3'>Fields Stock Code, Stock Item, Stock Left, Stock Out, Price Per Item and location must be filled.</div>";
} else {
// Write to database
$connection = mysqli_connect($host,$user,$pass,$dbnm);
// Check to see if the Stock Code already exists in the database
$checkQ = "SELECT COUNT(*) FROM Ekhaya_Inventory WHERE ((ekhaya_inventory_stock_code = '" . $stockCode . "') AND (ekhaya_inventory_location = '" . $location . "'))";
$result = mysqli_query($connection,$checkQ);
while($row[0] = mysqli_fetch_array($result)){
echo $row[0];
if($row[0] == 0){
$quick_cal = $stockLeft * $pricePI;
$formated_cal = number_format($quick_cal,2);
$myquery =
"INSERT INTO Ekhaya_Inventory
(
ekhaya_inventory_stock_code,
ekhaya_inventory_stock_item,
ekhaya_inventory_quantity_stock_left,
ekhaya_inventory_quantity_stock_out,
ekhaya_inventory_quantity_minimum,
ekhaya_inventory_price_per_item,
ekhaya_inventory_value_of_stock_left,
ekhaya_inventory_location,
ekhaya_inventory_date_time_modified
)
VALUES
(
'" . $stockCode . "',
'" . $stockItem . "',
'" . $stockLeft . "',
'" . $stockOut . "',
'" . $minimum . "',
'" . $pricePI . "',
'" . $formated_cal . "',
'" . $location . "',
'" . $date . "'
)
";
mysqli_query($connection,$myquery);
echo "<div class='font3'>New Item Added Successfully</div>";
// Add a log to database
$query =
"INSERT INTO Ekhaya_Logs
(
ekhaya_logs_name,
ekhaya_logs_surname,
ekhaya_logs_username,
ekhaya_logs_activity,
ekhaya_logs_ip_address,
ekhaya_logs_date_time
) VALUES (
'" . $_SESSION['SECURE#NAME'] . "',
'" . $_SESSION['SECURE#SURNAME'] . "',
'" . $_SESSION['SECURE#USERNAME'] . "',
'" . $_SESSION['SECURE#NAME'] . " " . $_SESSION['SECURE#SURNAME'] . " added [ITEM] Stock Code: " . $stockCode . " to " . $location . "'s inventory',
'" . $_SERVER['REMOTE_ADDR'] . "',
'" . $date . "')";
mysqli_query($connection,$query);
} else {
echo "<div style='color:red' class='font3'>Stock Code " . $stockCode . " already exists for " . $location . "</div>";
}
}
mysqli_close($connection);
$stockCode = "";
$stockItem = "";
$stockLeft = "";
$stockOut = "";
$minimum = "";
$pricePI = "";
$location = "";
}
?>
</br>
<form action="AddItem.php" method="post">
<table class="table_mod">
<tr>
<td class="td_mod">
Stock Code:
</td>
<td class="td_mod">
<input type="text" name="stockCode">
</td>
</tr>
<tr>
<td class="td_mod">
Stock Item:
</td>
<td class="td_mod">
<input type="text" name="stockItem">
</td>
</tr>
<tr>
<td class="td_mod">
Stock Left:
</td>
<td class="td_mod">
<input type="text" name="stockLeft">
</td>
</tr>
<tr>
<td class="td_mod">
Stock Out:
</td>
<td class="td_mod">
<input type="text" name="stockOut">
</td>
</tr>
<tr>
<td class="td_mod">
Minimum:
</td>
<td class="td_mod">
<input type="text" name="minimum">
</td>
</tr>
<tr>
<td class="td_mod">
Price Per Item:
</td>
<td class="td_mod">
<input type="text" name="pricePI">
</td>
</tr>
<tr>
<td class="td_mod">
Location:
</td>
<td class="td_mod">
<select class="textbox_login" name="location">
<option>Select Location</option>
<option value="Tech Stud">Tech Stud</option>
</select>
</td>
</tr>
<tr>
<td>
<input type="Submit" value="Submit New Item">
</td>
</tr>
</table>
</form>
Can someone please tell me why this is not working ? The main if statement pushes out this item already exists but the data does note exist in the database. And when i use the mysqli count function it always returns 1.
There is a bug in your while loop assignment. Change this line:
while($row[0] = mysqli_fetch_array($result)){
To this:
while($row = mysqli_fetch_array($result)){
You might consider generally using var_dump instead of echo when debugging. It can provide more insight into what's actually going on.
I have three tables: GPs, patients and appointments. The IDs for GPs and patients are also foreign keys in the appointments database. I am creating an insert form for the appointments table, but cant seem to get it to work. It gives the following error: "Unknown column 'date' in 'field list' ".
GP table cols:
GPID,
first_name,
last_name,
surgery_name,
surgery_address,
GP_photo
patient table cols:
PID,
first_name,
last_name,
address,
phone,
P_photo
my php:
<?php
include("includes/connect.php");
if (isset($_POST['submit'])) {
$gp = $_POST['GP'];
$patient = $_POST['patient'];
$date = $_POST['date'];
$time = $_POST['time'];
$outcome = $_POST['outcome'];
if ($date == '' or $time == '' or $outcome == '') {
echo "<script>alert('One or more of your fields are blank, "
. "please ensure you have entered content in ALL fields.')</script>";
} else {
$insert_query = "insert into appointments (GPID,PID,date,time,outcome)"
. " values('$gp','$patient','$date','$time','$outcome')";
mysql_query($insert_query);
}
}
?>
My form:
<form action="appointments.php" method="post">
<table>
<tr>
<td>GP:</td>
<td><select name="GP">
<?php
include("includes/connect.php");
$GP_list = mysql_query("SELECT GPID, first_name, last_name FROM GPs");
while ($row = mysql_fetch_array($GP_list)) {
echo'<option value="' . $row['GPID'] . '">' . $row['GPID'] .
': ' . $row['first_name'] . ' ' . $row['last_name'] .
'</option>';
}
?>
</select>
</td>
</tr>
<tr>
<td>Patient:</td>
<td><select name="patient">
<?php
include("includes/connect.php");
$P_list = mysql_query("SELECT PID, first_name, last_name FROM patients");
while ($row = mysql_fetch_array($P_list)) {
echo'<option value="' . $row['PID'] . '">' . $row['PID'] .
': ' . $row['first_name'] . ' ' . $row['last_name'] .
'</option>';
}
?>
</select>
</td>
</tr>
<tr>
<td>Date:</td>
<td><input type="date" name="date"></td>
</tr>
<tr>
<td>Time:</td>
<td><input type="time" name="time"></td>
</tr>
<tr>
<td>Outcome:</td>
<td><textarea rows="8" cols="40" name="outcome"></textarea>
<input type="submit" name="submit" value="Book appointment"></td>
</tr>
</table>
</form>
I have this problem while updating my database, so, it all works, i mean i have the form, it prints the values, but when i try to update it, everything gets updated apart from the username and password..
Here is the code i use..
Thanks!
if ($Act=='Save') {
mysql_query("BEGIN");
$sql = "Insert into tbl_galleries (gal_title,gal_image,username,password) Values (";
$sql.= "'". strip_tags(mysql_real_escape_string(trim($gal_title))). "','". strip_tags(mysql_real_escape_string(trim($gal_image))) ."','". strip_tags(mysql_real_escape_string(trim($username))). "',,'". strip_tags(mysql_real_escape_string(trim($password))). "',);";
$query = mysql_query($sql);
if(!$query){
mysql_query("ROLLBACK");
$myErrorsUpGr = mysql_error();
echo $myErrorsUpGr;
} else {
mysql_query("COMMIT");
echo 'Insertion was successfull.';
}
} else if ($Act=='Update'){
mysql_query("BEGIN");
$sql = " Update tbl_galleries set ";
$sql.= " gal_title='" . strip_tags(mysql_real_escape_string(trim($gal_title))) . "',";
$sql.= " gal_image='" . strip_tags(mysql_real_escape_string(trim($gal_image))) . "'";
$sql.= " where gal_id=" . $gal_id . ";";
$sql.= " username='" . strip_tags(mysql_real_escape_string(trim($username))) . "',";
$sql.= " password='" . strip_tags(mysql_real_escape_string(trim($password))) . "',";
<?php
include_once("db/envato_db.php");
if ($_SERVER['QUERY_STRING']!='')
{
$sql = "";
$sql = "SELECT gal_id,gal_title,gal_image,username,password FROM tbl_galleries where gal_id='" . $_REQUEST['gid'] ."';";
$query = mysql_query($sql) or $myErrorsP = mysql_error();
if(isset($myErrors) && $myErrorsP!='')
{
}
else
{
$row = mysql_fetch_row($query);
mysql_free_result($query);
$gal_id = $row[0];
$gal_title = $row[1];
$gal_image = $row[2];
$username = $row[3];
$password = $row[4];
}
}
?>
<tr>
<td width="104">Gallery Title:</td>
<td width="556"><input type="text" id="gtitle" name="gtitle" class="typeText" maxlength="50" value="<?php echo isset($gal_title)? $gal_title : ""?>" tabindex="1" /></td>
</tr>
<tr>
<td>Gallery Image:</td>
<td>
<input type="text" id="gimg" name="gimg" class="typeText" maxlength="100" value="<?php echo isset($gal_image)? $gal_image : ""?>" readonly/>
<input type="file" name="gimg_upl" id="gimg_upl"/>
Upload
</td>
</tr>
<tr>
<td width="104">Username:</td>
<td width="556"><input type="text" id="gusername" name="gusername" class="typeText" maxlength="50" value="<?php echo isset($username)? $username : ""?>" tabindex="1" /></td>
</tr>
<tr>
<td width="104">Password:</td>
<td width="556"><input type="text" id="gpassword" name="gpassword" class="typeText" maxlength="50" value="<?php echo isset($password)? $password : ""?>" tabindex="1" /></td>
</tr>
</table>
<table id="savetbl" style="width:680px;" cellpadding="3">
<tr>
<td align="center" colspan="2">
<?php
if(isset($gal_id) && $gal_id!='')
{
if(!isset($myErrorsP))
{
?>
<input type="button" value="» Update «" class="but" name="button" alt="Update" title="Update" onClick="Do_Update('Update', '<?php echo $gal_id?>');" tabindex="3">
<?php
}
}
else
{
if(!isset($myErrorsP))
{
?>
<input type="button" value="» Save «" class="but" name="button" alt="Save" title="Save" onClick="Do_Update('Save','0');" tabindex="3">
<?php
}
}
?>
</td>
</tr>
On your code you have this :
$sql.= " where gal_id=" . $gal_id . ";";
$sql.= " username='" . strip_tags(mysql_real_escape_string(trim($username))) . "',";
$sql.= " password='" . strip_tags(mysql_real_escape_string(trim($password))) . "',";
Try to set the where clause after the update of username & password :
$sql.= " username='" . strip_tags(mysql_real_escape_string(trim($username))) . "',";
$sql.= " password='" . strip_tags(mysql_real_escape_string(trim($password))) . "'";
$sql.= " where gal_id=" . $gal_id . ";";
Try this
$sql.= " where gal_id=" . $gal_id . ";";
$sql.= "AND username='" . strip_tags(mysql_real_escape_string(trim($username))) . "',";
$sql.= "AND password='" . strip_tags(mysql_real_escape_string(trim($password))) . "',";
Lines 22, 23, and 24 of your sample code
First of all sorry for my language. I am a doing a shopping cart application for my assignment for college. I have a problem with registration for. The problem is that it is inserting the first query
$addsql = "INSERT INTO customers(forename, surname, add1, add2, add3, postcode, phone, email, registered)
VALUES('"
. strip_tags(addslashes($_POST['forenameBox'])) . "', '"
. strip_tags(addslashes($_POST['surnameBox'])) . "', '"
. strip_tags(addslashes($_POST['add1Box'])) . "', '"
. strip_tags(addslashes($_POST['add2Box'])) . "', '"
. strip_tags(addslashes($_POST['add3Box'])) . "', '"
. strip_tags(addslashes($_POST['postcodeBox'])) . "', '"
. strip_tags(addslashes($_POST['phoneBox'])) . "', '"
. strip_tags(addslashes($_POST['emailBox'])) . "',
1)";
mysql_query($addsql);
and it does not insert the second one.
$customer_id = mysql_insert_id(); // Gets The id Of Last MySql INSERT Query
$insert_query = 'INSERT INTO logins (
username,
password,
customer_id
)
VALUES
(
"' . $_POST['userregBox'] . '",
"' . md5($_POST['passregBox']) . '",
"' . $customer_id . '",
)';
mysql_query($insert_query);
header("Location: " . $basedir . "login.php?ok=1");
I tried different approaches with no result. I am using Xammp.
Here is the full code
<?php
session_start();
require_once("db.php");
/* Checking if user is logged in, if not redirecting to the main page */
if(isset($_SESSION['SESS_LOGGEDIN']) == TRUE) {
header("Location: " . $config_basedir);
}
if($_POST['login'])
{
$loginsql = "SELECT * FROM logins
WHERE username = '" . $_POST['userBox'] . "' AND password = '" . $_POST['passBox'] . "'";
$loginres = mysql_query($loginsql);
$numrows = mysql_num_rows($loginres);
if($numrows == 1)
{
$loginrow = mysql_fetch_assoc($loginres);
session_register("SESS_LOGGEDIN");
session_register("SESS_USERNAME");
session_register("SESS_USERID");
$_SESSION['SESS_LOGGEDIN'] = 1;
$_SESSION['SESS_USERNAME'] = $loginrow['username'];
$_SESSION['SESS_USERID'] = $loginrow['id'];
$ordersql = "SELECT id FROM orders WHERE customer_id = " . $_SESSION['SESS_USERID'] . " AND status <2";
$orderres = mysql_query($ordersql);
$orderrow = mysql_fetch_assoc($orderres);
session_register("SESS_ORDERNUM");
$_SESSION['SESS_ORDERNUM'] = $orderrow['id'];
header("Location: " . $config_basedir);
}
else
{
header("Location: http://" . $HTTP_HOST . $SCRIPT_NAME . "?error=1");
}
}
if($_POST['register'])
{
$loginchecksql = "SELECT * FROM logins
WHERE username = '" . $_POST['userBox'] . "'";
$logincheckres = mysql_query($loginchecksql);
$loginchecknumrows = mysql_num_rows($logincheckres);
if($loginchecknumrows == 1)
{
header("Location: http://" . $HTTP_HOST . $SCRIPT_NAME . "?error=3");
}
else{
if(empty($_POST['forenameBox']) ||
empty($_POST['surnameBox']) ||
empty($_POST['add1Box']) ||
empty($_POST['add2Box']) ||
empty($_POST['add3Box']) ||
empty($_POST['postcodeBox']) ||
empty($_POST['phoneBox']) ||
empty($_POST['userregBox']) ||
empty($_POST['passregBox']) ||
empty($_POST['emailBox']))
{
header("Location: " . $basedir . "login.php?error=2");
exit;
}
$addsql = "INSERT INTO customers(forename, surname, add1, add2, add3, postcode, phone, email, registered)
VALUES('"
. strip_tags(addslashes($_POST['forenameBox'])) . "', '"
. strip_tags(addslashes($_POST['surnameBox'])) . "', '"
. strip_tags(addslashes($_POST['add1Box'])) . "', '"
. strip_tags(addslashes($_POST['add2Box'])) . "', '"
. strip_tags(addslashes($_POST['add3Box'])) . "', '"
. strip_tags(addslashes($_POST['postcodeBox'])) . "', '"
. strip_tags(addslashes($_POST['phoneBox'])) . "', '"
. strip_tags(addslashes($_POST['emailBox'])) . "',
1)";
mysql_query($addsql);
$customer_id = mysql_insert_id(); // Gets The id Of Last MySql INSERT Query
$insert_query = 'INSERT INTO logins (
username,
password,
customer_id
)
VALUES
(
"' . $_POST['userregBox'] . '",
"' . md5($_POST['passregBox']) . '",
"' . $customer_id . '",
)';
mysql_query($insert_query);
header("Location: " . $basedir . "login.php?ok=1");
}
}
else
{
require_once("header.php");
?>
<?php
if($_GET['ok'] == 1) {
echo "<b>Your registration was succesfull</b><p>Start shooping now</p>";
}
else
{
?>
<?php
if($_GET['error'] == 1) {
echo "<b>Incorrect details, please try again</b>";
}
?>
<?php
if($_GET['error'] == 2) {
echo "<b>Please fill all fields</b>";
}
?>
<?php
if($_GET['error'] == 3) {
echo "<b>User name exist</b>";
}
?>
<div style="width:50%;float:left;">
<fieldset style="width:90%;background:#fff; ">
<legend>Customer Login</legend>
<form action="<?php echo $SCRIPT_NAME; ?>" method="POST">
<ul>
<li>
<fieldset>
<legend>Username</legend>
<div>
<input type="textbox" name="userBox" class="text" />
</div>
<p class="guidelines">Please enter your username</p>
</fieldset>
</li>
<li>
<fieldset>
<legend>Password</legend>
<div>
<input type="password" name="passBox" class="text" />
</div>
<p class="guidelines">Please enter your password</p>
</fieldset>
</li>
<li>
<button type="submit" name="login" value="login">Log In</button>
</li>
</ul>
</form>
</fieldset>
</div>
<div style="width:50%;float:right;">
<fieldset style="width:95%;background:#fff; ">
<legend>Register</legend>
<form action="<?php echo $SCRIPT_NAME; ?>" method="POST">
<ul>
<li>
<fieldset>
<legend>Username</legend>
<div>
<input type="textbox" name="userregBox" class="text" />
</div>
<p class="guidelines">Please enter your username</p>
</fieldset>
</li>
<li>
<fieldset>
<legend>Password</legend>
<div>
<input type="password" name="passregBox" class="text" />
</div>
<p class="guidelines">Please enter your password</p>
</fieldset>
</li>
<li>
<fieldset>
<legend>Delivery details</legend>
<table style="width:99%;">
<tr>
<td>Forename</td>
<td><input type="text" name="forenameBox" class="text"></td>
</tr>
<tr>
<td>Surname</td>
<td><input type="text" name="surnameBox" class="text"></td>
</tr>
<tr>
<td>House Number, Street</td>
<td><input type="text" name="add1Box" class="text"></td>
</tr>
<tr>
<td>Town/City</td>
<td><input type="text" name="add2Box" class="text"></td>
</tr>
<tr>
<td>County</td>
<td><input type="text" name="add3Box" class="text"></td>
</tr>
<tr>
<td>Postcode</td>
<td><input type="text" name="postcodeBox" class="text"></td>
</tr>
<tr>
<td>Phone</td>
<td><input type="text" name="phoneBox" class="text"></td>
</tr>
<tr>
<td>Email</td>
<td><input type="text" name="emailBox"class="text"></td>
</tr>
</table>
</fieldset>
</li>
<li>
<button type="submit" name="register" value="Register">Register</button>
</li>
</ul>
</form>
</fieldset>
</div>
<?php
}
}
require_once("footer.php");
?>
You have an extra comma.
Change
"' . $customer_id . '",
to
"' . $customer_id . '"
in your INSERT INTO LOGINS query.