This question is unlikely to help any future visitors; it is only relevant to a small geographic area, a specific moment in time, or an extraordinarily narrow situation that is not generally applicable to the worldwide audience of the internet. For help making this question more broadly applicable, visit the help center.
Closed 9 years ago.
I have a database that contains 2 tables
user
user_name,
first_name,
last_name,
address,
district_name,
village_name,
birth_date,
email_address,
specialization_id,
password,
registered_date
specialization
specialization id
specialization_name
i wrote these 2 queries to make first select the specialization_id from the specialization table that is the same in the user table
in the second query
i need to insert the specialization_id in the user table as a foreign key for the specialization table but i got an error Resource id #7
query 1
$query_select_spec = mysql_query("SELECT specialization_name FROM specialization, user WHERE user.specialization_id = specialization.specialization_id")or die(mysql_error());
echo $query_select_spec;
query 2
$query = mysql_query("INSERT INTO user(user_name, first_name, last_name, address, district_name, village_name, birth_date, email_address, specialization_name, password, registered_date)VALUES('$username', '$fname', '$lname', '$country', '$district', '$village', '$bdate', '$email', '$specialization', '$pass1', now())")or die("could not insert data");
this is the code of the register .php
<?php require_once('for members/scripts/connect.php'); ?>
<?php
ob_start();
function countryQuery(){
$countryData = mysql_query("SELECT * FROM country") or die("could select database");
while($record = mysql_fetch_array($countryData)){
echo'<option value="' . $record['country_name'] . '">' . $record['country_name'] . '</option>';
}
}
function specializationQuery(){
$specData = mysql_query("SELECT * FROM specialization");
while($recordJob = mysql_fetch_array($specData)){
echo'<option value="' . $recordJob['specialization_name'] . '">' . $recordJob['specialization_name'] . '</option>';
}
}
function districtQuery(){
$distData = mysql_query("SELECT * FROM districts");
while($recorddist = mysql_fetch_array($distData)){
echo'<option value="' . $recorddist['district_name'] . '">' . $recorddist['district_name'] . '</option>';
}
}
function villageQuery(){
$villageData = mysql_query("SELECT * FROM village");
while($recordvillage = mysql_fetch_array($villageData)){
echo'<option value="' . $recordvillage['village_name'] . '">' . $recordvillage['village_name'] . '</option>';
}
}
//default value
$message = "Fields Marcked with an [*] are Required";
$username = "";
$fname = "";
$lname = "";
$specialization = "";
$email = "";
$pass1 = "";
$pass2 = "";
$district = "";
$village = "";
if(isset($_POST['username'])){
$username = $_POST['username'];
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$email = $_POST['email'];
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
$bdate = $_POST['birthdate'];
$country = $_POST['country'];
//$local_adress = $_POST['adress'];
$specialization = $_POST['specialization'];
$district = $_POST['district'];
$village = $_POST['village'];
//error handeling
if((!$username)||(!$fname)||(!$lname)||(!$email)||(!$pass1)||(!$pass2)||(!$specialization)||(!$district)||(!$village)){
$message = "**** Please insert the Required Fields below ****<br />";
if($fname == "")
{
$message = $message . "Enter First name<br/>";
}
if($lname == "")
{
$message = $message . "Enter Last name<br/>";
}
if($specialization == 0)
{
$message = $message . "Select Your Job<br />";
}
if($district == 0)
{
$message = $message . "Select Your District<br />";
}
if($village == 0)
{
$message = $message . "Select Your Village<br />";
}
if($email == "")
{
$message = $message . "Enter Email Adress<br/>";
}
if ($username == "") {
$message = $message . "Enter User Name<br/>";
}
if($pass1 == "")
{
$message = $message . "Enter password<br/>";
}
if($pass2 == "")
{
$message = $message . "rechek the password <br/>";
}
}
elseif(strlen($pass1) <= 8)
{
$message = $message . "Your Password must be at least 8 charachters<br />";
}
else if($pass1!=$pass2){
$message = "your password do not match!";
}else{
//securing the data
$username = preg_replace("#[^0-9a-z]#i","",$username);
$fname = preg_replace("#[^0-9a-z]#i","",$fname);
$lname = preg_replace("#[^0-9a-z]#i","",$lname);
//$pass1 = sha1($pass1);
$email = mysql_real_escape_string($email);
// checking for duplicate
$user_query = mysql_query("SELECT user_name FROM user WHERE user_name = '$username'LIMIT 1") or die("could not check the username");
$count_username = mysql_num_rows($user_query);
$email_query = mysql_query("SELECT email_address FROM user WHERE email_address = '$email'LIMIT 1") or die("could not check the email");
$count_email = mysql_num_rows($email_query);
if($count_username > 0){
$message = " your username is alredy in use";
}elseif($count_email > 0){
$message = "your email is alredy in use";
}
else{
$query_select_spec = mysql_query("SELECT specialization_name FROM specialization, user WHERE user.specialization_id = specialization.specialization_id")or die(mysql_error());
echo $query_select_spec;
exit();
$query = mysql_query("INSERT INTO user(user_name, first_name, last_name, address, district_name, village_name, birth_date, email_address, specialization_id, password, registered_date)VALUES('$username', '$fname', '$lname', '$country', '$district', '$village', '$bdate', '$email', '$specialization', '$pass1', now())")or die("could not insert data");
$message = "you have now been registered";
//from the social website
$getid = mysql_fetch_array($query);
$_SESSION['user_id'] = $getid['user_rid'];
$_SESSION['login'] = 'true';
$_SESSION['login_user'] = $getid['username'];
//header("Location: home.php");
}
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Register Page</title>
<link href="style/stylesheet.css" rel="stylesheet" type="text/css" />
<link href="style/imagesGallery.css"rel="stylesheet" type="text/css"/>
<script src="js/main.js" type="text/javascript"></script>
<script src="js/jquery.js" type="text/javascript"></script>
</head>
<body>
<table width="200" border="0" align="center">
<tr>
<tr>
<td><img src="web_header copy.jpg" alt="visitor header" width="1080" height="128" /></td>
</tr>
<tr>
<td>
<marquee direction="left" width="99%" behavior="alternate">
<img src="imggallery/images/akoura/akoura_small.jpg" width="119" height="91">
<img src="imggallery/images/ballaa2/ballaa2_small.jpg" width="119" height="91">
<img src="imggallery/images/baalbeck/baalbek_small.jpg" height="92">
<img src="imggallery/images/barouk/cedre_barouk_small.jpg" width="119" height="91">
<img src="imggallery/images/batroun/batroun_small.jpg" width="119" height="91">
<img src="imggallery/images/bchareh/bchareh_small.jpg" width="119" height="91">
<img src="imggallery/images/beiteldin/beiteldine_small.jpg" width="119" height="91">
<img src="imggallery/images/beyrouth/beyrouth_small.jpg" width="119" height="91">
<img src="imggallery/images/beyrouth/beyroyj frm sky/beyrouthfromSky_small.jpg" width="119" height="91">
<img src="imggallery/images/deir el mara/deirelamar_small.jpg" width="119" height="91">
</marquee>
<hr />
<h2 class="registerTitle">Registration Fields</h2>
<h4 class="registerTitle">Sign Up Today....</h4>
<!-- <div class="container center"> -->
<p style="color:#FF0000" align="center"><?php print("$message")?></p>
</td>
<tr>
<table width="680" border="0" align="center">
<form action="register.php" method="post">
<td>
</span><label for="firstname"><span class="Fields">First Name</span> <span class="requiredField">*</span></label></td>
<td>
<input type="text" name="fname" placeholder="Firstname" /></td>
<td><span class="Fields">Last Name</span><span class="requiredField">*</span></label></td>
<td><input type="text" name="lname" placeholder="Lastname" /></td>
<tr>
<td><label for="birthdate" class="Fields">Birth Date </label></td>
<td><input type="date" name="birthdate" value= "YYYY_MM_DD" onfocus="if (this.value == 'YYYY_MM_DD') {this.value = '';}" onblur="if (this.value == '') {this.value = 'YYYY_MM_DD';}" />
<br /></td>
</tr>
<tr>
<td class="Fields"><label for="country">Country</label></td>
<td><select name="country" class="select">
<option value="0">-- Select Your Country --</option>
<?php countryQuery(); ?>
</select></td>
<td class="Fields"><label for="specialisation">Specialisation <span class="requiredField">*</span></label></td>
<td><select name="specialization" class="select">
<option value="0">-- Select Your Specialization --</option>
<?php specializationQuery(); ?>
</select></td>
</tr>
<tr>
<td class="Fields"><label for="district">District<span class="requiredField">*</span></label></td>
<td><select name="district" class="select">
<option value="0">-- Select Your District --</option>
<?php districtQuery(); ?>
</select></td>
<td class="Fields"><label for="village">Village<span class="requiredField">*</span></label></td>
<td><select name="village" class="select">
<option value="0">-- Select Your Village --</option>
<?php villageQuery(); ?>
</select></td>
</tr>
<tr>
<td class="Fields"><label for="email">Email Adress<span class="requiredField">*</span></label></td>
<td><input type="text" name="email" placeholder="Email Adress" />
<br /></td>
<td><label for="username"><span class="Fields">User Name</span> <span class="requiredField">*</span></label></td>
<td><input type="text" name="username" placeholder="Username" />
<br /></td>
</tr>
<tr>
<td class="Fields"><label for="password">Password<span class="requiredField">*</span></label></td>
<td><input type="password" name="pass1" placeholder="Password" />
<br /></td>
<td class="Fields"><label for="password2">Re_Password<span class="requiredField">*</span></label></td>
<td><input type="password" name="pass2" placeholder="Validate Password" />
<br /></td>
</tr>
<tr>
<td></td>
<td></td>
<td><input type="submit" value="Register"/></td>
<td></td>
</tr>
</form>
</table>
<!--</div>-->
</tr>
<tr>
<td><?php require_once('footer.php'); ?></td>
</tr>
</tr>
</tr>
</table>
</body>
</html>
<?php ob_end_flush(); ?>
anyone can help me ??
it's not an error, it is what mysql_query returns.
to get values, you should loop through mysql result
while($row = mysql_fetch_assoc($query))
print_r($row);
query1= You do not have specilization_id in user field. and you are using it-user.specialization_id
try user in 2nd query instead of user as it may be a keyword.
$query_select_spec = mysql_query("SELECT specialization_name FROM specialization, user WHERE user.specialization_id = specialization.specialization_id")or die(mysql_error());
$row_select_spec = mysql_fetch_assoc ($query_select_spec);
$specialization = $row_select_spec['specialization_name'];
$query = mysql_query("INSERT INTO user(user_name, first_name, last_name, address, district_name, village_name, birth_date, email_address, specialization_name, password, registered_date)VALUES('$username', '$fname', '$lname', '$country', '$district', '$village', '$bdate', '$email', '$specialization', '$pass1', now())") or die("could not insert data");
First, i would advise you to refrain from using the old and obsolete mysql extension and rather upgrade to either the mysqli or the PDO extensions. What you ahve there is no error and you just need to loop through the result.
I would do that like this using the mysqli extension.
//Connect to the db using the mysql improved extension
$mysqli = new mysqli("localhost", "user", "password", "database");
if ($mysqli->connect_errno) {
echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
}
//Select spec
$query = "SELECT specialization_name FROM specialization, user WHERE user.specialization_id = specialization.specialization_id";
$result = $mysqli->query($query);
//Print results
while($data = $result->fetch_assoc()){
echo'<pre>'; // Format your dump as code
var_dump($data);
}
Related
<?php include("header.php")?>
<?php include("menu.php")?>
<div id="registrationPage">
<div id="registrationDiv" ></div>
<fieldset id="registrationFieldPos">
<legend><h3>Register</h3></legend>
<form id="registrationForm" action="registrationaction.php" method="POST" enctype="multipart/form-data">
<table>
<tr>
<td><label>First Name :</label></td>
<td><input type="text" name="fname" /></td>
</tr>
<tr>
<td><label>Last Name :</label></td>
<td><input type="text" name="lname" /></td>
</tr>
<tr>
<td><label>Username :</label></td>
<td><input type="text" name="username" /></td>
</tr>
<tr>
<td><label>Password :</label></td>
<td><input type="password" name="password" /></td>
</tr>
<tr>
<td><label>Confirm Password :</label></td>
<td><input type="password" name="passwordconfirm" /></td>
</tr>
<tr>
<td><label>Email :</label></td>
<td><input type="email" name="email" /></td>
</tr>
<tr>
<td><label>Image :</label></td>
<td><input type="file" name="fileUpload" /></td>
</tr>
<tr>
<td><label>Country :</label></td>
<td>
<select name="country">
<?php
$connection = mysqli_connect('localhost', 'root', '', 'mutetistore') or die('connection error'. mysql_error());
mysqli_select_db($connection, 'mutetistore');
$sql = "SELECT * FROM apps_countries" ;
$results = mysqli_query($connection, $sql);
while($result = mysqli_fetch_array($results)):;
?>
<option value=" <?php echo $result['country_name']; ?> "> <?php echo $result['country_name'];?> </option>
<?php endwhile; ?>
</select>
</td>
</tr>
<tr>
<td><label>Languages :</label></td>
<td>
<label>English <input type="checkbox" name="Languages[]" value = "English" /></label>
<label>French<input type="checkbox" name="Languages[]" value = "French" /></label>
<label>Swahili<input type="checkbox" name="Languages[]" value = "Swahili" /></label>
</td>
</tr>
<tr>
<td><label>Gender:</label></td>
<td>
<label>Male <input type="radio" name="gender" value = "male"/></label>
<label>Female</label><input type="radio" name="gender" value = "female"/>
</td>
</tr>
<tr>
<td><input type="submit" name="save" value = "registered"/></td>
</tr>
</table>
</form>
</fieldset>
<div id="divEnd">
</div>
</div>
<?php include("footer.php")?>
<?php
require('databaseconn.php');
if(isset($_POST['save']) ) {
$firstname = $_POST['fname'];
$lastname = $_POST['lname'];
$username = $_POST['username'];
$password = $_POST['password'];
$passwordconfirm = $_POST['passwordconfirm'];
$country = $_POST['country'];
$gender = $_POST['gender'];
$Languages = $_POST['Languages'];
$imagename = $_FILES['fileUpload']['name'];
$imagesize = $_FILES['fileUpload']['size'];
$imagetmp = $_FILES['fileUpload']['tmp_name'];
if(empty( $firstname)) {
echo "please enter username";
}else if(empty( $lastname)) {
echo "please enter lastname";
}else if(empty( $username)) {
echo "please enter username";
}else if(empty( $password)) {
echo "please enter password";
}else if(empty( $password !== $passwordconfirm)) {
echo "password do not match";
}else if(empty( $country)) {
echo "please select your country ";
}else if(empty( $gender)) {
echo "please select your gender ";
}else if(empty( $imagename)) {
echo "please select image";
}else {
$uploadFolder = "Uploads/";
$filename = rand(1000,100000)."-".$imagename;
$filenameUpload = move_uploaded_file($imagetm, $uploadFolder, $filename);
$sql = "INSERT INTO `register` (`id`, `firstname`, `lastname`, `username`, `password`, `country`, `gender`, `language`, `imageName`, `imageSize`, `imageTemp`)
VALUES (NULL, '$firstname', '$lastname', '$username', '$password', '$country', '$gender', '$Languages', '$filenameUpload', '$imagesize', '$imagetmp')";
}
}
?>
<?php echo $_POST["fname"]; ?><br>
<?php echo $_POST["lname"]; ?><br>
<?php echo $_POST["username"]; ?><br>
<?php echo $_POST["password"]; ?><br>
<?php echo $_POST["passwordconfirm"]; ?><br>
<?php echo $_POST["country"]; ?><br>
<?php echo $_POST["gender"]; ?><br>
<?php echo $_POST["password"]; ?><br>
<?php echo $_POST["passwordconfirm"]; ?><br>
<?php echo $_POST["country"]; ?><br>
This code is giving me headache. Could someone spot the error? I have tried it for a day without a solution. I want it to submit data to database (image ,checkbox,radio,etc). I want it to put all the selected checkboxs to database. I will later learn about the implode, exlode, to add commas to the code.
First two lines:
<?php include("header.php")?> <---- End the statement with ;
<?php include("menu.php")?> <---- Here too!
On Other Lines:
while($result = mysqli_fetch_array($results)):; <---What is this? It should be { //Code here
and The closing of while loop should be this! ->} not <?php endwhile; ?>
Here:
}else if(empty( $password !== $passwordconfirm)) { // Your Operation should be != and not !==
Maybe your id should be declared as an Auto-increment. And not to be added as NULL.
Youre full of headaches.. hahaha
I have a form with file upload and user name exits checking conditions.
What im facing it the data are not getting insert in mysql db. file as been successfully saved in given path. kindly help me on this im wasted already 2days with that i tried a lot myself.
form.php
<table style="text-align:right">
<form id="add" method="POST" action="action.php" enctype="multipart/form-data">
<tr>
<h4 class='bg-info'>
<br/>         Become a Member of jobportal and find the right job. Create your Profile now, Free!<br/><br/>
</h4>
</tr>
<tr>
<td></td>
<td> * Mandatory Fields </td>
</tr>
<tr>
<div class="col-md-1"></div>
<td>Enter Your Email-ID: *</td>
<td><input class="form-control input-sm" placeholder="Email ID" type="textfield" name="email"required></td>
</tr>
<tr>
<td>Choose password *</td>
<td><input class="form-control input-sm" placeholder="Enter Your Password" type="password" name="password"required/></td>
</tr>
<td>Re-Enter Your password *</td>
<td><input class="form-control input-sm" placeholder="Enter Your Password" type="password" name="repassword"required/></td>
</tr>
<tr>
<td> Please Enter Your Full Name:</td>
<td> <input class="form-control input-sm" placeholder="Enter Full Name" type="textfield" name="name"required></td>
</tr>
<tr>
<td>Your Current Location: *<td>
<select class="form-control input-sm" required name="location">
<option value='' disabled selected style='display:none;'>Select location *</option>
<option>Andhra Pradesh</option>
<option>Arunachal Pradesh</option>
<option>Assam</option>
<option>Bihar</option>
<option>Chhattisgarh</option>
<option>Goa</option>
<option>Gujarat</option>
<option>Haryana</option>
<option>Himachal Pradesh</option>
<option>Jammu and Kashmir</option>
<option>Jharkhand</option>
<option>Karnataka</option>
<option>Kerala</option>
<option>Madhya Pradesh</option>
<option>Maharashtra</option>
<option>Maharashtra</option>
<option>Manipur</option>
<option>Meghalaya</option>
<option>Mizoram</option>
<option>Nagaland</option>
<option>Odisha</option>
<option>Punjab</option>
<option>Rajasthan</option>
<option>Sikkim</option>
<option>Tamil Nadu</option>
<option>Telangana</option>
<option>Tripura</option>
<option>Uttar Pradesh</option>
<option>Uttarakhand</option>
<option>West Bengal</option>
</select></td>
</td>
</tr>
<tr>
<td>Enter Your Mobile Number: *</td>
<td><input class="form-control input-sm" placeholder="mobile number" type="textfield" name="mobilenumber" required/></td>
</tr>
<tr>
<td>Experience:</td>
<td>
<select class="form-control input-sm" required name="experience">
<option value='' disabled selected style='display:none;'>Select Experience</option>
<option>Fresher</option>
<option>1</option>
<option>2</option>
<option>3</option>
<option>4</option>
</select>
</td>
</tr>
<tr>
<td>Key Skill: *</td>
<td>
<input class="form-control input-sm" placeholder="Enter Your Skill" type="textfield" name="keyskill"/>
</td>
</tr>
<tr>
<td>Please Select your PG Degree</td>
<td>
<select class="form-control input-sm" required name="degree">
<option value='' disabled selected style='display:none;'>Select Degree</option>
<option>B.sc</option>
<option>B.E</option>
<option>B.Com</option>
<option>others</option>
</select>
</td>
</tr>
<tr>
<td>Please Select Higher Studies:</td>
<td>
<select class="form-control input-sm" required name="hsc">
<option value='' disabled selected style='display:none;'>Select Higher Studies</option>
<option>HSC</option>
<option>Diploma</option>
<option>ITI</option>
<option>others</option>
</select>
</td>
</tr>
<tr>
<td>Please Select your Gender: *</td>
<td>
<select class="form-control input-sm" required name="gender">
<option value='' disabled selected style='display:none;'>Select</option>
<option>Male</option>
<option>Female</option>
<option>others</option>
</select>
</td>
</tr>
<tr>
<td>Upload your Resume :</td>
<td><input type="file" name="filep"></td>
</tr>
<tr>
<td> </td>
<td>by clicking register u accepting our terms and condtions. click here !</td>
</tr>
<tr>
<td></td>
<td>
<input type="submit" name="add" class="btn btn-info btn-sm" id="add" value="Register With JobPortal">
</td>
</tr>
</form>
</table>
action.php
$con = mysqli_connect('localhost','root','');
if (!$con) {
die('Could not connect: ' . mysql_error());
} else {
echo 'connected';
}
if (isset($_POST['add']) ) {
if (!get_magic_quotes_gpc() ) {
$email = addslashes ($_POST['email']);
} else {
$email = $_POST['email'];
}
$email = $_POST['email'];
$password = md5 ($_POST['password']);
$name = $_POST['name'];
$location = $_POST['location'];
$mobilenumber = $_POST['mobilenumber'];
$experience = $_POST['experience'];
$keyskill = $_POST['keyskill'];
$degree = $_POST['degree'];
$hsc = $_POST['hsc'];
$gender = $_POST['gender'];
$resume = $_FILES['filep']['name'];
$folder = "C:/wamp/www/userlogin/pic/";
$name="SELECT emailid FROM userregistration WHERE emailid='$email'";
mysqli_select_db($con, 'login');
$result = mysqli_query($con, $name);
if (mysqli_num_rows($result)!=0) {
echo "Username already exists";
} else {
echo"data entered done";
}
if (move_uploaded_file($_FILES["filep"]["tmp_name"], $folder . $_FILES["filep"]["name"])) {
echo "images moved sus";
} else {
echo "not done";
}
echo "<p align=center>File ".$_FILES["filep"]["name"]."loaded...";
$sql = "INSERT INTO userregistration "
. "(email, password, name, location, mobilenumber, experience, keyskill, degree, hsc, gender, resume)"
. "VALUES('$email', '$password', '$name', '$location', '$mobilenumber', '$experience', '$keyskill',
'$degree', '$hsc', '$gender', '$resume')";
mysqli_select_db($con, 'login');
$retval = mysqli_query($con, $sql);
if (!$retval) {
die('Could not enter data: ' . mysql_error());
}
echo "Entered data successfully\n";
echo' insert more data ';
mysqli_close($con);
}
What I exactly need is: I want to upload form data with the file url into database and need to check email id or name already exits.
I only get error in $sql = "insert into" portion other than else working fine.
Thanks in advance.
echo your sql query before
mysqli_select_db($con, 'login');
and execute it in your Mysql phpmyadmin...
I guess there is some problem in your query formation, spacing between words or something.
Errors
Missing database name
mysqli_connect("localhost","root","","login");
And error in $sql query
So final well-From code is
<?php
$con= mysqli_connect("localhost","root","","login");;//missing database
if (! $con)
{
die('Could not connect: ' . mysql_error());
}
else{
echo 'connected';
}
if(isset($_POST['add']))
{
if(! get_magic_quotes_gpc() )
{
$email = addslashes ($_POST['email']);
}
else
{
$email = $_POST['email'];
}
$email = $_POST['email'];
$password = md5 ($_POST['password']);
$name = $_POST['name'];
$location = $_POST['location'];
$mobilenumber = $_POST['mobilenumber'];
$experience = $_POST['experience'];
$keyskill = $_POST['keyskill'];
$degree = $_POST['degree'];
$hsc = $_POST['hsc'];
$gender = $_POST['gender'];
$resume = $_FILES['filep']['name'];
$folder = "C:/wamp/www/userlogin/pic/";
$query001="SELECT emailid FROM userregistration WHERE emailid='$email'";
$result = mysqli_query($con, $query001);
if(mysqli_num_rows($result)!=0){
echo "Username already exists";
}
else
{
echo"data entered done";
if (move_uploaded_file($_FILES["filep"]["tmp_name"], $folder . $_FILES["filep"]["name"]))
{
echo "images moved sus";
}
else
{
echo "not done";
}
echo "<p align=center>File ".$_FILES["filep"]["name"]."loaded...";
$sql = "INSERT INTO userregistration (email, password, name, location, mobilenumber, experience, keyskill,
degree, hsc, gender, resume) VALUES('$email','$password','$name','$location','$mobilenumber','$experience','$keyskill','$degree','$hsc','$gender','$resume')";
$retval = mysqli_query($con, $sql);
if(!$retval )
{
die('Could not enter data: ' . mysql_error());
}
else
{
echo "Entered data successfully\n";
echo' insert more data ';
mysqli_close($con);
}
}
}
?>
and be aware with MySQL Injection.
simply you can use mysqli_real_escape_string()
Example
$name = mysqli_real_escape_string($_POST['name']);
Tip from(Comment)
You have $name declared twice in your code - rename the $name select statement. ($name = $_POST['name']; and also $name="SELECT emailid FROM userregistration WHERE emailid='$email'"; ) – Jesse C
I'm doing a database project for university and I'm having a problem in here.
I receive from a previous page an id as $_POST['ids'] and in the form I send that same value in a hidden field so it can do a sort of a cicle.
But when I click the submit button I got a lot of errors on $service_info and no information is loaded on the page. I tried do var_dump() everything and I just can't find what is the problem in here.
<?php
//error_reporting();
require 'core/init.php';
require 'db/connect.php';
require 'functions/security.php';
?>
<html>
<head>
<title>Make a reservation</title>
<meta charset="UTF-8">
<link rel="stylesheet" href="css/common.css">
</head>
<body>
<?php require 'parts/header.php'; ?>
<hr>
<?php
$query = "SELECT * FROM service WHERE id=" . $_POST['ids'];
if ($result = $db->query($query)) {
if ($result->num_rows) {
$service_info = $result->fetch_object();
$result->close();
}
}
$query = "SELECT name FROM tour WHERE id =" . $service_info->idtour;
if ($result = $db->query($query)) {
if ($result->num_rows) {
$tour_name = $result->fetch_object();
$result->close();
}
}
$query = "SELECT SUM(nrseats) AS res_seats FROM reservation_service WHERE idservice =" . $service_info->id;
$nr_reservations_info = $db->query($query);
$nr_reservations = $nr_reservations_info->fetch_row();
$nr_reservations_info->close();
$count = $service_info->nrseats - $nr_reservations[0];
if($count === 0){
echo "<script>alert('There are no more places available for this tour. You are being redirected for the main page!')</script>";
echo "<script>window.open('index.php','_self')</script>";
}
else{
$count = $service_info->nrseats;
}
?>
<form action="" method="POST">
<div class="registering">
<table>
<tbody>
<tr>
<td>
<label for="tname">Related tour</label>
</td>
<td>
<label for="splace"><br>Service name</label>
</td><p><br></p>
</tr>
<tr>
<td>
<input type="text" readonly="" name="tour" id="tour" required="" autofocus="" value="<?php echo $tour_name->name ?>">
</td>
<td>
<input type="text" readonly="" name="name" id="name" required="" value="<?php echo $service_info->name ?>">
</td>
</tr>
<tr>
<td>
<label for="sprice"><br>Price (€)</label>
</td>
<td>
<label for="sdescription"><br>Description</label>
</td>
</tr>
<tr>
<td>
<input type="number" name="price" id="price" readonly="" required="" value="<?php echo $service_info->price ?>">
</td>
<td>
<input type="text" name="description" id="description" required="" readonly="" value="<?php echo $service_info->description ?>">
</td>
</tr>
<tr>
<td>
<label for="sseats"><br>Seats left</label>
</td>
<td>
<label for="snreservations"><br>Number of reservations (people)</label>
</td>
</tr>
</tr>
<tr>
<td>
<input type="number" name="nrseats" id="nrseats" required="" value="<?php echo $count ?>" readonly="">
</td>
<td>
<input type="number" name="nrreservations" id="nrreservations" required="" value="1">
</td>
<td>
<input type="hidden" name="ids" required="" value="<?php $service_info->id ?>">
</td>
</tr>
</tr>
<tr>
<td colspan="2">
<label for="next"><br></label>
<input type="submit" value="Next">
</td>
</tr>
</tbody>
</table>
</div>
</form>
</body>
</html>
<?php
if (!empty($_POST)) {
if (isset($_POST['name'], $_POST['ids'], $_POST['tour'], $_POST['price'], $_POST['description'], $_POST['nrseats'], $_POST['nrreservations'])) {
$_POST = array_map("trim", $_POST);
$name = $_POST['name'];
$tour = $_POST['tour'];
$price = $_POST['price'];
$description = $_POST['description'];
$nrseats = $_POST['nrseats'];
$nrreservations = $_POST['nrreservations'];
$ids = $_POST['ids'];
if (!empty($name) && !empty($ids) && !empty($tour) && !empty($price) && !empty($description) && !empty($nrseats) && !empty($nrreservations)) {
$query = "SELECT id FROM customer WHERE email='" . $_SESSION['user_email'] . "'";
if ($result = $db->query($query)) {
$id_user = $result->fetch_object();
$result->close();
}
$query = "SELECT id FROM reservation WHERE idtour={$service_info->idtour} AND idcustomer={$id_user->id}";
if ($result = $db->query($query)) {
if ($result->num_rows) {
$id_reservation = $result->fetch_object();
$result->close();
}
}
$query = "SELECT * FROM reservation_service WHERE idservice=" . $service_info->id;
if ($result = $db->query($query)) {
if ($result->num_rows) {
$reservation_service_exists = $result->fetch_object();
if ($nrreservations < 1) {
echo "<script>alert('Your must make a reservation for, at least, one person!')</script>";
echo "<script>window.open('new_reservation_service.php','_self')</script>";
} else if ($count - $nrreservations < 0) {
echo "<script>alert('You can not make the reservation because there are only " . $count . " seats available in this tour!')</script>";
echo "<script>window.open('new_reservation_service.php','_self')</script>";
} else if ($result->num_rows) {
$query = "SELECT * FROM reservation WHERE idcustomer= '" . $id_user->id . "' AND idtour= '" . $service_info->idtour . "'";
if ($result = $db->query($query)) {
if ($result->num_rows) {
$reservation_exists = $result->fetch_object();
$result->close();
if ($reservation_exists->idcustomer === $id_user->id) {
if ($reservation_exists->id === $reservation_service_exists->idreservation) {
echo "<script>alert('You already made a reservation for this service. Please see your reservation panel!')</script>";
echo "<script>window.open('reservations.php','_self')</script>";
}
}
}
}
}
}else {
$query = "INSERT INTO reservation_service (idreservation, idservice, date, nrseats) VALUES (?, ?, NOW(), ?)";
$insert = $db->prepare($query);
$insert->bind_param('iii', $id_reservation->id, $service_info->id, $nrreservations);
$insert->execute();
echo "<script>alert('You successfully made a reservation! You are being redirected to your reservations page')</script>";
echo "<script>window.open('reservations.php','_self')</script>";
}
}
}
}
}
?>
change inside your form this input hidden you created:
<input type="hidden" name="ids" required="" value="<?php $service_info->id ?>">
to
<input type="hidden" name="ids" required="" value="<?php echo $service_info->id ?>">
If you don't echoing this value, $_POST['ids'] won't be get any value passed from form.
before anyone make a negative vote and criticize me i am new to the development and i need some hep in my queries using php and mysql
so i am trying to make the user insert some information in the register page that will submit information to the table named user that have these fields :
user_name,
first_name,
last_name,
address,
district_name,
village_name,
birth_date,
email_address,
specialization_name,
password,
registered_date
and i have another table with name specialization
that have these fields :
specialization_id
specilaization_name
what i need is that the user select the specialization in the register page but in the user table i need to use the specialization_id as a foreign key to the specialization table
the insert query that i use is :
$query = mysql_query("INSERT INTO user(user_name, first_name, last_name, address, district_name, village_name, birth_date, email_address, specialization_name, password, registered_date)VALUES('$username', '$fname', '$lname', '$country', '$district', '$village', '$bdate', '$email', '$specialization', '$pass1', now())")or die("could not insert data");
register.php
<?php require_once('for members/scripts/connect.php'); ?>
<?php
ob_start();
function countryQuery(){
$countryData = mysql_query("SELECT * FROM country") or die("could select database");
while($record = mysql_fetch_array($countryData)){
echo'<option value="' . $record['country_name'] . '">' . $record['country_name'] . '</option>';
}
}
function specializationQuery(){
$specData = mysql_query("SELECT * FROM specialization");
while($recordJob = mysql_fetch_array($specData)){
echo'<option value="' . $recordJob['specialization_name'] . '">' . $recordJob['specialization_name'] . '</option>';
}
}
function districtQuery(){
$distData = mysql_query("SELECT * FROM districts");
while($recorddist = mysql_fetch_array($distData)){
echo'<option value="' . $recorddist['district_name'] . '">' . $recorddist['district_name'] . '</option>';
}
}
function villageQuery(){
$villageData = mysql_query("SELECT * FROM village");
while($recordvillage = mysql_fetch_array($villageData)){
echo'<option value="' . $recordvillage['village_name'] . '">' . $recordvillage['village_name'] . '</option>';
}
}
//default value
$message = "Fields Marcked with an [*] are Required";
$username = "";
$fname = "";
$lname = "";
$specialization = "";
$email = "";
$pass1 = "";
$pass2 = "";
$district = "";
$village = "";
if(isset($_POST['username'])){
$username = mysql_real_escape_string($_POST['username']);
$fname = mysql_real_escape_string($_POST['fname']);
$lname = mysql_real_escape_string($_POST['lname']);
$email = mysql_real_escape_string($_POST['email']);
$pass1 = mysql_real_escape_string($_POST['pass1']);
$pass2 = mysql_real_escape_string($_POST['pass2']);
$bdate = mysql_real_escape_string($_POST['birthdate']);
$country = mysql_real_escape_string($_POST['country']);
//$local_adress = $_POST['adress'];
$specialization = mysql_real_escape_string($_POST['specialization']);
$district = mysql_real_escape_string($_POST['district']);
$village = mysql_real_escape_string($_POST['village']);
//error handeling
if((!$username)||(!$fname)||(!$lname)||(!$email)||(!$pass1)||(!$pass2)||(!$specialization)||(!$district)||(!$village)){
$message = "**** Please insert the Required Fields below ****<br />";
if($fname == "")
{
$message = $message . "Enter First name<br/>";
}
if($lname == "")
{
$message = $message . "Enter Last name<br/>";
}
if($specialization == 0)
{
$message = $message . "Select Your Job<br />";
}
if($district == 0)
{
$message = $message . "Select Your District<br />";
}
if($village == 0)
{
$message = $message . "Select Your Village<br />";
}
if($email == "")
{
$message = $message . "Enter Email Adress<br/>";
}
if ($username == "") {
$message = $message . "Enter User Name<br/>";
}
if($pass1 == "")
{
$message = $message . "Enter password<br/>";
}
if($pass2 == "")
{
$message = $message . "rechek the password <br/>";
}
}
elseif(strlen($pass1) <= 8)
{
$message = $message . "Your Password must be at least 8 charachters<br />";
}
else if($pass1!=$pass2){
$message = "your password do not match!";
}else{
//securing the data
$username = preg_replace("#[^0-9a-z]#i","",$username);
$fname = preg_replace("#[^0-9a-z]#i","",$fname);
$lname = preg_replace("#[^0-9a-z]#i","",$lname);
//$pass1 = sha1($pass1);
$email = mysql_real_escape_string($email);
// checking for duplicate
$user_query = mysql_query("SELECT user_name FROM user WHERE user_name = '$username'LIMIT 1") or die("could not check the username");
$count_username = mysql_num_rows($user_query);
$email_query = mysql_query("SELECT email_address FROM user WHERE email_address = '$email'LIMIT 1") or die("could not check the email");
$count_email = mysql_num_rows($email_query);
if($count_username > 0){
$message = " your username is alredy in use";
}elseif($count_email > 0){
$message = "your email is alredy in use";
}
else{
$query = mysql_query("INSERT INTO user(user_name, first_name, last_name, address, district_name, village_name, birth_date, email_address, specialization_name, password, registered_date)VALUES('$username', '$fname', '$lname', '$country', '$district', '$village', '$bdate', '$email', '$specialization', '$pass1', now())")or die("could not insert data");
//var_dump($query);
//exit();
$message = "Registered Success <a href='profile.php'>Your Profile</a> ";
//from the social website
if ($query)
{
$_SESSION['user_id'] = mysql_insert_id();
$_SESSION['login'] = 'true';
$_SESSION['login_user'] = $username;
}
}
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Register Page</title>
<link href="style/stylesheet.css" rel="stylesheet" type="text/css" />
<link href="style/imagesGallery.css"rel="stylesheet" type="text/css"/>
<script src="js/main.js" type="text/javascript"></script>
<script src="js/jquery.js" type="text/javascript"></script>
</head>
<body>
<div class="container">
<table width="200" border="0" align="center">
<tr>
<tr>
<td><img src="web_header copy.jpg" alt="visitor header" width="1080" height="128" /></td>
</tr>
<tr>
<td>
<marquee direction="left" width="99%" behavior="alternate">
<img src="imggallery/images/akoura/akoura_small.jpg" width="119" height="91">
<img src="imggallery/images/ballaa2/ballaa2_small.jpg" width="119" height="91">
<img src="imggallery/images/baalbeck/baalbek_small.jpg" height="92">
<img src="imggallery/images/barouk/cedre_barouk_small.jpg" width="119" height="91">
<img src="imggallery/images/batroun/batroun_small.jpg" width="119" height="91">
<img src="imggallery/images/bchareh/bchareh_small.jpg" width="119" height="91">
<img src="imggallery/images/beiteldin/beiteldine_small.jpg" width="119" height="91">
<img src="imggallery/images/beyrouth/beyrouth_small.jpg" width="119" height="91">
<img src="imggallery/images/beyrouth/beyroyj frm sky/beyrouthfromSky_small.jpg" width="119" height="91">
<img src="imggallery/images/deir el mara/deirelamar_small.jpg" width="119" height="91">
</marquee>
<hr />
<h2 class="registerTitle">Registration Fields</h2>
<h4 class="registerTitle">Sign Up Today....</h4>
<!-- <div class="container center"> -->
<p style="color:#FF0000" align="center"><?php print("$message")?></p>
</td>
<tr>
<table width="680" border="0" align="center">
<form action="register.php" method="post">
<tr>
<td><span class="Fields">First Name</span> <span class="requiredField">*</span></td>
<td>
<input type="text" name="fname" placeholder="Firstname" /></td>
<td><span class="Fields">Last Name</span><span class="requiredField">*</span></td>
<td><input type="text" name="lname" placeholder="Lastname" /></td>
</tr>
<tr>
<td><label for="birthdate" class="Fields">Birth Date </label></td>
<td><input type="date" name="birthdate" value= "YYYY_MM_DD" onfocus="if (this.value == 'YYYY_MM_DD') {this.value = '';}" onblur="if (this.value == '') {this.value = 'YYYY_MM_DD';}" />
<br /></td>
</tr>
<tr>
<td class="Fields"><label for="country">Country</label></td>
<td><select name="country" class="select">
<option value="0">-- Select Your Country --</option>
<?php countryQuery(); ?>
</select></td>
<td class="Fields"><label for="specialisation">Specialisation <span class="requiredField">*</span></label></td>
<td><select name="specialization" class="select">
<option value="0">-- Select Your Specialization --</option>
<?php specializationQuery(); ?>
</select></td>
</tr>
<tr>
<td class="Fields"><label for="district">District<span class="requiredField">*</span></label></td>
<td><select name="district" class="select">
<option value="0">-- Select Your District --</option>
<?php districtQuery(); ?>
</select></td>
<td class="Fields"><label for="village">Village<span class="requiredField">*</span></label></td>
<td><select name="village" class="select">
<option value="0">-- Select Your Village --</option>
<?php villageQuery(); ?>
</select></td>
</tr>
<tr>
<td class="Fields"><label for="email">Email Adress<span class="requiredField">*</span></label></td>
<td><input type="text" name="email" placeholder="Email Adress" />
<br /></td>
<td><label for="username"><span class="Fields">User Name</span> <span class="requiredField">*</span></label></td>
<td><input type="text" name="username" placeholder="Username" />
<br /></td>
</tr>
<tr>
<td class="Fields"><label for="password">Password<span class="requiredField">*</span></label></td>
<td><input type="password" name="pass1" placeholder="Password" />
<br /></td>
<td class="Fields"><label for="password2">Re_Password<span class="requiredField">*</span></label></td>
<td><input type="password" name="pass2" placeholder="Validate Password" />
<br /></td>
</tr>
<tr>
<td></td>
<td></td>
<td><input type="submit" value="Register"/></td>
<td></td>
</tr>
</form>
</table>
<!--</div>-->
</tr>
<tr>
<td><?php require_once('footer.php'); ?></td>
</tr>
</tr>
</tr>
</table>
</div>
</body>
</html>
<?php ob_end_flush(); ?>
so anyone can help me ???
The "**specialization_name**" is definitely causing a problem. * is a statement in an SQL query, and it represents basically everything (for example, SELECT * FROM someTable... means select everything from someTable). You should remove the asterisks and your query will work assuming you set it up correctly
To make things simpler from what i can see i believe you could use an ENUM field within your user table, instead of using another table. This could be an alternative for you perhaps.
Try PHP PDO, mysql_ functions in php are going to be depreciated and plus PDO is safer, and is best practice to port your application to other databases. Can't do that with Mysql_
Like this :
//We connect to the database
$host="xxxxxx"; // Host name
$username="xxxxxxx"; // Mysql username
$password="xxxxxxxxxx"; // Mysql password
$db_name="xxxxxxxx"; // Database name
// Connect to server via PHP Data Object
$dbh = new PDO("mysql:host=localhost;dbname=DBFinaid", $username, $password);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$dbh->setAttribute(PDO::ATTR_EMULATE_PREPARES, FALSE);
try {
$query = $dbh->prepare("
INSERT INTO user(user_name,
first_name,
last_name,
address,
district_name,
village_name,
birth_date,
email_address,
specialization_name,
password,
registered_date)
VALUES(':username',
':fname',
':lname',
':country',
':district',
':village',
':bdate',
':email',
':specialization',
':pass1',
now())"
);
$query->bindParam(':YOURVALUES', $YOURVALUE); // Make sure the number values in bindParam equal your values in the query
.....................................
$query->execute();
catch (PDOException $e) {
error_log($e->getMessage());
die($e->getMessage());
}
$dbh= null;
[1]: http://php.net/manual/en/book.pdo.php
Your specializationQuery function should print strings like <option value="' . $recordJob['specialization_id'] . '">' . $recordJob['specialization_name'] . '</option> instead of <option value="' . $recordJob['specialization_name'] . '">' . $recordJob['specialization_name'] . '</option>, so you get the specialization_id value that you have to insert into the user database.
I think you shouldn't use specialization_name but specialization_id in your user-table. I assume specialization_id is the key in the table specialization and you should have in your table user a foreign key (user.specialization_id) referencing the primary key of specialization table (specialization.id).
Let's say you have following specializations:
Spec1
Spec2
Spec3
then your Selection element in HTML should look like this:
<select name="specialization" class="select">
<option value="0">-- Select Your Specialization --</option>
<option value="1">Spec1</option>
<option value="2">Spec2</option>
<option value="3">Spec3</option>
</select>
Now if the user selects let's say Spec2, then your variable $specialization should have the value 2 and you should be able to insert it into the database.
Hope it helps!
There is a table:
|id name surname email |
|1 john surjohn #mail.com|
|2 peter pet #mail.com|
|.........................|
PHP:
<?php
if(isset($_POST['update']))
{
...
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$id = $_POST['id'];
$name = $_POST['name'];
$surname = $_POST['surname'];
$mail = $_POST['mail'];
$sql = "UPDATE emps ".
"SET name= '$name', surname'$surname', email='$mail' ".
"WHERE Id = $id" ;
mysql_select_db('dbase');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not update data: ' . mysql_error());
}
echo "blablablabla ! \n";
mysql_close($conn);
}
else
{
?>
<form method="post" action="<?php $_PHP_SELF ?>">
<fieldset style="width: 350px" >
<table width="400" border="0" cellspacing="1" cellpadding="2">
<tr>
<td width="100">Id </td>
<td><input name="id" type="text" id="id" value=""></td>
</tr>
<tr>
<td width="100">name</td>
<td><input type="text" maxlength="15" name="name" value="" ></td>
</tr>
<tr>
<td width="100">surname</td>
<td><input type="text" maxlength="40" name="surname" value="" ></td>
</tr>
<tr>
<td width="100"> </td>
<td>
<input name="update" type="submit" id="update" value="update">
</td>
</tr>
</table>
</fieldset>
</form>
<?php
}
?>
}
In this form i need update all fields otherwise, updated table can have null values.
I want for example, update name field, but leave surname, email existing values. ideas?
Could try something like this:
$id = $_POST['id'];
$name = $_POST['name'];
$surname = $_POST['surname'];
$mail = $_POST['mail'];
$sql = "UPDATE emps SET";
$moresql = '';
if(isset($name) && !empty($name)) {
$moresql .= " name = '$name'";
}
if(isset($surname) && !empty($surname)) {
if ($moresql) $moresql .= ',';
$moresql .= " surname = '$surname'";
}
if(isset($mail) && !empty($mail)) {
if ($moresql) $moresql .= ',';
$moresql .= " mail = '$mail'";
}
$sql .= $moresql;
$sql .= " WHERE Id = '$id'";
This is untested though.
Karl's idea is the way to go, but it can be refactored this way:
$id = $_POST['id'];
$sql = "UPDATE emps SET";
$fieldValuePairs = array();
foreach($_POST as $key => value)
if($key != 'id')
$fieldValuePairs[] = "'$key' = '$value'";
$sql .= " ". implode(',', $fieldValuePairs)." WHERE id = $id";
Note: this works only if you use input names (in the form) equal the column names (in the database).
Have a great day.