I have this problem while updating my database, so, it all works, i mean i have the form, it prints the values, but when i try to update it, everything gets updated apart from the username and password..
Here is the code i use..
Thanks!
if ($Act=='Save') {
mysql_query("BEGIN");
$sql = "Insert into tbl_galleries (gal_title,gal_image,username,password) Values (";
$sql.= "'". strip_tags(mysql_real_escape_string(trim($gal_title))). "','". strip_tags(mysql_real_escape_string(trim($gal_image))) ."','". strip_tags(mysql_real_escape_string(trim($username))). "',,'". strip_tags(mysql_real_escape_string(trim($password))). "',);";
$query = mysql_query($sql);
if(!$query){
mysql_query("ROLLBACK");
$myErrorsUpGr = mysql_error();
echo $myErrorsUpGr;
} else {
mysql_query("COMMIT");
echo 'Insertion was successfull.';
}
} else if ($Act=='Update'){
mysql_query("BEGIN");
$sql = " Update tbl_galleries set ";
$sql.= " gal_title='" . strip_tags(mysql_real_escape_string(trim($gal_title))) . "',";
$sql.= " gal_image='" . strip_tags(mysql_real_escape_string(trim($gal_image))) . "'";
$sql.= " where gal_id=" . $gal_id . ";";
$sql.= " username='" . strip_tags(mysql_real_escape_string(trim($username))) . "',";
$sql.= " password='" . strip_tags(mysql_real_escape_string(trim($password))) . "',";
<?php
include_once("db/envato_db.php");
if ($_SERVER['QUERY_STRING']!='')
{
$sql = "";
$sql = "SELECT gal_id,gal_title,gal_image,username,password FROM tbl_galleries where gal_id='" . $_REQUEST['gid'] ."';";
$query = mysql_query($sql) or $myErrorsP = mysql_error();
if(isset($myErrors) && $myErrorsP!='')
{
}
else
{
$row = mysql_fetch_row($query);
mysql_free_result($query);
$gal_id = $row[0];
$gal_title = $row[1];
$gal_image = $row[2];
$username = $row[3];
$password = $row[4];
}
}
?>
<tr>
<td width="104">Gallery Title:</td>
<td width="556"><input type="text" id="gtitle" name="gtitle" class="typeText" maxlength="50" value="<?php echo isset($gal_title)? $gal_title : ""?>" tabindex="1" /></td>
</tr>
<tr>
<td>Gallery Image:</td>
<td>
<input type="text" id="gimg" name="gimg" class="typeText" maxlength="100" value="<?php echo isset($gal_image)? $gal_image : ""?>" readonly/>
<input type="file" name="gimg_upl" id="gimg_upl"/>
Upload
</td>
</tr>
<tr>
<td width="104">Username:</td>
<td width="556"><input type="text" id="gusername" name="gusername" class="typeText" maxlength="50" value="<?php echo isset($username)? $username : ""?>" tabindex="1" /></td>
</tr>
<tr>
<td width="104">Password:</td>
<td width="556"><input type="text" id="gpassword" name="gpassword" class="typeText" maxlength="50" value="<?php echo isset($password)? $password : ""?>" tabindex="1" /></td>
</tr>
</table>
<table id="savetbl" style="width:680px;" cellpadding="3">
<tr>
<td align="center" colspan="2">
<?php
if(isset($gal_id) && $gal_id!='')
{
if(!isset($myErrorsP))
{
?>
<input type="button" value="» Update «" class="but" name="button" alt="Update" title="Update" onClick="Do_Update('Update', '<?php echo $gal_id?>');" tabindex="3">
<?php
}
}
else
{
if(!isset($myErrorsP))
{
?>
<input type="button" value="» Save «" class="but" name="button" alt="Save" title="Save" onClick="Do_Update('Save','0');" tabindex="3">
<?php
}
}
?>
</td>
</tr>
On your code you have this :
$sql.= " where gal_id=" . $gal_id . ";";
$sql.= " username='" . strip_tags(mysql_real_escape_string(trim($username))) . "',";
$sql.= " password='" . strip_tags(mysql_real_escape_string(trim($password))) . "',";
Try to set the where clause after the update of username & password :
$sql.= " username='" . strip_tags(mysql_real_escape_string(trim($username))) . "',";
$sql.= " password='" . strip_tags(mysql_real_escape_string(trim($password))) . "'";
$sql.= " where gal_id=" . $gal_id . ";";
Try this
$sql.= " where gal_id=" . $gal_id . ";";
$sql.= "AND username='" . strip_tags(mysql_real_escape_string(trim($username))) . "',";
$sql.= "AND password='" . strip_tags(mysql_real_escape_string(trim($password))) . "',";
Lines 22, 23, and 24 of your sample code
Related
i want to update rows in my table postgresql using php , i can't have my rows updated , and no error is displayed , i don't see the problem in my script ! here is my table structure:
CREATE TABLE chercheur
(
nomcher text,
idfcher text NOT NULL,
precher text,
passcher text,
mailcher text,
gradcher text,
naisscher date,
lieucher text,
divicher text,
CONSTRAINT "Chercheur_pkey" PRIMARY KEY (idfcher)
)
and the program:
$conn = pg_pconnect("dbname=postgres host=localhost port=5432 user=postgres password=postgres");
if ($conn) {
//print "Successfully connected to database: " . pg_dbname($conn) .
// " on " . pg_host($conn) . "</br>\n";
$id = pg_escape_string($_POST['identif']);
$result = pg_query($conn, "SELECT * from chercheur WHERE idfcher='" . $id . "';");
} else {
print pg_last_error($conn);
exit;
}
if (!$result) {
$errormessage = pg_last_error();
echo "Error with query: " . $errormessage;
exit();
} else {
while ($myrow = pg_fetch_row($result)) {
echo '<hr><h2>Informations du chercheur trouvé:</h2>';
echo '<table>
<tr>
<td><label for="nom">Nom du chercheur</label></td>
<td><input value="' . $myrow[0] . '" name="nom" id="nom" type="text" /></td>
</tr>
<td> <label for="prenom">Prenom du chercheur</label></td>
<td> <input value="' . $myrow[2] . '" name="prenom" id="prenom" type="text" /></td>
</tr>
<tr>
<td><label for="user">Identifiant </label></td>
<td><input value="' . $myrow[1] . '" name="user" id="user" type="text" /></td>
</tr>
<tr>
<td><label for="pass">Mot de passe</label></td>
<td><input value="' . $myrow[3] . '" name="pass" id="pass" type="password" /></td>
</tr>
<td><label for="mail">Email du chercheur</label></td>
<td><input value="' . $myrow[4] . '" name="mail" id="mail" type="email" /></td>
</tr>
<td><label for="grade">Grade</label></td>
<td> <input value="' . $myrow[5] . '" name="grade" id="grade" type="text" /></td>
</tr>
<tr>
<td><label for="naiss">Date de naissance</label></td>
<td><input value="' . $myrow[6] . '" name="naiss" id="naiss" type="date" /></td>
</tr>
<tr>
<td><label for="lieu">Lieu de naissance</label></td>
<td><input value="' . $myrow[7] . '" name="lieu" id="lieu" type="text" /></td>
</tr>
<tr>
<td><label for="divis">Division</label></td>
<td><input value="' . $myrow[8] . '" name="divis" id="divis" type="text" /></td>
</tr><tr><td> </td></tr>
<tr>
<td></td> <td><button name="submit2" id="submit2" type="submit" >Mettre à jour</button>
<button name="annuler" id="annuler" type="reset" >Réinitialiser</button></td>
</tr>
</table>';
if ((isset($_POST['submit2']))) {
$idf = pg_escape_string($_POST['user']);
$pass = pg_escape_string($_POST['pass']);
$name = pg_escape_string($_POST['nom']);
$pre = pg_escape_string($_POST['prenom']);
$mail = pg_escape_string($_POST['mail']);
$naissance = pg_escape_string($_POST['naiss']);
$lieu = pg_escape_string($_POST['lieu']);
$division = pg_escape_string($_POST['divis']);
$gr = pg_escape_string($_POST['grade']);
$result = pg_query($conn, "UPDATE chercheur SET nomcher='" . $name . "' and
precher='" . $pre . "' and passcher='" . $pass . "' and mailcher='" . $mail . "' and naisscher=date('" . $naissance . "')
and lieucher='" . $lieu . "' and divicher='" . $division . "'and gradcher='" . $gr . "'
where idfcher='" . $idf . "';");
if (!$result) {
$errormessage = pg_last_error();
echo "Error with query: " . $errormessage;
exit();
} else {
echo "mise à jour avec succès";
}
}
}
}
pg_free_result($result);
pg_close();
?>
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 8 years ago.
Improve this question
<?php
include("Header.php");
echo "<br>";
$stockCode = "";
$stockItem = "";
$stockLeft = "";
$stockOut = "";
$minimum = "";
$pricePI = "";
$location = "";
// Check if posts are set
if(isset($_POST['stockCode'])){
$stockCode = $_POST['stockCode'];
}
if(isset($_POST['stockItem'])){
$stockItem = $_POST['stockItem'];
}
if(isset($_POST['stockLeft'])){
$stockLeft = $_POST['stockLeft'];
}
if(isset($_POST['stockOut'])){
$stockOut = $_POST['stockOut'];
}
if(isset($_POST['minimum'])){
$minimum = $_POST['minimum'];
}
if(isset($_POST['pricePI'])){
$pricePI = $_POST['pricePI'];
}
if(isset($_POST['location'])){
$location = $_POST['location'];
}
// Do validation before adding to database
if(
($stockCode == null)||
($stockItem == null)||
($stockLeft == null)||
($stockOut == null)||
($pricePI == null)||
($location == null)||
($location == "Select Location")
){
echo "<div class='font3'>Fields Stock Code, Stock Item, Stock Left, Stock Out, Price Per Item and location must be filled.</div>";
} else {
// Write to database
$connection = mysqli_connect($host,$user,$pass,$dbnm);
// Check to see if the Stock Code already exists in the database
$checkQ = "SELECT COUNT(*) FROM Ekhaya_Inventory WHERE ((ekhaya_inventory_stock_code = '" . $stockCode . "') AND (ekhaya_inventory_location = '" . $location . "'))";
$result = mysqli_query($connection,$checkQ);
while($row[0] = mysqli_fetch_array($result)){
echo $row[0];
if($row[0] == 0){
$quick_cal = $stockLeft * $pricePI;
$formated_cal = number_format($quick_cal,2);
$myquery =
"INSERT INTO Ekhaya_Inventory
(
ekhaya_inventory_stock_code,
ekhaya_inventory_stock_item,
ekhaya_inventory_quantity_stock_left,
ekhaya_inventory_quantity_stock_out,
ekhaya_inventory_quantity_minimum,
ekhaya_inventory_price_per_item,
ekhaya_inventory_value_of_stock_left,
ekhaya_inventory_location,
ekhaya_inventory_date_time_modified
)
VALUES
(
'" . $stockCode . "',
'" . $stockItem . "',
'" . $stockLeft . "',
'" . $stockOut . "',
'" . $minimum . "',
'" . $pricePI . "',
'" . $formated_cal . "',
'" . $location . "',
'" . $date . "'
)
";
mysqli_query($connection,$myquery);
echo "<div class='font3'>New Item Added Successfully</div>";
// Add a log to database
$query =
"INSERT INTO Ekhaya_Logs
(
ekhaya_logs_name,
ekhaya_logs_surname,
ekhaya_logs_username,
ekhaya_logs_activity,
ekhaya_logs_ip_address,
ekhaya_logs_date_time
) VALUES (
'" . $_SESSION['SECURE#NAME'] . "',
'" . $_SESSION['SECURE#SURNAME'] . "',
'" . $_SESSION['SECURE#USERNAME'] . "',
'" . $_SESSION['SECURE#NAME'] . " " . $_SESSION['SECURE#SURNAME'] . " added [ITEM] Stock Code: " . $stockCode . " to " . $location . "'s inventory',
'" . $_SERVER['REMOTE_ADDR'] . "',
'" . $date . "')";
mysqli_query($connection,$query);
} else {
echo "<div style='color:red' class='font3'>Stock Code " . $stockCode . " already exists for " . $location . "</div>";
}
}
mysqli_close($connection);
$stockCode = "";
$stockItem = "";
$stockLeft = "";
$stockOut = "";
$minimum = "";
$pricePI = "";
$location = "";
}
?>
</br>
<form action="AddItem.php" method="post">
<table class="table_mod">
<tr>
<td class="td_mod">
Stock Code:
</td>
<td class="td_mod">
<input type="text" name="stockCode">
</td>
</tr>
<tr>
<td class="td_mod">
Stock Item:
</td>
<td class="td_mod">
<input type="text" name="stockItem">
</td>
</tr>
<tr>
<td class="td_mod">
Stock Left:
</td>
<td class="td_mod">
<input type="text" name="stockLeft">
</td>
</tr>
<tr>
<td class="td_mod">
Stock Out:
</td>
<td class="td_mod">
<input type="text" name="stockOut">
</td>
</tr>
<tr>
<td class="td_mod">
Minimum:
</td>
<td class="td_mod">
<input type="text" name="minimum">
</td>
</tr>
<tr>
<td class="td_mod">
Price Per Item:
</td>
<td class="td_mod">
<input type="text" name="pricePI">
</td>
</tr>
<tr>
<td class="td_mod">
Location:
</td>
<td class="td_mod">
<select class="textbox_login" name="location">
<option>Select Location</option>
<option value="Tech Stud">Tech Stud</option>
</select>
</td>
</tr>
<tr>
<td>
<input type="Submit" value="Submit New Item">
</td>
</tr>
</table>
</form>
Can someone please tell me why this is not working ? The main if statement pushes out this item already exists but the data does note exist in the database. And when i use the mysqli count function it always returns 1.
There is a bug in your while loop assignment. Change this line:
while($row[0] = mysqli_fetch_array($result)){
To this:
while($row = mysqli_fetch_array($result)){
You might consider generally using var_dump instead of echo when debugging. It can provide more insight into what's actually going on.
Hello I can't get my DB to update. If I run it in mySQL querybox the query works but not in my php code...
I don't get any errors but it just will not update.
Can someone help me?
php
if(isset($_POST['btnSignup']))
{
$con=mysqli_connect('test', 'test', 'test', 'test');
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
if (isset($name)) {
mysqli_query($con,
"UPDATE `tbl_klant` \n"
. " SET `kl_aanspreek`= \'$aansp\',\n"
. " `kl_voornaam`= \'$voornaam\',\n"
. " `kl_achternaam`= \'$achternaam\',\n"
. " `kl_email`= \'$email\',\n"
. " `kl_gsm`= $gsm ,\n"
. " `kl_fax`= $fax ,\n"
. " `kl_telefoon`= $telefoon,\n"
. " `kl_straat`= \'$straat\',\n"
. " `kl_postcode`= $post,\n"
. " `kl_gemeente`= \'$gemeente\',\n"
. " `kl_huisnr`= $huisnr,\n"
. " `kl_firmanaam`= \'$firma\',\n"
. " `kl_btwnr`= \'$btwnr\'\n"
. "WHERE `klant_id`= $name");
}else {
echo "werkt niet";
}
echo "voorbij query";
mysqli_close($con);
}
html
<form name="regForm" method="post" action="<?php $_PHP_SELF ?>" onsubmit="return(validateRegistreer());">
<table width="400" border="0" cellspacing="1" cellpadding="2">
<tr>
<td >Aanspreek titel</td>
<td><select name="kl_aanspreek" id="kl_aanspreek">
<option value="Dhr.">Dhr.</option>
<option value="Mevr.">Mevr.</option>
</select>
</td>
</tr>
<tr>
<td >Voornaam *</td>
<td><input name="kl_voornaam" type="text" id="kl_voornaam" required value="<?php echo $voornaam ?>"></td>
</tr>
<tr>
<td >Achternaam *</td>
<td><input name="kl_achternaam" type="text" id="kl_achternaam" required value="<?php echo $achternaam ?>"></td>
</tr>
the code of the table repeat itself
<tr>
<td width="100"> </td>
<td>
<input name="btnSignup" type="submit" id="btnSignup" value="Wijzig" >
</td>
</tr>
</table>
try next
$query = "UPDATE tbl_klant SET kl_aanspreek= '$aansp',
kl_voornaam= '$voornaam'
kl_achternaam= '$achternaam',
kl_email= '$email',
kl_gsm= '$gsm' ,
kl_fax= '$fax' ,
kl_telefoon= '$telefoon',
kl_straat= '$straat',
kl_postcode= '$post',
kl_gemeente= '$gemeente',
kl_huisnr= '$huisnr',
kl_firmanaam= '$firma',
kl_btwnr= '$btwnr'
WHERE klant_id= '$name'";
mysqli_query($con,$query);
Try :
if(isset($_POST['btnSignup']))
{
$con=mysqli_connect('test', 'test', 'test', 'test');
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
if (isset($name)) {
if(!mysqli_query($con,
"UPDATE `tbl_klant` "
. " SET `kl_aanspreek`= '$aansp',"
. " `kl_voornaam`= '$voornaam',"
. " `kl_achternaam`= '$achternaam',"
. " `kl_email`= '$email',"
. " `kl_gsm`= $gsm ,"
. " `kl_fax`= $fax ,"
. " `kl_telefoon`= $telefoon,"
. " `kl_straat`= '$straat',"
. " `kl_postcode`= $post,"
. " `kl_gemeente`= '$gemeente',"
. " `kl_huisnr`= $huisnr,"
. " `kl_firmanaam`= '$firma',"
. " `kl_btwnr`= '$btwnr'"
. " WHERE `klant_id`= $name")){
echo("Error description: " . mysqli_error($con));
}
}else {
echo "werkt niet";
}
echo "voorbij query";
mysqli_close($con);
}
I have a database called test. In it there is a table called people. People has 4 fields: fname, lname, age, city. I have a page with a form where people can enter in data.
<?php
include('header.php');
?>
<body>
<form action="getinformation.php" method="post" id="getinformation">
<div id="header">
<h1><strong>Search For Data</h1></strong>
</div>
<div id="main">
<table border="0" width="75%">
<tr>
<td align="right" width="10%">First Name: </td>
<td><input type="text" name="fname" id="fname" size="20" /></td>
</tr>
<tr>
<td align="right" width="10%">Last Name: </td>
<td><input type="text" name="lname" id="lname" size="20" /></td>
</tr>
<tr>
<td align="right" width="10%">Age: </td>
<td><input type="text" name="age" id="age" size="3" /></td>
</tr>
<tr>
<td align="right" width="10%">City: </td>
<td><input type="text" name="city" id="city" size="20" /></td>
</tr>
</table>
<input type="submit" />
</div>
</body>
<?php
include('footer.php');
?>
When the submit button is clicked it will send the data to another page named getinformation.php.
<?php
require_once('model.php');
$query = "SELECT * FROM people WHERE";
if (isset ($POST_fname) {
$fname = $_POST['fname'];
$query = $query . " fname = " . $fname . " AND" }
if (isset ($POST_lname) {
$lname = $_POST['lname'];
$query = $query . " lname = " . $lname . " AND" }
if (isset ($POST_age) {
$age = $_POST['age'];
$query = $query . " age = " . $age . " AND" }
if (isset ($POST_city) {
$city = $_POST['city'];
$query = $query . " city = " . $city . " AND" }
$query = rtrim($query, " AND");
?>
<div id=/"header/">
<h1><strong>This is the information you requested</h1></strong>
</div>
<div id=/"main/">
<?php
$statement = $db->prepare($query);
$statement->execute();
$products = $statement->fethAll();
$statement->closeCursor();
foreach ($products as $product) {
echo $product['fname'] . " " . $product['lname'] . " | " . $product['age'] . " | " . $product['city'] . '<br />';
?>
</div>
<?php
include('footer.php');
?>
I get an error
Parse error: syntax error, unexpected '{' in C:\Program Files\wamp\www\testwebpage\Model\getinformation.php on line 6
I have had this problem before with my isset function but aside from that working I'm wondering if the rest of the code looks fine (assuming isset worked perfectly)
You have a syntax error - missing closing parenthesis:
if (isset ($POST_fname) {
Should be
if (isset ( ..... ) ) {
You forgot to close the ) everywhere after isset and didn't put semicolons after "AND". Here is the fixed file:
<?php
require_once('model.php');
$query = "SELECT * FROM people WHERE";
if (isset ($POST_fname)) {
$fname = $_POST['fname'];
$query = $query . " fname = '" . $fname . "' AND";
}
if (isset ($POST_lname)) {
$lname = $_POST['lname'];
$query = $query . " lname = '" . $lname . "' AND";
}
if (isset ($POST_age)) {
$age = $_POST['age'];
$query = $query . " age = '" . $age . "' AND";
}
if (isset ($POST_city)) {
$city = $_POST['city'];
$query = $query . " city = '" . $city . "' AND";
}
$query = rtrim($query, " AND");
?>
<div id=/"header/">
<h1><strong>This is the information you requested</h1></strong>
</div>
<div id=/"main/">
<?php
$statement = $db->prepare($query);
$statement->execute();
$products = $statement->fethAll();
$statement->closeCursor();
foreach ($products as $product) {
echo $product['fname'] . " " . $product['lname'] . " | " . $product['age'] . " | " . $product['city'] . '<br />';
}
?>
</div>
<?php
include('footer.php');
?>
Forgot the ( at end of the if. look at the line 6 as said in the error output.
(isset ($POST_fname)
be carfull
isset() is a expression that have 2 parenteses"(" ")" you opened, but din't close.
on every 'if' do this
if(isset(anything))
any other problem, come here !
First of all sorry for my language. I am a doing a shopping cart application for my assignment for college. I have a problem with registration for. The problem is that it is inserting the first query
$addsql = "INSERT INTO customers(forename, surname, add1, add2, add3, postcode, phone, email, registered)
VALUES('"
. strip_tags(addslashes($_POST['forenameBox'])) . "', '"
. strip_tags(addslashes($_POST['surnameBox'])) . "', '"
. strip_tags(addslashes($_POST['add1Box'])) . "', '"
. strip_tags(addslashes($_POST['add2Box'])) . "', '"
. strip_tags(addslashes($_POST['add3Box'])) . "', '"
. strip_tags(addslashes($_POST['postcodeBox'])) . "', '"
. strip_tags(addslashes($_POST['phoneBox'])) . "', '"
. strip_tags(addslashes($_POST['emailBox'])) . "',
1)";
mysql_query($addsql);
and it does not insert the second one.
$customer_id = mysql_insert_id(); // Gets The id Of Last MySql INSERT Query
$insert_query = 'INSERT INTO logins (
username,
password,
customer_id
)
VALUES
(
"' . $_POST['userregBox'] . '",
"' . md5($_POST['passregBox']) . '",
"' . $customer_id . '",
)';
mysql_query($insert_query);
header("Location: " . $basedir . "login.php?ok=1");
I tried different approaches with no result. I am using Xammp.
Here is the full code
<?php
session_start();
require_once("db.php");
/* Checking if user is logged in, if not redirecting to the main page */
if(isset($_SESSION['SESS_LOGGEDIN']) == TRUE) {
header("Location: " . $config_basedir);
}
if($_POST['login'])
{
$loginsql = "SELECT * FROM logins
WHERE username = '" . $_POST['userBox'] . "' AND password = '" . $_POST['passBox'] . "'";
$loginres = mysql_query($loginsql);
$numrows = mysql_num_rows($loginres);
if($numrows == 1)
{
$loginrow = mysql_fetch_assoc($loginres);
session_register("SESS_LOGGEDIN");
session_register("SESS_USERNAME");
session_register("SESS_USERID");
$_SESSION['SESS_LOGGEDIN'] = 1;
$_SESSION['SESS_USERNAME'] = $loginrow['username'];
$_SESSION['SESS_USERID'] = $loginrow['id'];
$ordersql = "SELECT id FROM orders WHERE customer_id = " . $_SESSION['SESS_USERID'] . " AND status <2";
$orderres = mysql_query($ordersql);
$orderrow = mysql_fetch_assoc($orderres);
session_register("SESS_ORDERNUM");
$_SESSION['SESS_ORDERNUM'] = $orderrow['id'];
header("Location: " . $config_basedir);
}
else
{
header("Location: http://" . $HTTP_HOST . $SCRIPT_NAME . "?error=1");
}
}
if($_POST['register'])
{
$loginchecksql = "SELECT * FROM logins
WHERE username = '" . $_POST['userBox'] . "'";
$logincheckres = mysql_query($loginchecksql);
$loginchecknumrows = mysql_num_rows($logincheckres);
if($loginchecknumrows == 1)
{
header("Location: http://" . $HTTP_HOST . $SCRIPT_NAME . "?error=3");
}
else{
if(empty($_POST['forenameBox']) ||
empty($_POST['surnameBox']) ||
empty($_POST['add1Box']) ||
empty($_POST['add2Box']) ||
empty($_POST['add3Box']) ||
empty($_POST['postcodeBox']) ||
empty($_POST['phoneBox']) ||
empty($_POST['userregBox']) ||
empty($_POST['passregBox']) ||
empty($_POST['emailBox']))
{
header("Location: " . $basedir . "login.php?error=2");
exit;
}
$addsql = "INSERT INTO customers(forename, surname, add1, add2, add3, postcode, phone, email, registered)
VALUES('"
. strip_tags(addslashes($_POST['forenameBox'])) . "', '"
. strip_tags(addslashes($_POST['surnameBox'])) . "', '"
. strip_tags(addslashes($_POST['add1Box'])) . "', '"
. strip_tags(addslashes($_POST['add2Box'])) . "', '"
. strip_tags(addslashes($_POST['add3Box'])) . "', '"
. strip_tags(addslashes($_POST['postcodeBox'])) . "', '"
. strip_tags(addslashes($_POST['phoneBox'])) . "', '"
. strip_tags(addslashes($_POST['emailBox'])) . "',
1)";
mysql_query($addsql);
$customer_id = mysql_insert_id(); // Gets The id Of Last MySql INSERT Query
$insert_query = 'INSERT INTO logins (
username,
password,
customer_id
)
VALUES
(
"' . $_POST['userregBox'] . '",
"' . md5($_POST['passregBox']) . '",
"' . $customer_id . '",
)';
mysql_query($insert_query);
header("Location: " . $basedir . "login.php?ok=1");
}
}
else
{
require_once("header.php");
?>
<?php
if($_GET['ok'] == 1) {
echo "<b>Your registration was succesfull</b><p>Start shooping now</p>";
}
else
{
?>
<?php
if($_GET['error'] == 1) {
echo "<b>Incorrect details, please try again</b>";
}
?>
<?php
if($_GET['error'] == 2) {
echo "<b>Please fill all fields</b>";
}
?>
<?php
if($_GET['error'] == 3) {
echo "<b>User name exist</b>";
}
?>
<div style="width:50%;float:left;">
<fieldset style="width:90%;background:#fff; ">
<legend>Customer Login</legend>
<form action="<?php echo $SCRIPT_NAME; ?>" method="POST">
<ul>
<li>
<fieldset>
<legend>Username</legend>
<div>
<input type="textbox" name="userBox" class="text" />
</div>
<p class="guidelines">Please enter your username</p>
</fieldset>
</li>
<li>
<fieldset>
<legend>Password</legend>
<div>
<input type="password" name="passBox" class="text" />
</div>
<p class="guidelines">Please enter your password</p>
</fieldset>
</li>
<li>
<button type="submit" name="login" value="login">Log In</button>
</li>
</ul>
</form>
</fieldset>
</div>
<div style="width:50%;float:right;">
<fieldset style="width:95%;background:#fff; ">
<legend>Register</legend>
<form action="<?php echo $SCRIPT_NAME; ?>" method="POST">
<ul>
<li>
<fieldset>
<legend>Username</legend>
<div>
<input type="textbox" name="userregBox" class="text" />
</div>
<p class="guidelines">Please enter your username</p>
</fieldset>
</li>
<li>
<fieldset>
<legend>Password</legend>
<div>
<input type="password" name="passregBox" class="text" />
</div>
<p class="guidelines">Please enter your password</p>
</fieldset>
</li>
<li>
<fieldset>
<legend>Delivery details</legend>
<table style="width:99%;">
<tr>
<td>Forename</td>
<td><input type="text" name="forenameBox" class="text"></td>
</tr>
<tr>
<td>Surname</td>
<td><input type="text" name="surnameBox" class="text"></td>
</tr>
<tr>
<td>House Number, Street</td>
<td><input type="text" name="add1Box" class="text"></td>
</tr>
<tr>
<td>Town/City</td>
<td><input type="text" name="add2Box" class="text"></td>
</tr>
<tr>
<td>County</td>
<td><input type="text" name="add3Box" class="text"></td>
</tr>
<tr>
<td>Postcode</td>
<td><input type="text" name="postcodeBox" class="text"></td>
</tr>
<tr>
<td>Phone</td>
<td><input type="text" name="phoneBox" class="text"></td>
</tr>
<tr>
<td>Email</td>
<td><input type="text" name="emailBox"class="text"></td>
</tr>
</table>
</fieldset>
</li>
<li>
<button type="submit" name="register" value="Register">Register</button>
</li>
</ul>
</form>
</fieldset>
</div>
<?php
}
}
require_once("footer.php");
?>
You have an extra comma.
Change
"' . $customer_id . '",
to
"' . $customer_id . '"
in your INSERT INTO LOGINS query.