While running the below script it shows the errorError: Unknown column 'email' in 'field list'.
<?php
include("connect.php");
if($loggedin == '1')
die("You can't register another account while you're logged in.");
if(isset($_POST['submit']))
{
$uname = trim($_POST['username']);
if($_POST["regkey"]!="171717")
die("Invalid Registration Key. <br> <a href= register.php>Back</a>");
if($_POST["pass"]!=$_POST["pass2"])
die("Passwords do not match. <br> <a href= register.php>Back</a>");
// Make sure all forms were filled out.
if((!isset($_POST['username'])) || (!isset($_POST['pass']))
|| ($uname == '') || ($_POST['pass'] == ''))
die("Please fill out the form completely. <br><br>
<a href=register.php>Continue</a>");
$check = #mysql_query("SELECT id FROM players WHERE username = '$uname'");
$check = #mysql_num_rows($check);
if($check > 0)
die("Sorry, that username has already been taken. Please try again.
<br><br>
<a href=register.php>Continue</a>");
$pass = md5($_POST['pass']);
$date = date("m/d/y");
$newPlayer = #mysql_query("INSERT INTO players (username, password,
registered,callname,email) VALUES ('$uname','$pass','$date','$_POST
[callname]','$_POST[email]')") or die("Error: ".mysql_error());
echo 'You have been registered! You may now <a href=index.php>Log in</a>.';
}
else
{
// A simple example of a form.
echo '
<center>
<form action=register.php method=post>
<p>Registration is currently<b> NOT OPEN.</b><br>
You must have a valid Registration key to register.</p>
<table border="2">
<tr>
<td>Username:</td><td><input type="text" name="username" size="20px"</input>
</td>
</tr>
<tr>
<td>Callname:</td><td><input type="text" name="callname" size="20px"</input>
</td>
</tr>
<tr>
<td>Password:</td><td><input type="password" name="pass" size="20px"</input>
</td>
</tr>
<tr>
<td>Re-type Password:</td><td><input type="password" name="pass2" size="20px"</input>
</td> </tr>
<tr>
<td>Email:</td><td><input type="text" name="email" size="20px"</input></td>
</tr>
<tr><td>Registration Key:</td><td><input type="text" name="regkey" size="20px"></input>
</td> </tr>
</table>
<input type="submit" name="submit" value="Submit"></input>
</form>';
}
?>
I'm very new to PHP and can't figure out why I'm getting this Error. Shouldn't the $_POST get that value from the form?
Thanks for reading.
It means your players table does not contain an email column. You will need to add this column to your table for this script to work.
So the incorrect part in your code is
$newPlayer = #mysql_query("INSERT INTO players(username, password, registered, callname, email)
VALUES('$uname', '$pass', '$date', '$_POST[callname]', '$_POST[email]')") or die("Error: ".mysql_error());
Add an email field in your player table.
Chances are there you misspelled email in the player.
$sql = "INSERT INTO user_registration (u_name,s_father,s_schoolname,s_rollno,s_class)
VALUES ($name,$father,$school,$rollno,$class)";
Error: INSERT INTO user_registration
(u_name,s_father,s_schoolname,s_rollno,s_class) VALUES (Azhar, hassan,
Chulli_payaan,1008,10th) Unknown column 'Azhar' in 'field list'
Related
EDIT: The code now works. Added some code to the initial source code below.
So I have a database named payload and in it there's two tables; one named users and the other named tohere. Both of these tables just have two columns; userName and password. The tohere table is empty. The users table, however, has two populated rows. First row has admin and admin123 as the userName and password respectively. The second row has visitor and visitor123 as the userName and password respectively. There's a HTML form with two input fields where users enter a username and password. Now the idea is, if the username and password they enter in the form matches the records in the users table, I want those contents submitted to the tohere table which is currently empty. How do I accomplish that?
I have tried the following code which doesn't seem to work;
<html>
<head>
<title>
</title>
<?php
$message = "";
$theusername = $_POST['userName'];
$thepass = $_POST['password'];
if (count($_POST) >
0) {
$conn = mysqli_connect("localhost", "root", "", "payload");
$result = mysqli_query($conn, "SELECT * FROM users WHERE userName='" . $_POST["userName"] . "' and password = '" . $_POST["password"] . "'");
$count = mysqli_num_rows($result);
if ($count == 0) {
$message = "Invalid Username or Password!";
} else {
$sqltwo = "INSERT INTO tohere (userName, password) VALUES ('$theusername', '$thepass')";
//The below if statement was missing.
if(!mysqli_query($conn, $sqltwo)){
echo "Failed!";
}
else{
echo "Success!";
}
}
}
?>
</head>
<body>
<form action="" method="post" name="frmUser">
<div class="message">
<?php if ($message != "") {echo $message;}?>
</div>
<table align="center" border="0" cellpadding="10" cellspacing="1" class="tblLogin" width="500">
<tr class="tableheader">
<td align="center" colspan="2">
Enter Login Details
</td>
</tr>
<tr class="tablerow">
<td>
<input class="login-input" name="userName" placeholder="User Name" type="text"/>
</td>
</tr>
<tr class="tablerow">
<td>
<input class="login-input" name="password" placeholder="Password" type="password"/>
</td>
</tr>
<tr class="tableheader">
<td align="center" colspan="2">
<input class="btnSubmit" name="submit" type="submit" value="Submit"/>
</td>
</tr>
</table>
</form>
</body>
</html>
So far, this code works, but only partially. When I enter username and password not in the users table, I get the message "Invalid Username or Password!", which is fine, but when I enter records that are in the users table, the form does not get submitted to the tohere table. In fact, nothing happens. Just a blank white screen. What gives?
My register.php file is working but when submit button is clicked. This is error message I get
Notice: Use of undefined constant username - assumed 'username' in C:\xampp\htdocs\Hamza\register.php on line 18
You have been registered! Return to login page
However it does not add any users to the database though, what am I doing wrong? I believe something along INSERT INTO users VALUES is incorrect. I searched around and spent 2 hours solving it but can't figure out what's wrong. Any help would be useful, thanks.
register.php file
<?php
echo "<h1>Register</h1>";
$submit = #$_POST['submit'];
//form data
$fullname = strip_tags(#$_POST['fullname']);
$username = strip_tags(#$_POST['username']);
$password = strip_tags(#$_POST['password']);
$repeatpassword = strip_tags(#$_POST['repeatpassword']);
$date = date ("y-m-d");
if ($submit)
{
//check for existance
if ($fullname&&username&&$password&&$repeatpassword)
{
if ($password==$repeatpassword)
{
//check char length of username and fullname
if (strlen($username)>25||strlen($fullname)>25)
{
echo "Length of username or fullname is too long";
}
else
{
//check password length
if (strlen($password)>25||strlen($password)<6)
{
echo "Password must be between 6 and 25 characters";
}
else
{
//register the user!
// encrypt password
$password = md5($password);
$repeatpassword = md5($repeatpassword);
//open database
$connect = mysql_connect("localhost","root","");
mysql_select_db("phplogin"); //select database
$queryreg = mysql_query("
INSERT INTO users VALUES ('','".$fullname."','".$username."','".$password."','".$date."')
");
die ("You have been registered! <a href='index.php'>Return to login page</a>");
}
}
}
else
echo "Your passwords do not match!";
}
else
echo "Please fill in <b>all</b> fields!";
}
?>
<html>
<p>
<form action='register.php' method='POST'>
<table>
<tr>
<td>
Your full name:
</td>
<td>
<input type='text' name='fullname' value='<?php echo $fullname; ?>'
</td>
</tr>
<tr>
<td>
Choose a username:
</td>
<td>
<input type='text' name='username' value='<?php echo $username; ?>'
</td>
</tr>
<tr>
<td>
Choose a password:
</td>
<td>
<input type='password' name='password'>
</td>
</tr>
<tr>
<td>
Repeat your password:
</td>
<td>
<input type='password' name='repeatpassword'>
</td>
</tr>
</table>
<p>
<input type='submit' name='submit' value='Register'>
</form>
</html>
Check your 18th line:
if ($fullname&&username&&$password&&$repeatpassword)
You forgot to put $ sign for username.
This question already has answers here:
How can I get useful error messages in PHP?
(41 answers)
Closed 9 years ago.
I'm trying to create a sign up form. However whnever I click on the sign up button, the database does not get updated but just shows the blank signup.php page. Any ideas?
This is my php code
<?php
include("config.php");
//including config.php in our file
if (!empty($_POST['username']) && !empty($_POST['password']) && !empty($_POST['firstname']) && !empty($_POST['lastname']) && !empty($_POST['email'])){
// Now checking user name and password is entered or not.
$first_name= mysql_real_escape_string($_POST[`firstname`]);
$last_name= mysql_real_escape_string($_POST['lastname']);
$username = mysql_real_escape_string(stripslashes($_POST['username']));
$password = mysql_real_escape_string(stripslashes(md5($_POST['password'])));
$mail = mysql_real_escape_string($_POST['email']);
$check = "SELECT * from users where username = '".$user."'";
$qry = mysql_query($check);
$num_rows = mysql_num_rows($qry);
if ($num_rows > 0) {
// Check if username exists or not.
echo "The username you have entered already exists. Please try another username. Thank you";
echo 'Try Again';
exit;
}
// Insert the new user into the database
$query = "INSERT INTO Users (`firstname`,`lastname`,`email`,`username`,`password`,`is_active`) VALUES ('".$first_name."','".$last_name."','".$username."','".$password."','".$mail."','1');";
mysql_query($query);
echo "Thank You for Registering with us. You will now be able to use all our facilities.";
echo 'Click Here to login you account.';
exit;
}
?>
This is my html form
<html>
<head>
<title>Registration Page | Simple login form</title>
</head>
<body>
<div id="containt" align="center">
<form action="signup.php" method="post" class="form-signup">
<div id="header"><h2 class="sansserif">Sign up</h2></div>
<table>
<tr>
<td>Select Your Firstname:</td>
<td> <input type="text" name="firstname" size="20" placeholder="First name"><span class="required">*</span></td>
</tr>
<tr>
<td>Select Your Lastname:</td>
<td> <input type="text" name="lastname" size="20" placeholder="Last name"><span class="required">*</span></td>
</tr>
<tr>
<td>Select Your Username:</td>
<td> <input type="text" name="username" size="20" placeholder="User name"><span class="required">*</span></td>
</tr>
<tr>
<td>Select Your Password:</td>
<td><input type="password" name="password" size="20" placeholder="Password"><span class="required">*</span></td>
</tr>
<tr>
<td>Select Your Email:</td>
<td> <input type="text" name="email" size="20" placeholder="Email"><span class="required">*</span>
</td>
</tr>
<tr>
<td><input type="submit" value="Sign Up" class="btn btn-large btn-primary"></td>
</tr>
</table>
</form>
</div>
</body>
</html>
if(!empty($_POST['username']) && !empty($_POST['password']) && !empty($_POST['firstname']) && !empty($_POST['lastname'])
&& !empty($_POST['email'])){
// Now checking user name and password is entered or not.
$first_name= mysql_real_escape_string($_POST[`firstname`]);
$last_name= mysql_real_escape_string($_POST['lastname']);
$username = mysql_real_escape_string(stripslashes($_POST['username']));
$password = mysql_real_escape_string(stripslashes(md5($_POST['password'])));
$mail = mysql_real_escape_string($_POST['email']);
$check = "SELECT * from users where username = '".$user."'";
You check if username='$user' but you didn't declared any variable with the name of '$user'.
You should write:
$check = "SELECT * from users where username = '".$username."'";
I'm trying to make a website with a member section. To signup on the member section, you must already be in the database. You're given your username and password, then when you signup you can enter your email, address, and password.
So my problem is that I'm getting an error saying that the username or reg_id were incorrect, when I know that I am entering the correct info.
else {
mysql_close($con);
header("location: index.php?signup&error-msg=Incorrect Username or Registration ID.");
}
Here is my Login Form:
<form action="function.php?signup" method="post">
<table cellspacing="20" class="span12">
<tr>
<td>
<input type="text" name="name" placeholder="Full Name">
</td>
</tr>
<tr>
<td>
<input type="email" name="email" placeholder="Email">
</td>
</tr>
<tr>
<td>
<input type="text" name="address" placeholder="Address">
</td>
</tr>
<tr>
<td>
<input type="text" name="reg_id" placeholder="Your Registration ID">
</td>
</tr>
<tr>
<td>
<input type="password" name="password" placeholder="Password">
</td>
</tr>
<tr>
<td>
<input type="submit" placeholder="Confirm Signup" value="Confirm Signup">
</td>
</tr>
</table>
</form>
On the function.php I have a bunch of different functions etc. but the one for the signup form is:
elseif (isset($_GET['signup'])) {
$username = $_POST['username'];
$reg_id = $_POST['reg_id'];
$qry = mysql_query("
SELECT *
FROM users
WHERE username = '$username'
AND registration_id = '$reg_id' ", $con);
if (!$qry) {
mysql_close($con);
die("Query Failed: " . mysql_error());
} else {
$row = mysql_fetch_array($qry);
}
if ($_POST['username'] == $row["username"] && $_POST['reg_id'] == $row["registration_id"]) {
$password = $_POST['password'];
$email = $_POST['email'];
$address = $_POST['address'];
$qry = mysql_query("
INSERT INTO users
(password, profile_email, profile_address)
VALUES ('$password', '$email', '$address')", $con);
if (!$qry) {
die("Query Failed: " . mysql_error());
} else {
header('location: index.php?success-msg=You have successfully signed up');
}
}
else {
mysql_close($con);
header("location: index.php?signup&error-msg=Incorrect Username or Registration ID.");
}
}
I'm not sure what I messed up on, or if I even did that right, as I am still learning. I would like to thank anyone who helps me in advance, all help is much appreciated.
-James
$_POST['username'] should be $_POST['name'] accoding to HTML form.
Use update instead of INSERT.
Following is the corrected PATCH:
$qry = mysql_query("UPDATE users SET password='$password',profile_email='$email',profile_address='$address'
WHERE registration_id='$reg_id'");
you could use something like this :
if (isset($_GET['signup'])){//if
$username = $_POST['name'];
$reg_id = $_POST['reg_id'];
$qry = mysql_query("SELECT * FROM users WHERE username='$username' AND registration_id='$reg_id'", $con) or die(mysql_error());
$row=mysql_num_rows($qry);
if($row == '1'){ ///if regcode exists
////insert into database
$password = $_POST['password'];
$email = $_POST['email'];
$address = $_POST['address'];
$qry2 = mysql_query("INSERT INTO
users(password,profile_email,profile_address)
VALUES ('$password','$email','$address')", $con) or die(mysql_error());
header('location: index.php?success-msg=You have successfully signed up');
}///if regcode exists
else{
///didn't find the reg id
header("location: index.php?signup&error-msg=Incorrect Username or Registration ID.");
}
}//if
I have link change password in my home page..NOw i am telling you what i am doing...
First of all i creating a html form named edit_profile.php in which i have three textboxes old password,new password,confirm password.I have attcahed this page as a link to home page for changing password.
Next page i have designed named edit_profile1.php in which i am comaparing if new password and confirm passwords are equal or not
Then i making a query to search data with password = old password
But this page is not working.Now i am giving you the code both files and in last i will tell you what type error i am facing..
edit_profile.php
<?php
session_start();
?>
<html>
<body bgcolor="pink">
<table cellpadding="10" cellspacing="6" align="center" width="500">
<form name="form" action="edit_profile1.php" method="POST" >
<tr>
<td><b><i>Your Username</i></b></td>
<td><input type="text" name="username" id="username" size="30" maxlength="30" value="<?php echo $_SESSION['employee']['username']; ?>" disabled="disabled"></td>
</tr>
<tr>
<td><b><i>Old Password</i></b></td>
<td><input type="password" name="opassword" id="opassword" size="30" maxlength="30" value="" ></td>
</tr>
<tr>
<td><b><i>New Password</i></b></td>
<td><input type="password" name="npassword" id="npassword" size="30" maxlength="30" value="" ></td>
</tr>
<tr>
<td><b><i>Confirm Password</i></b></td>
<td><input type="password" name="cpassword" id="cpassword" size="30" maxlength="30" value="" ></td>
</tr>
<tr>
<td align="center" colspan="100"> <input type="submit" name="submit" value="Change Password"></td>
</tr>
</table>
</body>
</html>
Next Page
Next page is for edit_profile1.php
<?php
session_start();
if(isset($_POST['opassword']) && ($_POST['npassword']))
{
$con=mysql_connect("localhost","root","");
if(!$con)
{
die('Could Not Connect:'.mysql_error());
}
mysql_select_db("tcs",$con);
$a=$_POST['opassword']; //old password value
$b=$_POST['npassword']; //new password value
$c=$_POST['cpassword'];
if ($b==$c) //checking if both new passowrd and c.password are equal or not
{
$pwd=hash('sha1',$b); //new value is assigned to pwd variable
$usr=$_SESSION['employee']['username']; //this varaible have value of username
$query="select * from employee where Username='{$usr}' and Password='{$a}'";
$result=mysql_query($query,$con);
$count = mysql_num_rows($result);
if ($count == 1)
{
$sql="update employee set Password='$pwd'";
$deepak=mysql_query($sql,$con);
if($deepak)
{
echo "Updation Successfull";
}
else
{
echo "Updation Not Possible.Some Error is there";
}
}
else
{
echo "There is some problem in macthing the old password with database password";
}
}
else
{
echo "Both Passwords are Not equal";
}
}
else
{
echo 'Error! Passwords were not sent!';
}
?>
<html>
<body bgcolor="orange">
<h4 style="position: relative;">Home Page</h4>
</body>
</html>
Error:
Every time i try to execute my programe the error is
Thhere is some problem in macthing the old password with database password
Now i am not getting where i am falling wrong.In database i have only one user row.Plz tell me what is error
Shouldn't
$query="select * from employee where Username='{$usr}' and Password='{$c}'";
be
$a = hash('sha1', $a); // added after conversation in comments
$query="select * from employee where Username='{$usr}' and Password='{$a}'";
instead? ($a instead of $c..)
Your script seems vulnerable to mysql-injection!
Apply mysql_real_escape_string to every value you insert in your SQL-Query!
It may be possible that your comparison doesn't work because there are extra spaces in the values your retrieve from the form. Try:
$a=trim($_POST['opassword']); //old password value
$b=trim($_POST['npassword']); //new password value
$c=trim($_POST['cpassword']);
Also:
if(isset($_POST['opassword']) && ($_POST['npassword']))
will not work.
You have to use:
isset($_POST['opassword']) && isset($_POST['npassword'])