Click here to Skip to main content
15,898,373 members
Search within:


My PHP code for user registration is not working
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
HTML
PHP
forms
html code usersignup.html (file should be php?)

	<div id="Sign-Up" align=center> <fieldset style="width:30%">
<legend>Registration Form</legend> <table border="0"> <tr> <form method="POST" action="signup.php"> 
<td>Name</td><td> <input type="text" name="name"></td> </tr> <tr> <td>Email</td><td> 
<input type="text" name="email"></td> </tr> <tr> <td>UserName</td><td> <input type="text" name="username"></td> </tr> <tr> 
<td>Password</td><td> <input type="password" name="password"></td> </tr> <tr> <td>Confirm Password </td><td><input type="password" name="passwordcf"></td> 
</tr> <tr> <td><input id="button" type="submit" name="submit" value="Sign-Up"></td><td></form><a  href="/lopology/userarea.html">User Area</a></td> </tr>  </table> </fieldset> 
</div>


singup.php

<?php define('DB_HOST', 'kileva.com:3307'); define('DB_NAME', 'kilevaforms'); define('DB_USER','kwiknotes'); 
define('DB_PASSWORD','H{fAVAQ6w,KQ'); $con=mysql_connect(DB_HOST,DB_USER,DB_PASSWORD) or 
die("Failed to connect to MySQL: " . mysql_error()); $db=mysql_select_db(DB_NAME,$con) or 
die("Failed to connect to MySQL: " . mysql_error()); function NewUser() 
{ $fullname = $_POST['name']; $userName = $_POST['username']; $email = $_POST['email']; 
$password = $_POST['password']; $query = "INSERT INTO user1 (fullname,userName,email,password) VALUES 
('$fullname','$userName','$email','$password')";  $data = mysql_query ($query)or die(mysql_error()); 
if($data) { echo "YOUR REGISTRATION IS COMPLETED..."; } } function SignUp() { if(!empty($_POST['username'])) 
//checking the 'user' name which is from Sign-Up.html, is it empty or have some text { $query = 
mysql_query("SELECT * FROM user1 WHERE userName = '$_POST[username]' AND pass = '$_POST[password]'") or die(mysql_error()); 
if(!$row = mysql_fetch_array($query) or die(mysql_error())) { newuser(); ; } else { echo "SORRY...YOU ARE ALREADY REGISTERED USER..."; } } } 
if(isset($_POST['submit'])) { SignUp(); } ?>


What I have tried:

I have checked that the db fields are correct and that the hostname, db name and user name, password are correct
Posted
Updated 25-Dec-17 4:39am
Add a Solution

2 solutions

PHP
mysql_query("SELECT * FROM user1 WHERE userName = '$_POST[username]' AND pass = '$_POST[password]'")

Not a solution to your question, but another problem you have.
Never build an SQL query by concatenating strings. Sooner or later, you will do it with user inputs, and this opens door to a vulnerability named "SQL injection", it is dangerous for your database and error prone.
A single quote in a name and your program crash. If a user input a name like "Brian O'Conner" can crash your app, it is an SQL injection vulnerability, and the crash is the least of the problems, a malicious user input and it is promoted to SQL commands with all credentials.
SQL injection - Wikipedia[^]
SQL Injection[^]
SQL Injection Attacks by Example[^]
PHP: SQL Injection - Manual[^]
SQL Injection Prevention Cheat Sheet - OWASP[^]
 
Share this answer
 
Posted 
mysql_query("SELECT * FROM user1 WHERE userName = '$_POST[username]' AND pass = '$_POST[password]'")
This query has some syntax error near $_POST[username] and $_POST[password] these should be $_POST['username'] and $_POST['password']
 
Share this answer
 
Posted
Updated 25-Dec-17 17:14pm
v2
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month

Advertise
Privacy
Cookies
Terms of Use
Last Updated 25 Dec 2017
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web03 2.8:2024-05-14:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900