1

I am trying to create an account registration page and when I add a system to check the database and make sure that there are not multiple rows with the same username, I get a 500 error.

Here's the code that works:

<?php


if(isset ($_POST['submit']))
{
    include( 'connection.php' );

    $username = $_POST['username'];
    $password = $_POST['password'];
    $email = $_POST['email'];

    if(empty($username) || empty($email) || empty($password))
    {
        echo 'Please check the required fields.';
    }
    elseif(!filter_var($email,FILTER_VALIDATE_EMAIL))
    {
        echo 'Please enter a correct email address.';
    }
    else
    {
        $password = md5($password);
        $sql = mysql_query("INSERT INTO users (email,username,password) VALUES ('$email','$username','$password')") or die(mysql_error());

        if($sql)
        {
            echo 'Successfully submitted.';
        }
    }   
}
?>

Here's the code that gives me a 500 error:

<?php
error_reporting(E_ALL)

if(isset ($_POST['submit'])) {
    include( 'connection.php' );

    $username = $_POST['username'];
    $password = $_POST['password'];
    $email = $_POST['email'];

    $fetch = mysql_query("SELECT * FROM users WHERE username = '$email'") or die(mysql_error();
    $num_rows = mysql_num_rows($fetch);

    if(empty($username) || empty($email) || empty($password)) {
        echo 'Please check the required fields.';
    }
    elseif(!filter_var($email,FILTER_VALIDATE_EMAIL)) {
        echo 'Please enter a correct email address.';
    }

    elseif($num_rows >= 1);
    {
        echo 'This username is taken.';

    else    
    }
        $password = md5($password);
        $sql = mysql_query("INSERT INTO users (email,username,password) VALUES ('$email','$username','$password')") or die(mysql_error());

        if($sql)
        {
            echo 'Successfully submitted.';
        }
    }   
}
?>
Colby Aley
  • 331
  • 3
  • 9
  • Have a look in the error log file if you have access to it – Mitya Jul 07 '12 at 22:10
  • 2
    Your code is vulnerable to SQL injections. Please look at mysql_real_escape_string, or consider PDO. – Daniel Sloof Jul 07 '12 at 22:12
  • if you have installed php-cgi on your local PC then you could at least do a `php -l` to check you code for errors. It took me 60s to find the same errors as at @Jocelyn – TerryE Jul 07 '12 at 22:18

3 Answers3

3

Maybe add a semi colon:

error_reporting(E_ALL);

EDIT:

You are also missing a ) on die(mysql_error();

Remove the ; from elseif($num_rows >= 1);

And then fix your else block to be } else {

drew010
  • 68,777
  • 11
  • 134
  • 162
Jocelyn
  • 11,209
  • 10
  • 43
  • 60
0

You missed a semi-colon off your first statement

Jordan
  • 359
  • 3
  • 12
0

you have

else }

in your code. That's a syntax error. You're looking for

}
else {

instead.

moopet
  • 6,014
  • 1
  • 29
  • 36