PHP insert data to Mysql

Question

I am experimenting with PHP and Mysql. I have created a database and table at mu localhost using xampp. I have also created a file that suppose to populate my table by executing a query, but the strange thing is that i get no errors but at the same time no DATA has been inserted into my DataBase:

CODE:

register.php:

<?php

session_start();

if(isset($_POST['submitted'])){

    include('connectDB.php');

    $UserN = $_POST['username'];
    $Upass = $_POST['password'];
    $Ufn = $_POST['first_name'];
    $Uln = $_POST['last_name'];
    $Uemail = $_POST['email'];

    $NewAccountQuery = "INSERT INTO users (user_id,username, password, first_name, last_name, emial) VALUES ('$UserN','$Upass', '$Ufn', '$Uln', '$Uemail')";

    if(!mysql_query($NewAccountQuery)){

        die(mysql_error());

    }//end of nested if statment


    $newrecord = "1 record added to the database";

}//end of if statment

?>



<html>
<head>

<title>Home Page</title>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<link href="style.css" rel="stylesheet" type="text/css" />
</head>
<body>

    <div id="wrapper">
        <header><h1>E-Shop</h1></header>


        <article>
        <h1>Welcome</h1>

            <h1>Create Account</h1>

        <div id="login">

                <ul id="login">

                <form method="post" action="register.php"  >
                    <fieldset>  
                        <legend>Fill in the form</legend>

                        <label>Select Username : <input type="text" name="username" /></label>
                        <label>Password : <input type="password" name="password" /></label>
                        <label>Enter First Name : <input type="text" name="first_name" /></label>
                        <label>Enter Last Name : <input type="text" name="last_name" /></label>
                        <label>Enter E-mail Address: <input type="text" name="email" /></label>
                    </fieldset>
                        <br />

                        <input type="submit" submit="submit" value="Create Account" class="button">

                </form>




                </div>
            <form action="index.php" method="post">
            <div id="login">
                <ul id="login">
                    <li>
                        <input type="submit" value="Cancel" onclick="index.php" class="button"> 
                    </li>
                </ul>
            </div>      



        </article>
<aside>
</aside>

<div id="footer">This is my site i Made coppyrights 2013 Tomazi</div>
</div>

</body>
</html>

I have also one include file which is connectDB:

 <?php


    session_start();

        $con = mysql_connect("127.0.0.1", "root", "");
        if(!$con)
            die('Could not connect: ' . mysql_error());

        mysql_select_db("eshop", $con) or die("Cannot select DB");

?>

Database structure:

database Name: eshop; only one table in DB : users;

users table consists of:

user_id: A_I , PK
username
password
first_name
last_name
email

I spend a substantial amount of time to work this out did research and looked at some tutorials but with no luck

Can anyone spot what is the root of my problem...?

You are using [an **obsolete** database API](http://stackoverflow.com/q/12859942/19068) and should use a [modern replacement](http://php.net/manual/en/mysqlinfo.api.choosing.php). You are also **vulnerable to [SQL injection attacks](http://bobby-tables.com/)** that a modern API would make it easier to [defend](http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php) yourself from. — Quentin, Feb 27 '13 at 13:05
Are you sure there are no errors? Your `INSERT` statement specifies more columns than it has values. — David, Feb 27 '13 at 13:06
are you entering same value for new entry? Try different value because user_id is PK — عثمان غني, Feb 27 '13 at 13:09
yes no errors and ye I removed user_id in a process I relised it is A_I. @Quentin i know this isynt a secure solution but its a dummy website and i just wont to get things working before i actually improve the code — Tomazi, Feb 27 '13 at 13:09
@Tomazi — So. Step 1. Build it. Step 2. Throw it away. Step 3 . Build it again with the right tools? I strongly suggest skipping steps 1 and 2. — Quentin, Feb 27 '13 at 13:10

Prasanth Bendra · Accepted Answer · 2013-02-27T13:16:00.580

2

It is because if(isset($_POST['submitted'])){

you dont have input field with name submitted give the submit button name to submitted

<input name="submitted" type="submit" submit="submit" value="Create Account" class="button">

Check your insert query you have more fields than your values

Change :

$NewAccountQuery = "INSERT INTO users (user_id,username, password, first_name, last_name, email) VALUES ('$UserN','$Upass', '$Ufn', '$Uln', '$Uemail')";

to :

$NewAccountQuery = "INSERT INTO users (user_id,username, password, first_name, last_name, email) VALUES ('','$UserN','$Upass', '$Ufn', '$Uln', '$Uemail')";

Considering user_id is auto increment field.

Your email in query is written wrongly as emial.

edited Feb 27 '13 at 13:16

answered Feb 27 '13 at 13:06

Prasanth Bendra

31,145
9
53
73

try echoing something inside if condition – Prasanth Bendra Feb 27 '13 at 13:13
OK u just sorted me out many thx. after amending the changes you suggested i also had an error: "Ok you got me going, but now i get an error which is "Notice: A session had already been started - ignoring session_start() in C:\xampp\htdocs\eshop\connectDB.php on line 4"" so i also hadd to remove the session_start() fromy my register.php file – Tomazi Feb 27 '13 at 13:18
There are two `session_start()` remove one, Also dont forget to accept the answer :P – Prasanth Bendra Feb 27 '13 at 13:20
yes i did that once again thx :) of course I will you earned it. you can like my question in return if u wish :P – Tomazi Feb 27 '13 at 13:22

score 0 · Answer 2 · answered Feb 27 '13 at 13:09

0

Is error reporting turned on? Put this on the top of your screen:

error_reporting(E_ALL);
ini_set('display_errors', '1');

answered Feb 27 '13 at 13:09

HarryFink

1,010
1
6
6

this is not answer. this can be told in comments also – عثمان غني Feb 27 '13 at 13:11
I have no add comment button under the question. – HarryFink Feb 27 '13 at 13:15
there is "add/show more comments" click it you will get comment box – عثمان غني Feb 27 '13 at 13:16
I only have 'add comment' button under my answer. – HarryFink Feb 27 '13 at 13:18
It is written under users question! – عثمان غني Feb 27 '13 at 13:20
ok, i got it: http://meta.stackexchange.com/questions/33419/cant-add-small-comments-to-questions – HarryFink Feb 27 '13 at 13:27

score 0 · Answer 3 · answered Feb 27 '13 at 13:55

Some good answers above, but I would also suggest you make use of newer MySQLi / PDO instead of outdated 2002 MySQL API.

Some examples: (i will use mysqli since you wrote your original example in procedural code)

connectDB.php

<?php
$db = mysqli_connect('host', 'user', 'password', 'database');

if (mysqli_connect_errno())
     die(mysqli_connect_error());
?>

register.php -- i'll just write out an example php part and let you do the rest

<?php
//i'll always check if session was already started, if it was then 
//there is no need to start it again
if (!isset($_SESSION)) {
  session_start();
}

//no need to include again if it was already included before
include_once('connectDB.php'); 

//get all posted values
$username = $_POST['username'];
$userpass = $_POST['password'];
$usermail = $_POST['usermail'];
//and some more

//run checks here for if fields are empty etc?
//example check if username was empty
if($username == NULL) {
  echo 'No username entered, try <a href="register.php">again</a>';
  mysqli_close($db);
  exit();
} else {
  //if username field is filled we will insert values into $db
  //build query
  $sql_query_string = "INSERT INTO _tablename_(username,userpassword,useremail) VALUES('$username','$userpass','$usermail')";
  if(mysqli_query($db,$sql_query_string)) {
    echo 'Record was entered into DB successfully';
    mysqli_close($db);
  } else {
    echo 'Ooops - something went wrong.';
    mysqli_close($db);
  }
}
?>

this should work quite nicely and all you need to add is your proper posted values and build the form to post it, that's all.

score 0 · Answer 4 · answered Oct 13 '17 at 15:08

<?php
$db = mysqli_connect('host', 'user', 'password', 'database');

if (mysqli_connect_errno())
     die(mysqli_connect_error());
?>
register.php -- i'll just write out an example php part and let you do the rest

<?php
//i'll always check if session was already started, if it was then 
//there is no need to start it again
if (!isset($_SESSION)) {
  session_start();
}

//no need to include again if it was already included before
include_once('connectDB.php'); 

//get all posted values
$username = $_POST['username'];
$userpass = $_POST['password'];
$usermail = $_POST['usermail'];
//and some more

//run checks here for if fields are empty etc?
//example check if username was empty
if($username == NULL) {
  echo 'No username entered, try <a href="register.php">again</a>';
  mysqli_close($db);
  exit();
} else {
  //if username field is filled we will insert values into $db
  //build query
  $sql_query_string = "INSERT INTO _tablename_(username,userpassword,useremail) VALUES('$username','$userpass','$usermail')";
  if(mysqli_query($db,$sql_query_string)) {
    echo 'Record was entered into DB successfully';
    mysqli_close($db);`enter code here`
  } else {
    echo 'Ooops - something went wrong.';
    mysqli_close($db);
  }
}
?>

Welcome to SO! It might be a good idea to explain the ideas you have used here in some sort of summary or conclusion rather than comments, so you can expand on them in a more user friendly fashion. — Ethan Field, Oct 13 '17 at 15:14

PHP insert data to Mysql

4 Answers4