Dont know where the problem is.. but data is not showing up in the data base..
if(isset($_POST['sign up']))
{
$name=$_REQUEST['username'];
$password=$_REQUEST['password'];
$fname=$_REQUEST['fname'];
$lname=$_REQUEST['lname'];
$email=$_REQUEST['email'];
mysql_query("insert into sign_up ('username','password','fname','lname','email') VALUES('$name' , md5('$password') , '$fname' , '$lname','$email'");
}
The problem is with your column in the INSERT clause, they should not be wrap with single quotes as they are identifiers not string literals.
insert into sign_up (username,password,fname,lname,email) VALUES(...)
Since none of them are reserved keywords, backticks are optional around them.
As a sidenote, the query is vulnerable with SQL Injection if the value(s) of the variables came from the outside. Please take a look at the article below to learn how to prevent from it. By using PreparedStatements you can get rid of using single quotes around values.
Use mysql_error() to get the error that is occurring. If this is all your code, it doesn't look like you're making a database connection first.
Just remove the single quotes around your database column names and it should work:
mysql_query("insert into sign_up (username, password, fname , lname , email) VALUES('$name' , md5('$password') , '$fname' , '$lname','$email'");
You also need to at least escape your data before inserting, and it is not safe to use MD5() for hashing passwords.
A really nice thing to read is here: It has covered a LOT with just little (enough) text - not only hashing:
I know the answer section is the wrong place for this but I can not seem to comment on your post, I think it might be because I am a new user...
Please read up on SQL injection before you put this on the internet. You need to put protection into your inputs.
