Values not inserting in database with php

Question

I have created a user register form with php jquery and sql and i am trying to enter the details in database via ajax request, code is executing perfectly but values are not entering in the database, and i have checked my query too by running it in the sql editor query also working fine,

can you tell where is the error ?

<!DOCTYPE html>
        <html>
            <head>
                <title>Login Register Test</title>

                <script type="text/javascript" src="http://code.jquery.com/jquery-1.8.0.min.js"></script>

    /**
     * Created by pratyush on 8/28/14.
     */
    $(function(){
        $("input[name='btn_submit_reg']").click(function(){
            registerUser();
        });

        $("input[name='btn_submit_login']").click(function(){
            loginUser();
        });
    });



    function registerUser(){

        if(IsValidFormReg()){

            var frm = $(".register").serialize();

            $.ajax({
                url : 'modal/registerdao.php',
                type : 'POST',
                data : frm,
                success : function(result) {

                    if (result.indexOf("correct") > -1) {
                        alert(frm);

                        window.location.replace("registrationconfirm.php");

                    }

                }

            });

        }

    }


    function IsValidFormReg()
    {

        var valid= true;

        var username = $("input[name='username_reg']").val();
        var userpass = $("input[name='userpass_reg']").val();
        var email = $("input[name='useremail_reg']").val();


        if(username.length==0){
            valid = false;

            $("input[name='username_reg']").addClass("formerror");
        }

        if(userpass.length==0){
            valid = false;

            $("input[name='userpass_reg']").addClass("formerror");
        }

        if(email.length==0){
            valid = false;
            $("input[name='useremail_reg']").addClass("formerror");

        }
        else{
            if(checkemail(email)==false){
                valid = false;
                $("input[name='useremail_reg']").addClass("formerror");
                alert("please enter valid email");

            }
        }
        if(!valid)
            $(".formentrieserror").html("&nbsp;&nbsp;&nbsp;&nbsp;Please fill correct form entries...");
        else
            $(".formentrieserror").html("&nbsp;");
        return valid;
    }
    function checkemail(email){

        var filter = /^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;

        if(email.length>0){

            if (!filter.test(email))
                return false;
            else
                return true;
        }
        else
            return false;
    }



    function loginUser(){}


                <style>
                    .formerror{border: solid 2px red;}
                </style>
            </head>
            <body>

            <h2>Login Form</h2> <br><br>
            <form class="login">
                <input type="text" name="username_login" placeholder="user name"> <br> <br>
                <input type="password" name="userpass_login" placeholder="password"><br> <br>

                <input type="button" name="btn_submit_login" value="Login">
            </form>
            <br><br>
            <h2>Registration Form</h2>
            <br><br>

            <form class="register">
                <input type="text" name="username_reg" placeholder="user name"> <br> <br>
                <input type="password" name="userpass_reg" placeholder="password"><br> <br>
                <input type="email" name="useremail_reg" placeholder="email"><br> <br>

                <input type="button" name="btn_submit_reg" value="Register">
            </form>
            <div class="formentrieserror"></div>
            </body>
        </html>

    //registerDao.php..................................//


    <?php



    class RegisterUserInfo{

        public $userName;
        public $userPassword;
        public $userEmail;
    }



    class userRegisterDao {

        function RegisterUser($registration_info) {
            include_once ("database.php");

            $qry = "insert into userdetails(
                    userName,
                    userPassword,
                    userEmail)
                    values('".$registration_info->userName."','"
                        .$registration_info->userPassword."','"
                        .$registration_info->userEmail."')";

            return Database::executeQuery($qry);                    // return true or false

        }
    }



    $userName = mysql_escape_string($_REQUEST ['userName']);
    $userPassword = mysql_escape_string($_REQUEST ['userPassword'] );
    $userEmail = mysql_escape_string($_REQUEST ['userEmail'] );

    $registration_info = new RegisterUserInfo();

    $registration_info->userName=$userName;
    $registration_info->userPassword=$userPassword;
    $registration_info->userEmail=$userEmail;


    $dao = new userRegisterDao();
    $insert = $dao->RegisterUser($registration_info);

    if($insert===true){

        echo "correct";
    }
    else
        echo "invalid";
    ?>

Why don't you ask that from your `Database` class? i.e. why are you not checking for errors returned? We don't know which API it uses etc. From the looks of it, all that OOP is useless when you end up using `mysql_escape_string` and other `MySQL_*`; might as well use `mysql_query` directly. — Hanky Panky, Aug 29 '14 at 05:54
Please [don't use string interop to build queries.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php?rq=1) — Dan, Aug 29 '14 at 05:57
Are you sure your AJAX call is executed? I strongly recommand to enable `error_reporting` and show the output of `registerDao.php` — S.Pols, Aug 29 '14 at 05:57

score 2 · Accepted Answer · edited Aug 29 '14 at 06:05

Change this line

   $userName = mysql_escape_string($_REQUEST ['userName']);
   $userPassword = mysql_escape_string($_REQUEST ['userPassword'] );
   $userEmail = mysql_escape_string($_REQUEST ['userEmail'] );

to this

    $userName = mysql_escape_string($_REQUEST ['username_reg']);
                                           /*  changed ^^ */
    $userPassword = mysql_escape_string($_REQUEST ['userpass_reg'] );
                                           /*  changed ^^ */
    $userEmail = mysql_escape_string($_REQUEST ['useremail_reg'] );
                                           /*  changed ^^ */

I think this might be your answer! – S.Pols Aug 29 '14 at 05:59 — S.Pols, Aug 29 '14 at 05:59

score 0 · Answer 2 · answered Aug 29 '14 at 06:11

I see this alot... Ajax with no error handler, just success handlers. Why not have php return errors to ajax and output to console IE console.log( some_error ) . It will make debugging a lot easier in the future.

I also see that there is no sql exception handling. That would have shown you that no column exists by that name during attempted insertions.

just a few debugging tips going forward, good luck.

Values not inserting in database with php

2 Answers2