0

I am wondering which one are errors. I've tried to check mysql and nothing inserted into my database.

First of all, my HTML code are like this

<form action="registerAction" method="POST">  
        <p class="titleRegister"> Login Details </p>
        <!-- login details -->
        <p> <label for="emailAddress" class="inputField" > Email Address : </label> </p>
        <p> <input id="emailAddress" class="registerField" name="ename" required="required" type="text" placeholder="Your email address"/> </p>

        <p> <label for="password" class="inputField" > Password : </label> </p>
        <p> <input id="password" class="registerField" name="pwd" required="required" type="password" placeholder="Your password"/> </p>

        <p> <label for="password" class="inputField" > Confirmation Password : </label> </p>
        <p> <input id="password" class="registerField" name="mpwd" required="required" type="password" placeholder="Confirmation password" onBlur="pwdCompare()"/> </p>

        <!-- personal details -->
        <p class="titleRegister"> Personal Details </p>

        <!-- hidden to insert db -->
        <input name="registerID" type="hidden"/>
        <input name="pic" type="hidden"/>

        <p>
            <label for="socialTitle" class="inputField" > Title : </label>
            <div class="radio">
                <input type="radio" name="sTitle" value="mr"> Mr
                <input type="radio" name="sTitle" value="mrs"> Mrs
                <input type="radio" name="sTitle" value="ms"> Ms
            </div>
        </p>

        <p> <label for="firstName" class="inputField" > First Name : </label> </p>
        <p> <input id="firstName" class="registerField" name="fname" required="required" type="text" placeholder="Your first name"/> </p>

        <p> <label for="lastName" class="inputField" > Last Name : </label> </p>
        <p> <input id="lastName" class="registerField" name="lname" required="required" type="text" placeholder="Your last name"/></p>

        <p> <label for="mainAddress" class="inputField" > Main Address : </label> </p>
        <p> <input id="mainAddress" class="registerField" name="address" required="required" type="text" placeholder="Your main address"/> </p>

        <p> <label for="countryName" class="inputField" > Country : </label> </p>
        <?php 
        include 'dbconnect.php';
        echo "<select class=\"selectCSS\" name=\"country\">";
        $country = "SELECT DISTINCT * FROM geo_country ORDER BY country";
        $showCountry = mysqli_query($mysqli, $country);
        while($countryRow = mysqli_fetch_assoc($showCountry))
        {
            $country = htmlspecialchars ($countryRow['country']);
            $countryCode = $countryRow['countryCode'];
            echo "<option value=\"$country\">$country</option>\n";
        }
        echo "</select>";
        ?>

        <p> <label for="cityName" class="inputField" > City : </label> </p>
        <?php
        include 'dbconnect.php';
        echo "<select class=\"selectCSS\" name=\"city\">";
        $city = "SELECT DISTINCT * FROM geo_country INNER JOIN geo_city ORDER BY city WHERE geo_country.countryCode = geo_city.countryCode";
        $showCities = mysqli_query($mysqli, $city);
        while($cityRow = mysqli_fetch_assoc($showCities))
        {
            $city = htmlspecialchars ($cityRow['city']);
            $countryCode = $cityRow['countryCode'];
            echo "<option value=\"$city\">$city</option>\n";
        }
        echo "</select>";
        ?>

        <p> <label for="postalCode" class="inputField" > Postal Code : </label> </p>
        <p> <input id="postalCode" class="registerField" name="pcode" required="required" type="text" placeholder="Your postal code"/> </p>

        <p> <input class="registerButton" type="submit" value="REGISTER"> </p>
    </form>

and my php action come here:

<?php

include 'dbconnect.php';

if ($_POST['pwd']!= $_POST['mpwd']) {
    echo("Oops! Password did not match! Try again. ");
}

$register_ID = $_POST['registerID'];
$socialTitle = $_POST['sTitle'];
$firstName = ucfirst(strtoupper($_POST['fname']));
$lastName = ucfirst(strtoupper($_POST['lname']));
$emailAddress = htmlspecialchars($_POST['ename']);
$mainAddress = htmlspecialchars($_POST['address']);
$registerCity = $_POST['city'];
$registerCountry = $_POST['country'];
$postalCode = htmlspecialchars($_POST['pcode']);
$profilePic = $_POST['pic'];
$registerPassword = $_POST['pwd'];

$check = "SELECT * FROM register_user where emailAddress = '$emailAddress'";
$checkTitle = mysqli_query($mysqli,$check);

if (mysqli_num_rows($checkTitle) > 0) {
    header("Location: register?error=The name of email has already been taken");
    } else {
        $insertSQL =
        "INSERT INTO register_user ('registerID', 'socialTitle', 'firstName', 'lastName', 'emailAddress', 'mainAddress', 'registerCity', 'registerCountry', 'postalCode', 'profilePic', 'registerPassword')
        VALUES ('$register_ID', '$socialTitle', '$firstName', '$lastName', '$emailAddress', '$mainAddress', '$registerCity', '$registerCountry', '$postalCode', '$profilePic', '$registerPassword')";
        $queryResult = mysqli_query($mysqli,$insertSQL);
        if($queryResult) {
            echo "SUCCESS";

                echo "<p> Name   : $emailAddress </p>";
                echo "<p> Detail : $fname </p>";

            echo "<p> <a href=\"index\"> BACK </a> </p>";
        }
    }
?>

The results are nothing come out on the new html page and neither in DB. Can you check it out please? Thanks.

Anthosiast
  • 552
  • 2
  • 9
  • 26
  • You don't check for errors. Check `mysqli_error()` to see what mysql reports and post it here if you don't understand it. – John Conde Nov 05 '14 at 02:25
  • Change your action and append `.php` like this: `
    `
     – Rizier123 Nov 05 '14 at 02:27
  • @Rizier123 I have removed the extension with htaccess file, so don't worry about this. – Anthosiast Nov 05 '14 at 02:28
  • @JohnConde I thought I've put mysqli_error and I didn't. Thanks for letting me know. I will let you know if any further problem. – Anthosiast Nov 05 '14 at 02:31
  • You need to throw some debug print statements in your php to determine where you are actually getting. Print to the a file/log or print to screen doesn't really matter just start tracing through it.Does it get to your first if block, does it enter the second, are all your values as you expect, etc. – scrappedcola Nov 05 '14 at 02:32

2 Answers2

1

You're using the wrong identifiers for your columns, being (single) quotes '.

('registerID', 'socialTitle', 'firstName', 'lastName', 'emailAddress', 'mainAddress', 'registerCity', 'registerCountry', 'postalCode', 'profilePic', 'registerPassword')

change that to:

(registerID, socialTitle, firstName, lastName, emailAddress, mainAddress, registerCity, registerCountry, postalCode, profilePic, registerPassword)

or use backticks.

(`registerID`, `socialTitle`, `firstName`, `lastName`, `emailAddress`, `mainAddress`, `registerCity`, `registerCountry`, `postalCode`, `profilePic`, `registerPassword`)

Using or die(mysqli_error($mysqli)) to mysqli_query() would have shown you the error.

Plus, unless the form action is an index file in a folder called registerAction or a mod rewrite:

it would need to be

<form action="registerAction.php" method="POST">

so, check that. Just an insight.

I would also like to note that your present code is open to SQL injection.

Use prepared statements, or PDO with prepared statements, they are much safer.

Community
  • 1
  • 1
Funk Forty Niner
  • 74,450
  • 15
  • 68
  • 141
0

Not 100% sure about it, but try changing your html.

This:

<form action="registerAction" method="POST">

To:

<form action="registerAction.php" method="POST">

Assuming registerAction is the name of you php file..