-1

I am trying to insert data posted from a form into my database using the following MySQL statement but it is producing my error 'Oooops! *** **** ***'

I know there is a connection because before I insert anything I test the users email address to see if it already exists and if it does it redirects the user to login. and this works so if the email doesn't exist in the database then it is suppose to be inserting the form data but it isn't. * can someone please show me where I am going wrong? I have made sure I am spelling the table names correct and everything and am 100% sure I have posted all my form data correctly.

    <?php 
    session_start();
    include("config.php");
    include("verify.php");
    //retrieve our data from POST
    $firstname = $_POST['firstname'];
    $lastname = $_POST['lastname'];
    $email = $_POST['email'];
    $email2 = $_POST['email2'];
    $contactnum = $_POST['contactnum'];
    $mobnum = $_POST['mobnum'];
    $postcode = $_POST['postcode'];
    $addres1 = $_POST['address1'];
    $addres2 = $_POST['address2'];
    $town = $_POST['town'];  
    $compname = $_POST['compname'];
    $compreg = $_POST['compreg'];
    $verify = $_POST['verify'];
    $verification = $_POST['verification'];

    $firstname = stripslashes($firstname);
    $firstname = mysql_real_escape_string($firstname);
    $lastname = stripslashes($lastname);
    $lastname = mysql_real_escape_string($lastname);
    $email = stripslashes($email);
    $email = mysql_real_escape_string($email);
    $email2 = stripslashes($email2);
    $email2 = mysql_real_escape_string($email2);
    $contactnum = stripslashes($contactnum);
    $contactnum = mysql_real_escape_string($contactnum);
    $mobnum = stripslashes($mobnum);
    $mobnum = mysql_real_escape_string($mobnum);
    $postcode = stripslashes($postcode);
    $postcode = mysql_real_escape_string($postcode);
    $addres1 = stripslashes($addres1);
    $addres1 = mysql_real_escape_string($addres1);
    $addres2 = stripslashes($addres2);
    $addres2 = mysql_real_escape_string($addres2);
    $town = stripslashes($town);
    $town = mysql_real_escape_string($town);
    $compname = stripslashes($compname);
    $compname = mysql_real_escape_string($compname);
    $compreg = stripslashes($compreg);
    $compreg = mysql_real_escape_string($compreg);
    $verify = stripslashes($verify);
    $verify = mysql_real_escape_string($verify);
    $verification = stripslashes($verification);
    $verification = mysql_real_escape_string($verification);

    $query = sprintf("SELECT * FROM supplier_registration WHERE supplier_email='%s'", mysql_real_escape_string($email2));
    $result = mysql_query($query);
    if(mysql_num_rows($result) > 0) {
    $_SESSION['message2'] = '<div id="message_box3"><div class="boxclose" id="boxclose" onclick="this.parentNode.parentNode.removeChild(this.parentNode);"></div><h23>Found You!</h23><p>It appears that a user with that email address is already registered. Please Login below or click on our support section.</p> </div>';
     header('Location: ../login.php'); 
    } else {

    $sql = "INSERT INTO supplier_registration (id, first_name, last_name, supplier_email, contact_number, mobile_number, postcode, address1, address2, town, company_name, company_reg, date) VALUES (NULL, '$firstname','$lastname','$email2', '$contactnum', '$mobnum', '$postcode', NULL, NULL, NULL, '$compname', '$compreg', now())";
    $result2 = mysql_query($sql);

    if(mysql_num_rows($result2) > 0) {
    $_SESSION['message2'] = '<div id="message_box3"><div class="boxclose" id="boxclose" onclick="this.parentNode.parentNode.removeChild(this.parentNode);"></div><h23>Thanks for Registering!</h23><p>You have successfully registered. We have sent you a verification email.</p> </div>';
    header('Location: ../index.php'); 

    }else{
     $_SESSION['message2'] = '<div id="message_box3"><div class="boxclose" id="boxclose" onclick="this.parentNode.parentNode.removeChild(this.parentNode);"></div><h23>Oooops!</h23><p>It appears there was an error whilst attempting to register your details. Please try again later.</p> </div>';
     header('Location: ' . $_SERVER['HTTP_REFERER']); 

    } } 

    ?>
arco444
  • 22,002
  • 12
  • 63
  • 67
James Daley
  • 259
  • 2
  • 8
  • 20

3 Answers3

0

The error may relate to the datatypes of the fields in your table.

In your code there is no conversion of strings to numbers.

If you add the table definition and the exact SQL error to your question more help can be given.

Martijn van der Jagt
  • 524
  • 3
  • 13
0

try this..

  $sql = "INSERT INTO supplier_registration (id, first_name, last_name, supplier_email, contact_number, mobile_number, postcode, address1, address2, town, company_name, company_reg, date) VALUES ('', '$firstname','$lastname','$email2', '$contactnum', '$mobnum', '$postcode', '', '', '', '$compname', '$compreg', now())";
  $result2 = mysql_query($sql);
Sarath
  • 2,318
  • 1
  • 12
  • 24
0

It's because date in your query is a Reserved Keyword. so you'll have to put in [] like this [date]

Izzy
  • 6,740
  • 7
  • 40
  • 84
  • tried this and also didn't make a difference, no mysql error or anything just displays my custom error and didn't insert anything – James Daley Jan 13 '15 at 11:37
  • Take your custom error out and see what error you get – Izzy Jan 13 '15 at 11:40
  • Take a look [here](http://stackoverflow.com/questions/12227626/how-to-display-mysql-error-in-php) on how to display MySql error message – Izzy Jan 13 '15 at 11:47