-2

I am following some video tutorials. but whenever i run the code it shows this error. in database my database name is phplogin, my table name is users. my columns name are id,username,password and name. erorr shown is this:

     Parse error: syntax error, unexpected ''".$_POST['' (T_CONSTANT_ENCAPSED_STRING) in C:\xampp1\htdocs\firstlogin\regiser.php on line 8

code is under. 

include_once ("db/phplogin");
if(isset($_POST['submit']));
{
    $query = "insert into users(username,password,name) values ("'".$_POST['username']."','".$_POST['password']."','".$_POST['name']."'")";
    if(mysql_query($query))
    {
        echo "data inserted";

    }
    else
    {
        echo "data not inserted";
    }
}


   ?>
  <html>
  <head>
  </head>
  <body>
  <form action='regiser.php' method='POST'>
   Name:<input type ='text' name='Name' placeholder='Name'><br>
   Username:<input type ='text' name='Username' placeholder='Username'><br>
   Password:<input type ='password' name='Password' placeholder='Password'>            <br>
  <input type='submit' name='submit' value='Register'>
  </form>
  </body>
  </html>
Waqas Aamer
  • 59
  • 2
  • 9

4 Answers4

2

Change this line:

$query = "insert into users(username,password,name) values ('".$_POST['username']."','".$_POST['password']."','".$_POST['name']."')";

But, this is dangerous. Add this line to clean your input before it's saved in database:

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    $input = array_map('mysqli_real_escape_string', $_POST);

    $query = "insert into users(username,password,name) values ('".$input['username']."','".$input['password']."','".$input['name']."')";

}

A better approach is using PDO with binding params. It's secure, it's ready for the future (you're using deprecated mysql_query()):

UPDATE: It's more easy for you to use lowercase form field names, because PHP is often case sensitive (depending on the underlying OS). See How can I make my local server case-sensitive?

Community
  • 1
  • 1
schellingerht
  • 5,726
  • 2
  • 28
  • 56
1

Updated Code (Mistakes are listed below) 

<?
include_once ("db/phplogin.php");
if(isset($_POST['submit']));
{
  $query = "insert into users(username,password,name) values ('".$_POST['Username']."','".$_POST['Password']."','".$_POST['Name']."')";
  if(mysql_query($query)) {
      echo "data inserted";
  } else {
      echo "data not inserted";
  }
}
?>

Since you stated this error in @William Madede's Answer.

Warning: include_once(db/phplogin): failed to open stream: No such file or directory in C:\xampp1\htdocs\firstlogin\regiser.php on line 5

Warning: include_once(): Failed opening 'db/phplogin' for inclusion (include_path='.;C:\xampp1\php\PEAR') in C:\xampp1\htdocs\firstlogin\regiser.php on line 5

Notice: Undefined index: username in C:\xampp1\htdocs\firstlogin\regiser.php on line 8

Notice: Undefined index: password in C:\xampp1\htdocs\firstlogin\regiser.php on line 8

Notice: Undefined index: name in C:\xampp1\htdocs\firstlogin\regiser.php on line 8

Mistakes

  1. Change this $_POST['username'] to $_POST['Username']
  2. Change this $_POST['password'] to $_POST['Password']
  3. Change this $_POST['name'] to $_POST['Name']
  4. Remove unncessary double quotes in $query
  5. change db/phplogin to db/phplogin.php or give appropriate path of phplogin.php

[ NOTE: Mysql Is Deprecated. Instead Use mysqli or PDO]

Nana Partykar
  • 10,556
  • 10
  • 48
  • 77
0

Its because of the unnecessary double quotes... Update

$query = "insert into users(username,password,name) values ("'".$_POST['username']."','".$_POST['password']."','".$_POST['name']."'")";

To

$query = "insert into users(username,password,name) values ('".$_POST['username']."','".$_POST['password']."','".$_POST['name']."')";
William Madede
  • 727
  • 4
  • 8
  • Warning: include_once(db/phplogin): failed to open stream: No such file or directory in C:\xampp1\htdocs\firstlogin\regiser.php on line 5 Warning: include_once(): Failed opening 'db/phplogin' for inclusion (include_path='.;C:\xampp1\php\PEAR') in C:\xampp1\htdocs\firstlogin\regiser.php on line 5 Notice: Undefined index: username in C:\xampp1\htdocs\firstlogin\regiser.php on line 8 Notice: Undefined index: password in C:\xampp1\htdocs\firstlogin\regiser.php on line 8 Notice: Undefined index: name in C:\xampp1\htdocs\firstlogin\regiser.php on line 8 – Waqas Aamer Dec 09 '15 at 08:05
  • Warning: include_once(db/phplogin): failed to open stream: No such file or directory in C:\xampp1\htdocs\firstlogin\regiser.php on line 5 Warning: include_once(): Failed opening 'db/phplogin' for inclusion (include_path='.;C:\xampp1\php\PEAR') in C:\xampp1\htdocs\firstlogin\regiser.php on line 5 Notice: Undefined index: username in C:\xampp1\htdocs\firstlogin\regiser.php on line 8 Notice: Undefined index: password in C:\xampp1\htdocs\firstlogin\regiser.php on line 8 Notice: Undefined index: name in C:\xampp1\htdocs\firstlogin\regiser.php on line 8 – Waqas Aamer Dec 09 '15 at 08:06
0

You can also use insert query as below :

if(isset($_POST['submit']));
{
    $u = $_POST['Username'];
    $p = $_POST['Password'];
    $n = $_POST['Name'];
    $query = "insert into users(username,password,name) values ('$u','$p','$n')";
    if(mysql_query($query))
    {
        echo "data inserted";

    }
    else
    {
        echo "data not inserted";
    }
}
Krishna Gupta
  • 695
  • 4
  • 15