0

i am creating a php/mysql registration form with email verification, the code works well on my local server and does nothing while uploaded on Cpanel.

<?php
include ('connection.php');
if(isset($_POST['submitform'])){
$name = trim(mysql_escape_string($_POST['name']));
$email = trim(mysql_escape_string($_POST['email']));
$passwords = trim(mysql_escape_string($_POST['pwd']));
$password = md5($passwords);
$query_verify_email = "SELECT * FROM register  WHERE email ='$email' and isactive = 1";
$result_verify_email = mysqli_query($con,$query_verify_email);
if (!$result_verify_email) {
echo ' Syste Error! ';
}
if (mysqli_num_rows($result_verify_email) == 0) { 
$hash = md5(uniqid(rand(), true))

Though i can connect to the database, it seems like it's not inserting any data to the database

$query_create_user = "INSERT INTO `register` ( `name`, `email`, `password`, `hash`) VALUES ( '$name', '$email', '$password', '$hash')";
$result_create_user = mysqli_query($con,$query_create_user);
if (!$result_create_user) {
echo 'Query Failed ';
}
if (mysqli_affected_rows($con) == 1) {

This is where it should verify and send the email, and echo the message that verification code has been send or else echo the errors. My main problem is that it cannot insert data into the database

Mongezi3
  • 11
  • 2
  • Is it saying "Query failed" ? Or are you getting other errors? have you tried to echo the query and execute it in phpmyadmin? – Epodax Mar 21 '16 at 12:59
  • Don't use `mysql_*` as they are deprecated, removed from PHP since PHP7 and have major security holes. – Ikari Mar 21 '16 at 13:03

1 Answers1

0

Use this mysqli_real_escape_string instead of mysql_escape_string

And put semicolon after $hash = md5(uniqid(rand(), true))

mysql is deprecated

And in

$query_create_user = "INSERT INTO `register`...

` Is not necessary

M4HdYaR
  • 1,124
  • 11
  • 27
  • *"Use this mysqli_escape_string instead of mysql_escape_string"*- Not quite. http://php.net/manual/en/mysqli.real-escape-string.php – Funk Forty Niner Mar 21 '16 at 13:03