Localhosting with error in code MySQL - PHP

Question

I was trying a really simple code in PHP using MySQL. Note: I use localhost with xampp.

That's one of the many errors I get, can someone please help me with the code I am really new to PHP and can't seem to find the error.

Here is my code:

<form method="post">
<input type="email" name="email" id="email" />
<input type="password" name="pass" id="pass" />
<input type="submit" name="submit" id="submit" value="Sign up!" />

<?php

$error = "";
$dbhost = 'localhost';
$username = 'root';
$password = '';
$db = 'users';


if($_POST['submit']) {

    if(!$_POST['email']) $error.="Please enter an email";
        else if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) $error.="<br />Please enter a valid email address";


    if(!$_POST['pass']) $error.="<br />Please enter a password";
        else{

            if (strlen($_POST['pass']<8)) $error.="<br />Please enter at least 8 characters";
            if (!preg_match('`[A-Z]`', $_POST['pass'])) $error.="<br />Please use at least one capital letter";

        }
    if($error) echo $error;

        else {
        $link = mysql_connect($dbhost,$username,$password, $db);
        $query = "SELECT * FROM `users` WHERE email ='".mysqli_real_escape_string($link, $_POST['email'])."'";

        $result = mysqli_query($link, $query);
        $results = mysqli_num_rows($result);

        if($results) echo "that email address is already registered";

        else {
                $query ="INSERT INTO `users` (`email, `password`) VALUES("'.mysqli_real_escape_string($link, $_POST['email']).'", md5(md5($_POST['email']).$_POST['password'])"')";
                mysqli_query($link, $query);
                echo "You've been signed up!";

        }

    }   
?>

The error does give you a line number. That should help you find it. — Don't Panic, May 10 '16 at 17:55
Can't mix `mysqli` and `mysql_`. Two different drivers. Also quotes are off; see `VALUES("'.`< move the single quote inside the double. — chris85, May 10 '16 at 17:55
You can use tools to help yourself. If you use an IDE or a text editor with appropriate extensions installed, it can identify syntax errors for you as you write your code. Even in the syntax highlighting in your question here you can see that one of the `mysqli_real_escape_string`s is black and the other is red. — Don't Panic, May 10 '16 at 17:59
Possible duplicate of [Can I mix MySQL APIs in PHP?](http://stackoverflow.com/questions/17498216/can-i-mix-mysql-apis-in-php) after typo issue. — chris85, May 10 '16 at 18:02
**WARNING**: When using `mysqli` you should be using [parameterized queries](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and [`bind_param`](http://php.net/manual/en/mysqli-stmt.bind-param.php) to add user data to your query. **DO NOT** use manual escaping and string interpolation or concatenation to accomplish this because you will create severe [SQL injection bugs](http://bobby-tables.com/) if you ever forget to properly escape something. — tadman, May 10 '16 at 18:24
StackOverflow's syntax highlighting gives the game away: you've muddled your string quotation characters. — eggyal, May 10 '16 at 18:35

Localhosting with error in code MySQL - PHP

0 Answers0