I understand this might not be the most constructive question ever and I apologize (I'm new to StackOverflow, still trying to figure out how to use it..) Basically I am trying to create a basic user management system, where users can login, but cannot register new accounts. Only an admin account can add new employees(users). I can figure that part out, just need help with my insert script. Please tell me where I am going wrong.
This is the error I am receiving:
Warning: mysql_query() expects parameter 1 to be string, object given in C:\xampp\htdocs\functions\addemployee.php on line 14 Error:
My Form:
<?php
include('../includes/session.php');
?>
<html>
<?php require('../includes/header.php'); ?>
<body>
<?php require('../includes/navbar.php'); ?>
<div class="container">
<h2>New Employee</h2>
<!-- Trigger the modal with a button -->
<button type="button" class="btn btn-info btn-lg" data-toggle="modal" data-target="#myModal">New Employee</button>
<!-- Modal -->
<div class="modal fade" id="myModal" role="dialog">
<div class="modal-dialog">
<!-- Modal content-->
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal">×</button>
<h4 class="modal-title">New Employee</h4>
</div>
<div class="modal-body">
<form class="form-horizontal" action="../functions/addemployee.php" method="post">
<fieldset>
<!-- Text input-->
<div class="form-group">
<label class="col-md-4 control-label" for="firstname">First Name</label>
<div class="col-md-4">
<input id="firstname" name="firstname" type="text" placeholder="First Name" class="form-control input-md" required="">
</div>
</div>
<!-- Text input-->
<div class="form-group">
<label class="col-md-4 control-label" for="lastname">Last Name</label>
<div class="col-md-4">
<input id="lastname" name="lastname" type="text" placeholder="Last Name" class="form-control input-md">
</div>
</div>
<!-- Text input-->
<div class="form-group">
<label class="col-md-4 control-label" for="username">Username</label>
<div class="col-md-4">
<input id="username" name="username" type="text" placeholder="Username" class="form-control input-md">
</div>
</div>
<!-- Password input-->
<div class="form-group">
<label class="col-md-4 control-label" for="password">Password</label>
<div class="col-md-4">
<input id="password" name="password" type="password" placeholder="Password" class="form-control input-md">
</div>
</div>
<!-- Button -->
<div class="form-group">
<label class="col-md-4 control-label" for="submit"></label>
<div class="col-md-4">
<button id="submit" name="submit" class="btn btn-primary">Add Employee</button>
</div>
</div>
</fieldset>
</form>
</div>
</div>
</div>
</div>
</div>
</body>
</html>
And my insert script:
<?php
include("../includes/config.php");
$firstname = mysqli_real_escape_string($db,$_POST['firstname']);
$lastname = mysqli_real_escape_string($db,$_POST['lastname']);
$username = mysqli_real_escape_string($db,$_POST['username']);
$password = mysqli_real_escape_string($db,$_POST['password']);
$sql = "INSERT INTO employees (id, firtname, lastname, username, password) VALUES ('', '$firstname', '$lastname', '$username', '$password')";
if (!mysql_query($db,$sql)) {
die('Error: ' . mysql_error());
}
?>
And my config/db connect script
<?php
define('DB_SERVER', 'localhost');
define('DB_USERNAME', 'root');
define('DB_PASSWORD', '');
define('DB_DATABASE', 'breitinger');
$db = mysqli_connect(DB_SERVER,DB_USERNAME,DB_PASSWORD,DB_DATABASE);
?>
