1

so I was making a website with a login system but my PHP will not import anything to MySQL.

Here is my code:

Registration:

<?php require_once './template/header.php'; ?>
<?
    $reg = @$_POST['reg'];

    //registration form
    $fn = strip_tags(@$_POST['fname']);
    $ln = strip_tags(@$_POST['lname']);
    $un = strip_tags(@$_POST['username']);
    $em = strip_tags(@$_POST['email']);
    $em2 = strip_tags(@$_POST['email2']);
    $pswd = strip_tags(@$_POST['password']);
    $pswd2 = strip_tags(@$_POST['password2']);
    $d = date("Y-m-d"); // Year - Month - Day

    if ($reg) {
    if ($em==$em2) {
    // Check username
    $u_check = mysql_query("SELECT username FROM users WHERE username='$un'");
    $check = mysql_num_rows($u_check);
    // Check email
    $e_check = mysql_query("SELECT email FROM users WHERE email='$em'");
    $email_check = mysql_num_rows($e_check);
    if ($check == 0) {
      if ($email_check == 0) {
    // are rows filled in
    if ($fn&&$ln&&$un&&$em&&$em2&&$pswd&&$pswd2) {
    // passwords match?
    if ($pswd==$pswd2) {
    // how long are names
    if (strlen($un)>25||strlen($fn)>25||strlen($ln)>25) {
    echo "Your names are too long!";
    }
    else
    {
    // check the maximum length of password does not exceed 25 characters and is not less than 5 characters
    if (strlen($pswd)>16||strlen($pswd)<6) {
    echo "Passwords must be between 6 and 16 characters!";
    }
    else
    {
    //encrypt password
    $pswd = md5($pswd);
    $pswd2 = md5($pswd2);
    $query = mysql_query("INSERT INTO users VALUES ('','$un','$fn','$ln','$em','$pswd','$d','0','Write something about yourself.','','','no')");
    die("<h2>Welcome to our community!</h2>Login to your account to begin your journy...");
    }
    }
    }
    else {
    echo "Your passwords don't match!";
    }
    }
    else
    {
    echo "Please fill in all of the fields";
    }
    }
    else
    {
     echo "Sorry, but it looks like someone has already used that email!";
    }
    }
    else
    {
    echo "Username already taken ...";
    }
    }
    else {
    echo "Your E-mails don't match!";
    }
    }
?>
<div class="container" style="width:1000px; margin:0 auto; padding-top:25px;">
    <div id="home">
    <table>
        <tr>
        <td width="50%" valign="top">
            <h2>Welcome back! Login here!</h2>
            <input type="text" name="email" size="25" placeholder="E-Mail Address" /><br /><br />
            <input type="password" name="pass" size="25" placeholder="Password" /><br /><br />
        </td>
        <td width="50%" valign="top">
            <h2>Welcome! Register for free!</h2>
            <form action="#" method="post">
                <input type="text" size="40" name="fname"  class="auto-clear" title="First Name" placeholder="First Name" value="<? echo $fn; ?>"><p />
                <input type="text" size="40" name="lname" class="auto-clear" title="Last Name" placeholder="Last Name" value="<? echo $ln; ?>"><p />
                <input type="text" size="40" name="username" class="auto-clear" title="Username" placeholder="Username" value="<? echo $un; ?>"><p />
                <input type="text" size="40" name="email" class="auto-clear" title="Email" placeholder="Email Address" value="<? echo $em; ?>"><p />
                <input type="text" size="40" name="email2" class="auto-clear" title="Repeat Email" placeholder="Email Address" value="<? echo $em2; ?>"><p />
                <input type="password" size="40" name="password" value="Password ..."><p />
                <input type="password" size="40" name="password2" value="Password ..."><p />
                <input type="submit" name="reg" value="Sign Up!">
            </form>
            <!-- <select name="gender">
                <option value="" disabled selected>Gender</option>
                <option value="male">Male</option>
                <option value="female">Female</option>
            </select><br /><br /> -->
        </td>
        </tr>
    </table>
    </div>
</div>

<?php require_once './template/footer.php'; ?>

Connection:

<?php
mysql_connect("localhost","root","");
mysql_select_db("HBN") or die("Couldn't connect to database!")
?>

Thank you guys in advance!

Manikiran
  • 2,618
  • 1
  • 23
  • 39
HoogleyBoogley
  • 340
  • 2
  • 14
  • 4
    You might want to hide your login credentials. – kzhao14 Nov 18 '16 at 03:32
  • Also, you might want to start using password hashing. – kzhao14 Nov 18 '16 at 03:35
  • 1
    mysql insert debugging 101 - `mysql_error()`, ie `$query = mysql_query("INSERT INTO users ...") or die(mysql_error());` – Sean Nov 18 '16 at 03:38
  • @Sean your error_log should already contain any errors, as to save space. – kzhao14 Nov 18 '16 at 03:39
  • @k97513 true, but not all hosts allow access to error_log, and new users sometimes need to learn the basics of error reporting during development. – Sean Nov 18 '16 at 03:40
  • you might want to start formatting your code – e4c5 Nov 18 '16 at 03:46
  • Please [edit] your question and include your code _directly_. If you select the code block and click `{}` or press Ctrl+K you'll get nice formatting. – ChrisGPT was on strike Nov 18 '16 at 03:54
  • If this is new code please stop using the `mysql_*` functions immediately. They were deprecated in PHP 5.5, which is so old it no longer even receives security updates, and completely removed in PHP 7. Instead, use PDO or `mysqli_*`. See http://stackoverflow.com/q/12859942/354577 for details. – ChrisGPT was on strike Nov 18 '16 at 03:55
  • 1
    MD5 is hopelessly broken. Instead of manually hashing passwords with an obsolete algorithm read up on [`password_hash`](https://secure.php.net/manual/en/function.password-hash.php) and [`password_verify`](https://secure.php.net/manual/en/function.password-verify.php). – ChrisGPT was on strike Nov 18 '16 at 03:57
  • @Chris I think I'm edit her on PHP 5.4 or 5.6 I'll have to check. – HoogleyBoogley Nov 18 '16 at 04:06

1 Answers1

0

You need to tell SQL what table columns to add the values to. So, instead of writing 

"INSERT INTO users VALUES ('','$un','$fn','$ln','$em','$pswd','$d','0','Write something about yourself.','','','no')"

You want to write

"INSERT INTO users (col1,col2,col3,col4,col5...) VALUES ('','$un','$fn','$ln','$em','$pswd','$d','0','Write something about yourself.','','','no')"
kzhao14
  • 2,470
  • 14
  • 21
  • `INSERT INTO users (table VALUES (...)` is invalid syntax – Sean Nov 18 '16 at 03:39
  • My internet is really slow right now, I don't know why but it warped when I posted it. Fixed now. – kzhao14 Nov 18 '16 at 03:40
  • @HoogleyBoogley What do you have for your `INSERT` code now? – kzhao14 Nov 19 '16 at 20:48
  • You do not need to put quotes around the table names. Simply type their names as such: `INSERT INTO table (username,password...)`. Also, your `$gender` is missing a `$`. – kzhao14 Nov 19 '16 at 21:09
  • Have you changed it? On the pastebin it's still the same. Also, check your error_log for any PHP errors – kzhao14 Nov 20 '16 at 04:02
  • @k97513 How would I get to that? – HoogleyBoogley Nov 20 '16 at 14:08
  • If you're hosting your website locally or have a setting set to where files called "error_log" will not show up, then use `or die(mysql_error)` such as `mysql_query(...) or die(mysql_error)`. – kzhao14 Nov 23 '16 at 02:48