Not able to enter data in database

Question

here is my php code:-

<?php
$servername="localhost";
$username="root";
$password="";
$db_name="login";

//Create connection
$conn=new mysqli($servername,$username,$password,$db_name);

$db=mysql_select_db($conn,$db_name);
//check connection

if($db)
{

echo"Conneceted successfully";

$username=$_POST['username'];
$password=$_POST['password'];
$fname=$_POST['First_Name'];
$sname=$_POST['Second_Name'];

$query=mysqli_query($conn,"insert into           accounts(First_Name,Second_Name,email_id,password)        VALUES('".$fname."','".$sname."','".$username."','".$password."')");
 }
else{

echo "notdone".mysql_error($conn);
}


?>

and here is my html code:-

<html>
<head>

</head>
<body>
<form action="database\signup.php" method="post">
Email id:<input type="text" name="username"><br>
Password:<input type="text" name="password"><br>
First Name:<input type="text" name="First_Name"><br>
Second Name<input type="text" name="Second_Name"><br>
<input type="submit">
</form>

</body>


</html>

When i am filling the form and submitting I am getting output 'notdone' and these are the two warnings which i am getting:-

Warning: mysql_error() expects parameter 1 to be resource, object given in C:\wamp64\www\mywebsite\database\signup.php on line 27

Warning: mysql_select_db() expects parameter 1 to be string, object given in C:\wamp64\www\mywebsite\database\signup.php on line 10

Please can any one help what wrong i am doing here?

You cannot mix mysql_* with mysqli_*. They're entirely different libraries. Please [don't use `mysql_*`](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php?rq=1); the `mysql_*` functions are outdated, [deprecated](http://us3.php.net/manual/en/intro.mysql.php), and insecure. Use [`MySQLi`](http://us3.php.net/manual/en/book.mysqli.php) or [`PDO`](http://us3.php.net/manual/en/intro.pdo.php) instead. — elixenide, Jan 03 '17 at 06:56
and besides you really really dont' want to create a home made login system — e4c5, Jan 03 '17 at 06:57
Also, you are wide open to [**SQL injection**](https://www.owasp.org/index.php/SQL_Injection). You need to use prepared statements, rather than concatenating variables into your query. See [How can I prevent SQL injection in PHP?](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php?rq=1). — elixenide, Jan 03 '17 at 06:57
**WARNING**: Writing your own access control layer is not easy and there are many opportunities to get it severely wrong. This has many dangerous [SQL injection vulnerabilities](http://bobby-tables.com/) since you didn’t [properly escape values](http://bobby-tables.com/php). This code allows *anyone* to get *anything* from your site. **DO NOT** write your own authentication system. Any [development framework](http://codegeekz.com/best-php-frameworks-for-developers/) like [Laravel](http://laravel.com/) comes with an [authentication system](https://laravel.com/docs/5.3/authentication) built-in. — tadman, Jan 03 '17 at 06:59

skull_king · Answer 1 · 2017-01-03T09:53:32.290

0

You should completely use mysqli_* functions. Don't mix mysql_* with mysqli_*

use below for checking connection:

if($conn->connect_errno > 0){
    die('Unable to connect to database [' . $conn->connect_error . ']');
}

remove

$db=mysql_select_db($conn,$db_name);

as db is already selected in new mysqli call.

Also remove

else{

echo "notdone".mysql_error($conn);
}

Hope it resolves your problem

edited Jan 03 '17 at 09:53

answered Jan 03 '17 at 07:02

skull_king

70
8

Hardik Kalathiya · Answer 2 · 2017-01-04T04:03:25.527

Plrase try it once..

HTML HTML

  <form method="POST">
            Email id:<input type="text" name="username"><br>
            Password:<input type="text" name="password"><br>
            First Name:<input type="text" name="First_Name"><br>
            Second Name<input type="text" name="Second_Name"><br>
            <input type="submit" name="save">
        </form>

PHP

    //Create connection
    $db = mysqli_connect($servername, $username, $password, $db_name);

    //check connection
    if ($db) {
        echo"Conneceted successfully";
    }

    if (isset($_POST['save'])) {
        $username = $_POST['username'];
        $password = $_POST['password'];
        $fname = $_POST['First_Name'];
        $sname = $_POST['Second_Name'];

        $query = "insert into accounts(First_Name,Second_Name,email_id,password) VALUES('" . $fname . "','" . $sname . "','" . $username . "','" . $password ."'";
        $insert = mysqli_query($db, $query);
    }

if($insert){
echo "Record Inserted";
}
 else {
        echo "Error";
    }
    ?>

There is some error in your query, Please check it for the same,, There is no primary key mention

I have update the code – Hardik Kalathiya Jan 04 '17 at 04:03 — Hardik Kalathiya, Jan 04 '17 at 04:03
@pawan Would you please check ti once – Hardik Kalathiya Jan 04 '17 at 04:04 — Hardik Kalathiya, Jan 04 '17 at 04:04

Not able to enter data in database

2 Answers2