my php form not insert to phpmyadmin

Question

Hye i have a problem with my php addadmin form. I tried several coding which i found on the internet, but most of them generate a same result, php coding dosent shows any error, but the data failed to insert into phpmyadmin database

here is my coding form

<?php
session_start();
include('function.php');
include('database.php');
checksession(899);
$userid = $_SESSION['userid'];
$query_getdetail = mysql_query("SELECT * FROM userdetail WHERE userid = $userid");
$row = @mysql_fetch_array($query_getdetail);
?>

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Admin Front Page</title>

<link href="css/bootstrap.min.css" rel="stylesheet">
<link href="css/datepicker3.css" rel="stylesheet">
<link href="css/styles.css" rel="stylesheet">

<!--Icons-->
<script src="js/lumino.glyphs.js"></script>
<script src="js/jquery-1.11.1.min.js"></script>
<script src="js/bootstrap.min.js"></script>
<script type="text/javascript" src="js/noty/packaged/jquery.noty.packaged.min.js"></script>


<!--[if lt IE 9]>
<script src="js/html5shiv.js"></script>
<script src="js/respond.min.js"></script>
<![endif]-->

</head>


<body>
    <nav class="navbar navbar-inverse navbar-fixed-top" role="navigation">
        <div class="container-fluid">
            <div class="navbar-header">
                <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#sidebar-collapse">
                    <span class="sr-only">Toggle navigation</span>
                    <span class="icon-bar"></span>
                    <span class="icon-bar"></span>
                    <span class="icon-bar"></span>
                </button>
                <a class="navbar-brand" href="#"><span>Admin</span><?php echo " " . $row['firstname'] . " " . $row['lastname']; ?></span> </a>
                <ul class="user-menu">
                    <li class="dropdown pull-right">
                        <a href="#" class="dropdown-toggle" data-toggle="dropdown"><svg class="glyph stroked male-user"><use xlink:href="#stroked-male-user"></use></svg> User <span class="caret"></span></a>
                        <ul class="dropdown-menu" role="menu">
                            <li><a href="#"><svg class="glyph stroked male-user"><use xlink:href="#stroked-male-user"></use></svg> Profile</a></li>
                            <li><a href="logout.php"><svg class="glyph stroked cancel"><use xlink:href="#stroked-cancel"></use></svg> Logout</a></li>
                        </ul>
                    </li>
                </ul>
            </div>

        </div><!-- /.container-fluid -->
    </nav>

    <div id="sidebar-collapse" class="col-sm-3 col-lg-2 sidebar">
        <form role="search">
            <div class="form-group">
                <input type="text" class="form-control" placeholder="Search">
            </div>
        </form>
        <ul class="nav menu">
            <li><a href="adminpanel.php"><svg class="glyph stroked dashboard-dial"><use xlink:href="#stroked-dashboard-dial"></use></svg> Dashboard</a></li>
            <li><a href="#"><svg class="glyph stroked calendar"><use xlink:href="#stroked-calendar"></use></svg> Message </a></li>
            <li class="active"><a href="addadmin.php"><svg class="glyph stroked male user "><use xlink:href="#stroked-male-user"/></svg> Add Admin</a></li>
            <li><a href="#"><svg class="glyph stroked table"><use xlink:href="#stroked-table"></use></svg> Events</a></li>
            <li><a href="#"><svg class="glyph stroked pencil"><use xlink:href="#stroked-pencil"></use></svg> View Members</a></li>
        </ul>

    </div><!--/.sidebar-->
    <div class="col-sm-9 col-sm-offset-3 col-lg-10 col-lg-offset-2 main">
        <div class="row">
            <ol class="breadcrumb">
                <li><a href="#"><svg class="glyph stroked home"><use xlink:href="#stroked-home"></use></svg></a></li>
                <li class="active">Add Admin</li>
            </ol>
        </div><!--/.row-->

    <div class="row">
    <div class="col-lg-12">
      <h1 class="page-header">Add Admin</h1>
    </div>
  </div><!--/.row-->

  <div class="row">
    <div class="col-lg-12">
      <div class="panel panel-default">
                <div class="panel-heading">Only add an Authorised User</div>
        <div class="panel-body">
          <div class="col-md-6">
            <form role="form">

              <div class="form-group">
                                <form action="<?php echo $_SERVER["PHP_SELF"];?>" method="post" enctype="multipart/form-data">
                <label>Username</label>
                <input class="form-control" name="new_user" required>
              </div>

              <div class="form-group">
                <label>Password</label>
                <input type="password" name="pass_1" class="form-control" required>
              </div>

              <div class="form-group">
                <label>Reconfirm Password</label>
                <input type="password" name="pass_2" class="form-control" required>
              </div>


              <button type="submit" class="btn btn-primary" id="save" name="save" value="save">Submit Button</button>
              <button type="reset" class="btn btn-default" value="reset">Reset Button</button>
            </div>
          </form>
        </div>
      </div>

    </div>

and this is my php connectivity to mysql coding

<?php
    $conn=mysql_connect("localhost", "root","")or die("Couldn't connect to the server");

    $db=mysql_select_db("fyp", $conn) or die("Couldn't connect to the database");

    if(isset($_POST['save'])){
        $user_temp = $_POST['new_user'];
        $pass1_temp = $_POST['pass_1'];
        $pass2_temp = $_POST['pass_2'];
        if($pass1_temp != $pass2_temp){
            ?>
            <script>
            alert("Passwords not matched");
            </script>

<?php
        }
        else{
            $query = mysql_query("INSERT INTO login(username,password,type) VALUES ('$user_temp', sha1('$pass1_temp'), 899) ");
            if($query){
                ?>
                    <script>
                    alert("New admin added");
                    </script>
                    <?php
                }
                else {
                }

            }
        }

        ?>

i put the php form coding and and process form coding all together in one page. If anyone can help me im so appreciate with your kindness. Thank you

[Please, don't use `mysql_*` functions in new code](http://stackoverflow.com/questions/12859942/). They are no longer maintained [and are officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). See the [red box](http://uk.php.net/manual/en/function.mysql-connect.php)? Learn about [*prepared statements*](https://en.wikipedia.org/wiki/Prepared_statement) instead, and use [PDO](http://php.net/pdo) or [MySQLi](http://php.net/mysqli) - [this article](http://php.net/manual/en/mysqlinfo.api.choosing.php) will help you decide which one is best for you. — John Conde, Feb 14 '17 at 02:02
Your script is at risk of [SQL Injection Attack](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) Have a look at what happened to [Little Bobby Tables](http://bobby-tables.com/) Even [if you are escaping inputs, its not safe!](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) Use [prepared parameterized statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php). — John Conde, Feb 14 '17 at 02:02
`sha1()`is obsolete for hashing passwords and should *not be used*. PHP provides [password_hash()](http://php.net/manual/en/function.password-hash.php) and [password_verify()](http://php.net/manual/en/function.password-verify.php), please use them. And here are some [good ideas about passwords](https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet). If you are using a PHP version prior to 5.5 [there is a compatibility pack available here](https://github.com/ircmaxell/password_compat). — John Conde, Feb 14 '17 at 02:03
Get the actual error, `if($query){ .... } else { echo mysql_error(); }` — Qirel, Feb 14 '17 at 02:03
FYI, phpmyadmin is *not* your database. MySQL is. phpmyadmin is a just a tool to make interactive with MySQL easier. — John Conde, Feb 14 '17 at 02:03
@JohnConde, in addition to that, it's being passed as a string, not a function output. — yaakov, Feb 14 '17 at 02:06

my php form not insert to phpmyadmin

0 Answers0

Linked