php script problem

General PHP Help
#1

iam trying to code a script which will register users. note that this has sql injection loopholes and is meant for learning purposes.my problem is that on line 18 the custom function does not print out the name of the field($ftitle) which is left empty and only shows “Not Selected”. what exactly am i doing wrong.any help would be much appreciated.[php]$name=$_POST[‘name’];
$email=$_POST[‘email’];
$pass=$_POST[‘pass’];
$salt1=“somesalt”;
$salt2=“againsomesalt”;
$querymail=“SELECT * FROM userinfo WHERE email=’$email’”;
$fname=“Name”;
$fmail=“Email”;
$fpass=“Password”;
function fieldset($field,$ftitle){
if (!isset($field)||empty($field));
die("$ftitle Not selected");
}
function adduser($querymail, $name, $email, $pass, $salt1, $salt2){

fieldset($name,$fname);
fieldset($email,$fmail);
  if (mysql_num_rows(mysql_query($querymail)) == 1){
  die("email id already exists");
	
  }
fieldset($pass,$fpass);
  $pass = md5($salt1 . $pass . $salt2);
  $query= "INSERT INTO userinfo (username,email,password,id) VALUES ('$name','$email','$pass','$id')";
		if ($query_run=mysql_query($query)){
			echo "Name is $name, email is $email and password is $pass ";
			
			}
		
		else{
		echo mysql_error();
		}

}
adduser($querymail, $name, $email, $pass, $salt1, $salt2);
?>[/php]

#2

The IF statement in fieldset has a ; instead of a { and the function doesn’t do much of anything other than kill the script. You really don’t need a function to do that tiny amout of validating.

Sponsor our Newsletter | Privacy Policy | Terms of Service