iam trying to code a script which will register users. note that this has sql injection loopholes and is meant for learning purposes.my problem is that on line 18 the custom function does not print out the name of the field($ftitle) which is left empty and only shows “Not Selected”. what exactly am i doing wrong.any help would be much appreciated.[php]$name=$_POST[‘name’];
$email=$_POST[‘email’];
$pass=$_POST[‘pass’];
$salt1=“somesalt”;
$salt2=“againsomesalt”;
$querymail=“SELECT * FROM userinfo WHERE email=’$email’”;
$fname=“Name”;
$fmail=“Email”;
$fpass=“Password”;
function fieldset($field,$ftitle){
if (!isset($field)||empty($field));
die("$ftitle Not selected");
}
function adduser($querymail, $name, $email, $pass, $salt1, $salt2){
fieldset($name,$fname);
fieldset($email,$fmail);
if (mysql_num_rows(mysql_query($querymail)) == 1){
die("email id already exists");
}
fieldset($pass,$fpass);
$pass = md5($salt1 . $pass . $salt2);
$query= "INSERT INTO userinfo (username,email,password,id) VALUES ('$name','$email','$pass','$id')";
if ($query_run=mysql_query($query)){
echo "Name is $name, email is $email and password is $pass ";
}
else{
echo mysql_error();
}
}
adduser($querymail, $name, $email, $pass, $salt1, $salt2);
?>[/php]