Registration form

system · September 18, 2013, 3:58am

<?php include '../header.php'; ?>

<div id="title">
	<div class="inner">
		
		<h1>Account Registration</h1>
	</div>
</div>	
  
<div id="content">

	<div class="container inner">
			<h3>Please Fill Out Information Below</h3>
			
			<form action="" method="POST">
				<div><label>Email Address</label>
				<input type="text" name="login_email" id="login_email" value=""></div>
				<div><label>Choose a password</label>
				<input type="password" name="login_password" id="login_password" value=""></div>
				<div><label>Re-enter password</label>
				<input type="password" name="confirm" id="pass_confirm" value=""></div>
				<div><label>First Name</label>
				<input type="text" name="first_name" id="first_name" value=""></div>
				<div><label>Last Name</label>
				<input type="text" name="last-name" id="last_name" value=""></div>
				<div><label>Address line 1</label>
				<input type="text" name="address-one" id="address_one" value=""></div>
				<div><label>Address line 2</label>
				<input type="text" name="address_two" id="address_two" value=""></div>
				<div><label>Town/City</label>
				<input type="text" name="town_city" id="town_city" value=""></div>
				<div><label>County</label>
				<input type="text" name="county_option" id="county_option" value=""></div>
				<div><label>Postcode</label>
				<input type="text" name="post_code" id="post_code" value=""></div>
				<div><label>Phone number</label>
				<input type="text" name="phone_number" id="phone_number" value=""></div>
				<p></p>
				<p></p>
				<p></p>
				<p></p>
				<p> Please review your details above are correct and make sure you Agree to Terms & Conditions.</p>
				<p> All Users must be 18 or Over
				<p></p>
				<p></p>
				
				<p> I Agree With Terms & Conditions</p>
				
				<td><input type="submit" name="submit" id="submit" class="button" value= "Create account"/></td>
				<?php
				
				
				
				mysql_connect('localhost', 'root', 'root') or die("I couldn't connect to your database, please make sure your info is correct!"); 
				mysql_select_db('accounts') or die("I couldn't find the database table make sure it's spelt right!");
				mysql_query ("INSERT INTO users(first_name, last_name, login_email , login_password, confirm, birthdate, address_one, address_two, town_city , county_option, post_code ,phone_number ) VALUES('login_email','login_password','confirm','first_name','last_name','address_one','address_two','town_city','county_option','post_code','phone_number')")      
				
				or die("NOPE");

?>

			</form>
	
	</div>
</div>

<?php include '../footer.php'; ?>

I really don’t understand but it doesn’t work ,the form doesn’t submit data ,if anyone could help please help me I’ve spent days trying to figure this out . Thank you so much in advance

JimL · September 18, 2013, 5:35am

Where do you fetch the posted data?

If this is all your code then this is what’s wrong:

[php]mysql_query (“INSERT INTO users
(first_name, last_name, login_email , login_password, confirm, birthdate, address_one, address_two, town_city , county_option, post_code ,phone_number )
VALUES (‘login_email’,‘login_password’,‘confirm’,‘first_name’,‘last_name’,‘address_one’,‘address_two’,‘town_city’,‘county_option’,‘post_code’,‘phone_number’)”)[/php]

When data is sent as post they are automagically added to the global $_POST array. In the query you just have a bunch of strings, so you aren’t doing anything but trying to add these strings to your db.

[php]mysql_query (“INSERT INTO users
(first_name, last_name, login_email , login_password, confirm, birthdate, address_one, address_two, town_city , county_option, post_code ,phone_number )
VALUES ($_POST[‘login_email’], $_POST[‘login_password’], $_POST[‘confirm’], $_POST[‘first_name’], $_POST[‘last_name’], $_POST[‘address_one’], $_POST[‘address_two’], $_POST[‘town_city’], $_POST[‘county_option’], $_POST[‘post_code’], $_POST[‘phone_number’])”)[/php]

Note that this code is wide open for sql injection (hacking). Anyone will be able to read your entire database.

Please change to mysqli or pdo, with parameterized queries.

richei · September 18, 2013, 5:52am

Because the query is being run without any information being submitted. 2 changes need to be made,

1 add an if(isset($ Because the query is being run without any information being submitted. 2 changes need to be made,

1 add an if(isset($_post) statement to detect the submission and
2 change NOPE to mysql_error().