[RESOLVED] Help with adding authorized users code with php

[omarali]

Hi all

could any one what is wrong with the following code, I tried to create user authorisation to add new user to the database the problem is does not add the username and password to the database, which I created with one table called user and does not say whether or not added I did checked the table only the id incremented with empty (without username and password).
Thank you,

PHP Code:

<?php include "header.php"; ?>
<?php 

$self= $_server['php_self']; #assigning value 

$username =$_post['username'];

$password =$_post['password'];



if((!$username) and (!$_password))
{


    $form="please enter all your details";
    
    # writting the form

    $form.="<form action=\"$self\" ";

    $form.= "method=\"post\"> User Name: ";

    $form.="<input =\"text\" name = \"username\" ";

    $form.= "value\"username\"><br><br> Password:";

    $form.="<input =\"password\" name = \"password\"";

    $form.= "value\"password\"><br><br>";

    $form.="<input type = \"Submit\" value =\"Submit\">";

    $form.="</form>";

    echo($form);
}

else
{
    //connect to MySQL
    $conn = mysql_connect("localhost","root","")

    or die("Could not connecte");

    //select the database
    $db= mysql_select_db( "my_database", $conn)
    
    or die("Could not select database");

    //create SQL query
    $sql="insert into user (username,password) values ('$username','$password')";            

    //excute the query

    $rs= mysql_query($sql,$conn)
    
    or die("Could not excute query"); 

if($rs)
{    
    echo("New user $username added" );
}

}

?>

[kows]

and? what is your script returning? does it die when you try to connect? does it die when you try to select the database? does it die when it can't execute your query?

instead of executing die() to a generic message like, 'could not connect to database,' you should use mysql_error() to tell you what type of error you are returning.

example:

PHP Code:

mysql_connect("host", "username", "password") or die("could not connect! mysql said: \n\n" . mysql_error()); 


let us know what you get.

also, if you're going to be posting code, please use the appropriate tags to make it easily readable. you can enclose your code within ([php] and [/php]) tags to do so.

[penagate]

I added the [php] tags for ya.
In addition to kows' points, don't output HTML using echo like that. Instead, simply close the script block: ?>.

[penagate]

Duplicate threads merged.

[omarali]

Thank you for reply, actually no error gave just when I typing the username and password in the fields nothing happen just the typing erased. With many thanks

[kows]

did you change what I suggested in the other post you made?

also: $_password is an undefined variable. you need to change it to $password for your if statement to work. like so:

PHP Code:

if((!$username) and (!$password)) 


[omarali]

yes I did but still not workin

[kows]

well. I've had a long day, and you're not being particularly helpful when asking for help.. you have a bunch of mark up problems that could be causing the problem (I've never used spaces while defining HTML parameters, so I don't know if they would cause a problem or not), and you even have some missing definitons (<input =\"value\"? that's invalid.). so, I've made this script for you. it will give you proper errors if an error does occur and there aren't any problems with the way that it will run. if you don't have the MySQL extension enabled, then it will also end and give you an error telling you so. if this does NOT work, please tell me what errors you're returning. and make sure you update the MySQL function calls so that they reflect your MySQL server's login information and database name -- and update the $sql definition so that you have the correct table and field names being used.

PHP Code:

<?php
  include("header.php");

  //can we use mysql?
  if(!function_exists('mysql_connect')) die("MySQL extension not enabled");

  //connect to mysql server
  mysql_pconnect('host', 'username', 'password') or die(mysql_error());
  mysql_select_db('database') or die(mysql_error());

  //find our script name
  $script = $_SERVER['PHP_SELF'];
?>
<h1>user registration</h1>
<?php
  //are we being posted to?
  if($_SERVER['REQUEST_METHOD'] == "POST"){
    //yes! set our variables
    $username = (isset($_POST['username'])) ? mysql_real_escape_string($_POST['username']) : '';
    $password = (isset($_POST['password'])) ? mysql_real_escape_string($_POST['password']) : '';

    if($username != '' && $password != ''){
      //database stuff: insert a new user
      $sql = "INSERT INTO table (username, password) VALUES('$username', '$password')";
      mysql_query($sql) or die(mysql_error());
?>
<h3>thanks for registering.</h3>
<?php
    }else{
      //they didn't fill something in
      $error = true;
    }
  }
  if(isset($error) || $_SERVER['REQUEST_METHOD'] != "POST"){
    //show the form
?>
<h4>choose your desired username and password below</h4>
<?php if(isset($error)){ ?>
<h3><span style="color: #f00;">there was an error. please make sure you enter information into all fields correctly.</span></h3>
<?php } ?>
<form method="post" action="<?php echo $script; ?>">
  username: <input type="text" name="username" /><br /><br />
  password: <input type="password" name="password" /><br /><br />
  <input type="submit" value="login" />
</form>
<?php } ?>

let me know what happens. and look over the code to see what I've done that will work out better than your code. instead of defining $username and $password outright, I made sure something was posting to the script. then, I checked if the post variables 'username' and 'password' were even set. if they were set, they were stored -- otherwise, an empty value was assigned. then, I did a final check to see whether or not the values of those variables were empty or not. if they were both not empty, then we know we can insert a user. if one of them is empty, then we display an error. you should add error checking to check whether or not a username already exists though, too. otherwise, multiple users could sign up with the same username and it would be mighty confusing trying to figure out which user was which (the only separating factor in this case would be the passwords used -- and if they used the same password they would be absolutely identical).

so. just let me know if you have any errors with the script that I provided or not. if you have any questions about it at all, please ask. and don't forget to post code using the [php] and [/php] tags; it makes things a lot easier to read and help you with.

[omarali]

Hi mate

Thank you very much I do appreciated every thinks working fine thank you again. have a nice time