0

data not registered(inserted) in sql using php

I used same version of xampp though.....we are in a project and the code easily allow data to be inserted when I used my friend laptop(same xampp,same code) but when I register(try to register) ,it doesn't show any errors and the data is not registered... the code even display error message such as username required!!! etc when empty. my code $username = ""; $batch = ""; $errors = array(); /*if( ! empty( $_POST )) { print_r($_POST);}*/ //connect to the database $db = mysqli_connect('localhost', 'root', '', 'registration'); /*if($db->connect_error){ echo'sorry'; }*/ //if register button is clicked //link with the register if(isset($_POST['register'])){ $username = $_POST['username']; $batch = $_POST['batch']; $password_1 = $_POST['password_1']; $password_2 = $_POST['password_2']; $hash = md5(rand(0,1000)); if(empty($username)){ array_push($errors,"Username is required!!!"); } if(empty($batch)){ array_push($errors,"Batch is required!!!"); } if(empty($password_1)){ array_push($errors,"Password is required!!!"); } if($password_1 != $password_2) { array_push($errors,"password do not match!!!"); } //if no error save user to database if (count($errors)==0) { $password = md5($password_1);//encrypt password before storing in database(security) $sql = "INSERT INTO users (username, batch, password_1, password_2,hash) " . "VALUES ('$username','$batch','$password_1','$password_2', '$hash')"; $_SESSION['username'] = $username; $_SESSION['success'] = "you are now registered ^_^"; header('location: index.php'); //redirect to home page } }

17th Jun 2017, 4:24 PM
Ashish Neupane
Ashish Neupane - avatar
1 ответ
0
you never pass the command in $sql to your database. that's probably why it's not working. also for security reasons you might want to escape any passed string (username etc) with mysqli_real_escape_string(). otherwise it would be easy to use sql injections and mess with your database ;)
17th Jun 2017, 6:55 PM
Mario L.
Mario L. - avatar