data not being stored in phpadmin any ideas?

Page 1 of 1

3 Replies - 490 Views - Last Post: 21 June 2011 - 05:20 PM Rate Topic: -----

#1 jcoker110  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 1
  • Joined: 21-June 11

data not being stored in phpadmin any ideas?

Posted 21 June 2011 - 03:10 PM

My page isnt getting any errors, but when i go to the phpadmin, im not seeing where the user has put in the data!! Im kinda at a stand still.. I have my database and table set up right im sure, but something is wrong, maybe another set of eyes can help me out!
index.php
<?php

?>
<html>
<p>

<head>

<LINK href="color.css" rel="stylesheet" type="text/css">



<script type="text/javascript" language="Javascript">
<!-- Copyright 2002 Bontrager Connection, LLC
//
// Type the number of images you are rotating.

NumberOfImagesToRotate = 8;

// Specify the first and last part of the image tag.

FirstPart = '<img src="pic';
LastPart = '.jpg" height="150" width="200">';

function printImage() {
var r = Math.ceil(Math.random() * NumberOfImagesToRotate);
document.write(FirstPart + r + LastPart );

}
//-->
</script>







<title>Register</title>
</head>
<h1>
     .
</h1>
<body>
<center><h2>Users Online</h2>
<script type="text/javascript" language="Javascript"><!--
printImage();
printImage();
printImage();
printImage();
//--></script>
</center>
	<h2>
		Register
	</h2>

<form action='register.php' method='POST'>

	<table>
		<tr>
			<td>
			Your full name:
			</td>

			<td>
			<input type ='text' name='fullname'>
			</td>

		</tr>
		<tr>
			<td>
			Email:
			</td>

			<td>
			<input type ='text' name='useremail'>
			</td>

		</tr>
                <tr>
			<td>
			Gender:
			</td>

			<td>
			<input type ='radio' name='gender' id='gm' value='Male'
			checked='checked' />Male
			<input type ='radio' name='gender' id='gf' value='Female'
			checked='checked' />Female
			</td>

		</tr>
		<tr>
			<td>
			Choose a User Name:
			</td>

			<td>
			<input type 'text' name='username'>
			</td>

		</tr>
		<tr>
			<td>
			Choose a Password:
			</td>

			<td>
			<input type ='password' name='password'>
			</td>
		</tr>
		<tr>
			<td>
			Reapeat Password:
			</td>

			<td>
			<input type ='password' name='repeatpassword'>
			</td>

		</tr>

		

	</table>
	<p>
	<input type='submit' name='submit' Value='Register'>

</form>





	</body>
</html>

register.php
<?php
$submit = strip_tags($_POST ['submit']);
$fullname = strip_tags($_POST ['fullname']);
$username = strip_tags($_POST ['username']);
$password = md5(strip_tags($_POST ['password']));
$repeatpassword = md5(strip_tags($_POST ['repeatpassword']));
$date = date("Y-m-d");


if ($submit) 
{
	
	if($fullname&&$username&&$password&&$repeatpassword)
	{
		if ($password==$repeatpassword)
		{
	
			if (strlen ($username)>25||strlen($fullname)>25)
			{
				echo "Max limit for username/fullname are 25 characters";
			}
			else
			{
				if (strlen ($password)>200||strlen($password)<6)
				{

				echo "Password must be between 6 and 25 characters";

				}
				else
				{
					$password = md5($password);
		            $repeatpassword = md5($repeatpassword);
                    
					//open database
					$connect = mysql_connect("localhost","facebks","brianna123");
					mysql_select_db("facebks_ingles"); //select database
					
					$queryreg = mysql_query("

('','$fullname','$username','$password','$useremail','date')

");
					
					die("You have been registerd! You will see a comfimation email!");
				}
			}
		}
		else
		{
			echo "Your passwords do not match!";
	}
		}
	else
	{
		echo"Please fill in <b>all</b> fields!";
	}

}

?>


Is This A Good Question/Topic? 0
  • +

Replies To: data not being stored in phpadmin any ideas?

#2 Duckington  Icon User is offline

  • D.I.C Addict

Reputation: 162
  • View blog
  • Posts: 588
  • Joined: 12-October 09

Re: data not being stored in phpadmin any ideas?

Posted 21 June 2011 - 03:24 PM

There's nothing in your mysql query:

queryreg = mysql_query("

('','$fullname','$username','$password','$useremail','date')

");


You would need an INSERT INTO statement in the query.

E.g.

mysql_query("INSERT INTO `users` (username, userpassword) VALUES ('$username', '$password')");

This post has been edited by Duckington: 21 June 2011 - 03:25 PM

Was This Post Helpful? 1
  • +
  • -

#3 Atli  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 3039
  • View blog
  • Posts: 4,548
  • Joined: 08-June 10

Re: data not being stored in phpadmin any ideas?

Posted 21 June 2011 - 04:59 PM

There are also a couple of other issues there.

First, the reason why you aren't getting any errors is because your code is ignoring the result of the MySQL query. The mysql_query function returns a result indicating the success of the query, which you put into a $queryreg variable. But then you just ignore it. If you want to find out whether the query failed (which you should) then you need to check the result:
$queryreg = mysql_query("...");
if ($queryreg) {
    echo "Success! Query executed without problems.";
}
else {
    echo "Failure! Query returned an error: " . mysql_error();
}

Or, if you want it simpler (and less user friendly):
$queryreg = mysql_query("...") or die(mysql_error());


Second, the way you hash you password is weird. On lines #5 and #6 you hash both the password and the password check fields, which is pointless. You are better of matching the un-hashed versions. Saves CPU cycles. - And on top of that, you hash them both again on line #32 and #33, even though you've already hashed them, and you don't even use the repeat-password field again in the code.

You would be better of doing something more along the lines of:
if ($_POST['pwd'] === $_POST['pwd-repeat']) {
    $pwdhash = hash('md5', $_POST['pwd']);

    // etc...
}
else {
    echo "Passwords don't match!";
}



Finally, you are using MD5 to hash you passwords, which is a very weak algorithm. If at all possible you should upgrade to something like SHA256, SHA512 or Whirlpool. - Notice how I use the hash() function above. It can be used to generate all of these hashes. Just replace the 'md5' with whatever you want. -- Keep in mind that you'll have to update your database to do that. (creativecoding explains how to do that in this tutorial.)
Was This Post Helpful? 2
  • +
  • -

#4 codeprada  Icon User is offline

  • Changed Man With Different Priorities
  • member icon

Reputation: 934
  • View blog
  • Posts: 2,329
  • Joined: 15-February 11

Re: data not being stored in phpadmin any ideas?

Posted 21 June 2011 - 05:20 PM

Throwing in my 2 cents...
When debugging or looking for errors start by placing 
error_reporting( E_ALL );
at the top of your script or set a error handler.

It would be injustice not to tell you that strip_tags isn't going to protect you from SQL injections. Get familiar when the SQL syntax then check out PDO. Using prepared statements makes you immune to such attacks.
Example of Prepared Statement
//A prepared statement in it's simplest form
define('HOST', 'mysql:host=HOSTSERVER;dbname=DATABASE_NAME');
define('USER', 'USERNAME');
define('PASS', 'PASSWORD');

$pdo = new PDO(HOST, USER, PASS);
$ps = $pdo->prepare("SELECT * FROM `table` WHERE `column` = :column");
$ps->bindValue('column', $_POST['column'], PDO::PARAM_STR);
$ps->execute();


For a more in-depth explanation of PDO check out Dormilich's tutorial.

One last thing... You really don't need to check if the submit button was clicked because there are ways it can be bypassed. Instead check that the values you are going to process actually have in data.

Good luck.
Was This Post Helpful? 2
  • +
  • -
Page 1 of 1