php - Canit insert into my MYSQL table


I am trying to make a registration form in which I have connected to the database and it can also check whether the username is unique or not but unfortunately, I can't insert the new data in my table. I would really appreciate if anyone could help me with this.

error_reporting(E_ALL ^ E_DEPRECATED);
include ''; 
if(isset($_POST['submit'])) {
    $username = mysql_real_escape_string($_POST['username']);
    $password = mysql_real_escape_string($_POST['password']); 
    $password2 = mysql_real_escape_string($_POST['password2']);       
    $firstname = mysql_real_escape_string($_POST['firstname']);
    $lastname = mysql_real_escape_string($_POST['lastname']);

    //md5 password
    $password_hash = md5($password);

    //check to see if the fields are empty
    if(empty($username) || empty($password)|| empty($firstname)|| empty($lastname)) {
        echo "Not all fields filled!<br /><br />";

    //check if password is equal

    if($password != $password2) {
        echo "Your Passwords Do Not Match.<br />";
    } else { 
        $query = "SELECT `username` From `users` WHERE username='$username'"; 
        $result = mysql_query($query);

        if(mysql_num_rows($result) ==1) { 
            echo "Sorry, that user has already exists.";
        } else {
            $query1= mysql_query("INSERT INTO `users` ('',username,password,firstname,lastname) VALUES ('','$username',     '$password_hash', '$firstname', '$lastname'");
            if($result1 = mysql_query($query1)) {
                echo "Registered Successfully";
            } else {
                echo "Sorry, You could not Register";           

<form action="" method="POST">
    Username:<br />
    <input type="text" name="username" /><br /><br />        

    Password:<br />
   <input type="password" name="password" /><br /><br />

    Confirm Password:<br />
    <input type="password" name="password2" /><br /><br />

    First Name:<br />
    <input type="text" name="firstname" /><br /><br />

    Last Name:<br />
    <input type="text" name="lastname" /><br /><br />

    <input type="submit" value="Register" name="submit" />



Your INSERT statement is missing a closing parenthesis.

$query1= mysql_query("INSERT INTO ... '$lastname'");

$query1= mysql_query("INSERT INTO ... '$lastname')");

By the way, I find it easier when doing a single-row INSERT to use an alternative syntax, so the column names and the value are matched up:

$query1= mysql_query("INSERT INTO `users` SET

That's easier to make sure you have the columns matched up to the right variables. Also there's no closing parenthesis to worry about.

See for details on this syntax.

You should also abandon the deprecated mysql extension, and use PDO instead. Read this nice tutorial:

And Jay Blanchard is correct that your code is insecure. Security, like correctness, is not an add-on feature. You mention you are a beginner, but you should not start developing bad habits. Read




Try using

$query1= mysql_query("INSERT INTO users (username,password,firstname,lastname) VALUES ('$username', '$password_hash', '$firstname', '$lastname'");



Replace your else block with

else {
    die('Error: ' . mysql_error());
    //echo "Sorry, You could not Register";

From your comment, your INSERT QUERY is wrong. To find out what is wrong with your SQL query, addvar_export($query1, true) with die. i.e.

die('Error: ' . mysql_error().'<br>Info: '.var_export($query1, true));

My guess is that you are still using your old query which has '' as one of the column names.




You want to probably insert the user id in the database.Define it as Autoincrement e remove the blank data from the query below:


$query1= mysql_query("INSERT INTO `users` ('',username,password,firstname,lastname) VALUES ('','$username',     '$password_hash', '$firstname', '$lastname'");


$query1= mysql_query("INSERT INTO `users` (username,password,firstname,lastname) VALUES ('$username',     '$password_hash', '$firstname', '$lastname')") or die(mysql_error());

And you need also to replace the line with the codeif($result1 = mysql_query($query1)) { byif($result1) {

People are also looking for solutions to the problem: php - How to join three tables and display the result?


Didn't find the answer?

Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.

Ask a Question

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.

Similar questions

Find the answer in similar questions on our website.