php - register including post fail
632
I am trying to build a login system with registration etc. now for the registration i use a form and the method "post". Now it fails in what i think is sending the input trough the post. can you help me fix it? here is the code involved in it:
above !doctype
<?php
include('connect.php');
// If the values are posted, insert them into the database.
if (isset($_POST["username"]) && isset($_POST["password"])){
$username = $_POST["username"];
$email = $_POST["email"];
$password = $_POST["password"];
$query = "INSERT INTO `user` (username, password, email) VALUES ($username, $password, $email)";
$result = mysqli_query($query);
if($result){
$msg = "User Created Successfully.";
}
else
{echo "fail";}
}
?>
the form:
<div class="register-form">
<?php
if(isset($msg) & !empty($msg)){
echo $msg;
}
?>
<h1>Registreer</h1>
<form action="" method="POST">
<p><label>User Name : </label>
<input id="username" type="text" name="username" placeholder="username" /></p>
<p><label>E-Mail : </label>
<input id="password" type="email" name="email" required placeholder="[email protected]" /></p>
<p><label>Password : </label>
<input id="password" type="password" name="password" placeholder="password" /></p>
<a href="login.php">Login</a>
<input type="submit" name="submit" value="Registreer" />
</form>
</div>
The connect.php
<?php
$servername = "localhost";
$username = "sqluser";
$password = "Welkom01!";
$dbname = "users";
$connection = mysqli_connect($servername, $username, $password);
if (!$connection){
die("Database Connection Failed". mysqli_error($connection));
}
$select_db = mysqli_select_db($connection, $dbname);
if (!$select_db){
die("Database Selection Failed" . mysqli_error($connection));
}
?>
Thanks in advance.
Answer
Solution:
and without marking it as an edit under your newly edited question, should anyone wonder why the answer.
Since we're more than likely dealing with strings
needs to be wrapped inside quotes:
you also need to pass DB connection to your query
$result = mysqli_query($query);
Edit: (you added your DB connection code after)
Since you've not shown what your DB connection is, this would be something like
plus, adding
or die(mysqli_error($connection))
tomysqli_query()
You also have a missing
&
inif(isset($msg) & !empty($msg)){
which should read asif(isset($msg) && !empty($msg)){
Use , or , they're much safer.
Passwords
I also noticed that you may be storing passwords in plain text. This is not recommended.
Use one of the following:
function.
Other links: