I keep getting an error on my registration form action page?

Question

This is my index.php page that contains the form itself:

<html>
<body>

<form action="registeraction.php" method="post">
First Name: <input type="text" name="fname"><br>
Last Name: <input type="text" name="lname"><br>
Email Address: <input type="text" name="emaddress"><br>
Confirm Email Address: <input type="text" name="confirmemaddress"><br>
Password: <input type="password" name="pword"><br>
Confirm Password: <input type="password" name="confirmpword"><br>
<input type="submit">
</form>

</body>
</html>

This is my registeraction.php page that processes the form:

<?php
$con=mysqli_connect("localhost", "root", "", "registration_info");
//Check Connection
if (mysqli_connect_errno ())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}

mysqli_query($con,"INSERT INTO Registration_Basics (fname, lname, emaddress,         
confirmemaddress, pword, confirmpword)
VALUES
('$_POST[fname]','$_POST[lname]','$_POST[emaddress]','$_POST[confirmemaddress]',           
'$_POST[pword]', '$_POST[confirmpword]')";

if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
echo "1 Record Added";

mysqli_close($con);
?>

This is the error that I get when I run the registeraction.php file with all of my info from the form: Parse error: syntax error, unexpected ';' in C:\xampp\htdocs\TutorialBoy\registeraction.php on line 11

Answer 1

Use mysqli and parametrized query:

$con=mysqli_connect("localhost", "root", "", "registration_info");
//Check Connection
if (mysqli_connect_errno ())
{
echo die("Failed to connect to MySQL: " . mysqli_connect_error());
}
$query = "
INSERT INTO Registration_Basics 
(fname, lname, emaddress, confirmemaddress, pword, confirmpword)
VALUES
(?,?,?,?,?,?)
";
if ($stmt = mysqli_prepare($con, $query)) {

    mysqli_stmt_bind_param($stmt, "ssssss", $_POST['fname'], $_POST['lname'],$_POST['emaddress'], 
    $_POST['confirmemaddress'],$_POST['pword'], $_POST['confirmpword']);

    /* execute query */
    mysqli_stmt_execute($stmt);

    if(mysqli_affected_rows($con) > 0){
     echo "Inserted";
    }else{
     echo "Error:".mysqli_error(). " Error No:". mysqli_errno();
    }
    /* close statement */
    mysqli_stmt_close($stmt);
}

Answer 2

You are missing a closing parenthesis here:

mysqli_query($con,"INSERT INTO Registration_Basics (fname, lname, emaddress,         
confirmemaddress, pword, confirmpword)
VALUES
('$_POST[fname]','$_POST[lname]','$_POST[emaddress]','$_POST[confirmemaddress]',           
'$_POST[pword]', '$_POST[confirmpword]')"); <---- here

Update:

After your new error comment, please have a look at http://php.net/manual/en/mysqli.query.php

Your is(mysqli_query($con, $sql) call is not correct. If you look at the documentation, you should be able to fieugure it out.

Guessing that you wanted to do this:

$sql = "INSERT INTO Registration_Basics (fname, lname, emaddress,         
confirmemaddress, pword, confirmpword)
VALUES
('$_POST[fname]','$_POST[lname]','$_POST[emaddress]','$_POST[confirmemaddress]',           
'$_POST[pword]', '$_POST[confirmpword]')";

if (!mysqli_query($con, $sql))
{
  die('Error: ' . mysqli_error($con));
}

Answer 3

replace your query by this

  $sql =   mysqli_query($con,"INSERT INTO Registration_Basics (fname, lname, emaddress,         
 confirmemaddress, pword, confirmpword)
    VALUES
  ('".$_POST['fname']."','".$_POST['lname']."','".$_POST['emaddress']."','".$_POST['confirmemaddress']."',           
 '".$_POST['pword']."', '".$_POST['confirmpword']."') ");

you have to escape all you variables before inserting them to query.

Answer 4

This line should be...

mysqli_query($con,"INSERT INTO Registration_Basics (fname, lname, emaddress,confirmmaddress, pword, confirmpword) VALUES ('$_POST[fname]','$_POST[lname]','$_POST[emaddress]','$_POST[confirmemaddress]', $_POST[pword]', '$_POST[confirmpword]')");

You were missing a bracket