CODEWITHSUNDEEP
phpmysql
RepeaterCreeper
RepeaterCreeper

Reputation: 342

ERROR: Inserting data into mySQL

I don't know what I'm doing wrong but it's not inserting the data I want it to put into the database. No code error is being given to me except the one that I have created mysql such as the 'Error Inserting' and stuff like that. I also have done lots of a Google searches about login sources and try to see what the difference is but it's no use. I can't find what's wrong! Please help.

<?php
include_once('connect.php')

$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];

if (isset($_POST['dalol'])){
    test();
}

function test(){
    $sql = "INSERT INTO members (username, email, password) VALUES ('".$GLOBALS['username']."','".$GLOBALS['email']."','".$GLOBALS['password']."')";
    if (mysql_query($sql)){
        echo '<p>Successfully Executed!</p>';
    } else {
        echo '<p>Failed!</p>';
    }
}
?>
<!DOCTYPE html>
<html>
<head>
    <title>Insert Test</title>
</head>
<body>
    <form>
        Username: <input type="text" name="username"/><br>
        Email: <input type="email" name="email"/><br>
        Password: <input type="password" name="password"/><br>
        <input type='submit' name='dalol'/>
    </form>
</body>

Upvotes: 1

Views: 660

Answers (3)

Isvaldo Fernandes
Isvaldo Fernandes

Reputation: 92

You can use global variables !

that is way:

<?php
function test(){
global $username,$email,$password;
$sql = "INSERT INTO members (username, email, password) VALUES ('".$username."','".$email."','".$password."')";
    if (mysql_query($sql)){
        echo '<p>Successfully Executed!</p>';
    } else {
        echo '<p>Failed!</p>';
    }
} ?>

Prevent sql injection

 <?php
    $username = mysql_real_escape_string($_POST['username']);
    $email = mysql_real_escape_string($_POST['email']);
    $password = mysql_real_escape_string($_POST['password']);
     ?>

Upvotes: 1

Code Lღver
Code Lღver

Reputation: 15593

As all the variables are on same page so you can access the variables without global variable:

Use this:

$sql = "INSERT INTO members (username, email, password) VALUES ('".$username."','".$email."','".$password."')";

And you need to give the method in form tag to as by default it will be get type:

make change in form tag.

<form method="POST">

You need to give the method in form tag as POST because of you are getting the data by POST if you will not give the method then it will be consider it as GET method.

Upvotes: 0

Sougata Bose
Sougata Bose

Reputation: 31749

It is happening because of the scope of variables.Try with - 

test($username, $email, $password);

And

function test($uname, $email, $password) {
    $sql = "INSERT INTO members (username, email, password) VALUES ('".$uname."','".$email."','".password'."')";
    if (mysql_query($sql)){
        echo '<p>Successfully Executed!</p>';
    } else {
        echo '<p>Failed!</p>';
    }
}

Use mysqli or PDO instead of mysql.

Upvotes: 0

Related Questions