Reputation: 61
mysqli code will not send to database
I have searched on here tirlessly and can not seen to find a solution to getting my code to work, i am trying to create a simple sign up system for member to join my website but i can not seen to get my php code to send to the database i have set up, here is the code.
<?php require 'lpgamers/connections/connect.php'; ?>
<?php
if(isset($_POST['Register'])) {
session_start();
$FName = $_POST['First_Name'];
$LName = $_POST['Last_Name'];
$Email = $_POST['Email'];
$PW = $_POST['Password'];
$sql = $con->query("INSERT INTO lpg-user-db (Fname, Lname, Email, Password)Values('{$FName}', '{$LName}', '{$Email}', '{$PW}')");
}
?>
<div class="rightbody">
<form id="registerform" name="registerform" method="post">
<div class="formelement">
<input name="First_Name" type="text" required class="tfield" id="First_Name" placeholder="First Name">
</div>
<div class="formelement">
<input name="Last_Name" type="text" required class="tfield" id="Last_Name" placeholder="Last Name">
</div>
<div class="formelement">
<input name="Email" type="email" required class="tfield" id="Email" placeholder="Email">
</div>
<div class="formelement">
<input name="Password" type="password" required class="tfield" id="Password" placeholder="Password">
</div>
<div class="formelement">
<input name="Register" type="submit" class="button" id="Register" value="Register">
</div>
</form>
I also have a connect file that is required and i have this set up and this does connect to my database
<?php
$con = mysqli_connect("localhost", "root", "", "lpgamers-user-db");
if (mysqli_connect_errno()) {
printf('Connect failed: %s\n', mysqli_connect_error());
exit();
}
?>
am i doing somthing wrong here or is this just a database problem, i am using a wamp server at this moment for testing ?.
Thanks in advance Rob.
Upvotes: 4
Views: 58
Answers (1)
Reputation: 74217
mysqli_error($con) should have thrown you an error for this, but you didn't check for errors.
Your lpg-user-db table in
INSERT INTO lpg-user-db
contains hyphens and MySQL is interpreting that as lpg MINUS user MINUS db, in thinking you want it to do math.
The table name would require to have ticks around it:
INSERT INTO `lpg-user-db`
Either do that, or replace them with underscores and renaming it:
INSERT INTO lpg_user_db
References:
- http://php.net/manual/en/mysqli.error.php
- http://dev.mysql.com/doc/refman/5.7/en/identifier-qualifiers.html
Sidenote: If there are any constraints in your table, mysqli_error($con) will inform you of it.
If the data you are trying to input contains characters that MySQL will complain about and for example John's Bar & Grill, then you will need to escape your data; something you should be doing anyway.
$FName = mysqli_real_escape_string($con, $_POST['First_Name']);
and doing the same for the other POST arrays.
You're also open to an SQL injection, use a prepared statement.
Passwords
I also noticed that you may be storing passwords in plain text. This is not recommended.
Use one of the following:
- CRYPT_BLOWFISH
crypt()bcrypt()scrypt()- On OPENWALL
- PBKDF2
- PBKDF2 on PHP.net
- PHP 5.5's
password_hash()function. - Compatibility pack (if PHP < 5.5) https://github.com/ircmaxell/password_compat/
Other links:
Upvotes: 2
Related Questions
- Why isn't my code posting data from my database?
- Data Not Going Into Database
- Code won't insert into database
- PHP not inserting data into MYSQLi
- PHP / Mysqli Insert Statement isn't writing to database
- Data not being submited to SQL Database using MySQLi and PHP
- query not sending to database
- PHP Code Not Entering Data Into Database
- PHP mysqli does not insert into database
- MYSQLI not putting data into the database