-1

I have created a webpage named Register.php which should insert data into my database. The problem with this is that the registration page works but then when I try to log in the information was not added into my database is there anything that I did wrong that I cannot find? 

<?php
    echo "<h1>Register</h1>";
    $submit = $_POST['submit'];
    //form data
    $FullName = strip_tags($_POST['FullName']);
    $UserName = strip_tags($_POST['UserName']);
    $Password = strip_tags($_POST['Password']);
    $RepeatPassword = strip_tags($_POST['RepeatPassword']);
    if ($submit)
    {   
        //open database
        $connect = mysql_connect("localhost","root","");
        mysql_select_db("cs266db_db1");

        $namecheck = mysql_query("SELECT UserName FROM user_ID WHERE UserName='$UserName'");
        $count = mysql_num_rows($namecheck);
        if ($count!=0)
        {
            die("UserName already taken");
        }       
        //check for existence
        if($FullName&&$UserName&&$Password&&$RepeatPassword)
        {        
            //check password and repeat password match
            if($Password==$RepeatPassword)
            {         
                //check length of username and fullname
                if (strlen($UserName) > 25 || strlen($FullName)>25)
                {
                    echo "Length of username or fullname is over 25 characters!";
                }
                else {
                   //check password
                   if(strlen($Password)>25 || strlen($Password) < 6) {
                     echo "Password must be between 6 and 25 characters";
                   } else {              
                        //encrypt password
                        $Password = md5($Password);
                        $RepeatPassword = md5($RepeatPassword);                              
                        $queryreg = mysql_query("INSERT INTO user_id VALUES (FullName='".$FullName."',UserName='".$UserName."',Password='".$Password."'");             
                    }
                   die("You have been registered <a href='index1.php'> Return to Login Page </a>");          
                }           
            }
            else{
                echo "Your passwords do not match";
            }        
        } else {
           echo "Please fill in all fields!";    
        }  
    }
?>

<html>    
<form action="register.php" method="POST">
<table>
    <tr>
        <td>
            Your full name:
        </td>
        <td>
            <input type="text" name="FullName" value="<?php echo $FullName ?>">
        </td>
    </tr>
    <tr>
        <td>
            Choose a username:
        </td>
        <td>
            <input type="text" name="UserName" value="<?php echo $UserName ?>"> 
        </td>
    </tr>
    <tr>
        <td>
            Choose a password:
        </td>
        <td>
            <input type="password" name="Password">
        </td>
    </tr>
    <tr>
        <td>
            Repeat your password:
        </td>
        <td>
            <input type="password" name="RepeatPassword">
        </td>
    </tr>
</table>        
  <br>
   <input type="submit" name="submit" value="Register">                
</form>    
</html>

Im getting an error of this as well(I am running on netbeans):

Notice: Undefined index: submit in C:\Xampp\htdocs\Resume_DB\register.php on line 4 Notice: Undefined index: FullName in C:\Xampp\htdocs\Resume_DB\register.php on line 7 Notice: Undefined index: UserName in C:\Xampp\htdocs\Resume_DB\register.php on line 8 Notice: Undefined index: Password in C:\Xampp\htdocs\Resume_DB\register.php on line 9 Notice: Undefined index: RepeatPassword in C:\Xampp\htdocs\Resume_DB\register.php on line 10

Does this have to do with my problem of insertion? If so can you help! Please and thank you!

Improve this question
4
  • 6
    WARNING: If you're just learning PHP, please, do not learn the obsolete mysql_query interface. It's awful and has been removed in PHP 7. A replacement like PDO is not hard to learn and a guide like PHP The Right Way helps explain best practices. Your user parameters are not properly escaped and you have severe SQL injection bugs here. Commented Apr 19, 2016 at 3:22
  • 5
    WARNING: Writing your own access control layer is not easy and there are many opportunities to get it severely wrong. Please, do not write your own authentication system when any modern development framework like Laravel comes with a robust authentication system built-in. At the absolute least follow recommended security best practices and never store passwords as plain-text. Commented Apr 19, 2016 at 3:22
  • Your insert syntax is incorrect. Commented Apr 19, 2016 at 3:24
  • 3
    It's sort of good that this isn't working because if it was working it would do the exact opposite of what you intend: Instead of locking people out of your system with a password it lets anyone take over your system completely and get whatever they want out of your database. Commented Apr 19, 2016 at 3:27

1 Answer 1

Reset to default
0

I don't think the the way you run the insert is even valid in MySql, I just tried it on my MySql on wamp and the line does not return error but all the values that are been insert are NULL I'm talking about this line

insert into tmp_table values (`field_1`='value_1', `field_2`='value_2', `field_3`='value_3' ...)

Do you get empty rows in your DB or no rows at all ?

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.