View Full Version : Updating Database Help.

02-23-2010, 09:55 PM

When a user signs up to my site at /register.php?gift=11 it's supposed to take the gift from the 'gifts' with that id and insert the id, title and value into a database called 'users'.

Here is my code:

require ("connect.php");
require ("functions.php");
include ("template/template.class.php");
$template = new Template;
$template->replace("Login", file_get_contents("template/includes/login.php"));

$username = mysql_real_escape_string($_POST['username']);
$email = mysql_real_escape_string($_POST['email']);
$password = mysql_real_escape_string($_POST['password']);
$forename = mysql_real_escape_string($_POST['forename']);
$surname = mysql_real_escape_string($_POST['surname']);
$address1 = mysql_real_escape_string($_POST['address1']);
$address2 = mysql_real_escape_string($_POST['address2']);
$postcode = mysql_real_escape_string($_POST['postcode']);
$country = mysql_real_escape_string($_POST['country']);
$agree = mysql_real_escape_string($_POST['agree']);
$refer = mysql_real_escape_string($_POST['referal']);

$id = mysql_real_escape_string($_GET['id']);
$gtitle = mysql_real_escape_string($_GET['title']);
$gvalue = mysql_real_escape_string($_GET['value']);

$gval1 = mysql_query("SELECT * FROM gifts WHERE id='$gift'");
$gval2 = mysql_fetch_array($gval1);
$gtitle = $gval2['title'];
$gvalue = $gval2['amount'];

$giftid = mysql_real_escape_string($_GET['title']);
$data = "SELECT * FROM gifts WHERE title='$giftid'";
$result = mysql_query($data);
$ugift = mysql_fetch_object($result);
$gift = $data['giftID'];

$date = date('Y-m-d H:i:s');
$cpass = $_POST['confirmpassword'];
$uresult = mysql_query("SELECT * FROM users");
$unum = mysql_num_rows($uresult);
if($unum == 0){
$status = "2";
$status = "1";

if($password != $cpass){
$error = "The passwords entered do not match!";
if($username == cpanel){
$error = "Invalid Username.";
if(empty($username) || empty($email) || empty($password)){
$error = $error . "You have to fill in all the fields!";
if(strlen($password) <= 5){
$error = "Your password needs to be at least 6 characters in length!";
$result = mysql_query("SELECT * FROM users WHERE username = '$username'");
$num = mysql_num_rows($result);
if($num == 1){
$error = $error . "The username $username is already in use! Please select another!";
$result = mysql_query("SELECT * FROM users WHERE email = '$email'");
$num = mysql_num_rows($result);
if($num == 1){
$error = $error . "The email $email is already in use! Please use another!";

echo "$error";
$password = sha1($password);
mysql_query("INSERT INTO users VALUES(NULL, '$username', '$email', '$password', '$forename', '$surname', '$status', '0', '0', '0', '0', '0', '$address1', '$address2', '$postcode', '$country', '$id', '$gtitle', '$gvalue', '$refer', '$agree', '$ip')");
$result = mysql_query("SELECT * FROM users WHERE id = '$refer'");
$num = mysql_num_rows($result);
if($num == 0){

$refer = "none";
echo "You are now a registered member. You can now <a href=\"login.php\">login</a>!";
$referal = $_SESSION['refer'];
<div align="center">
<form method="POST" action=""><br/>
<?php echo "$id"; ?>
Username: <br/><input type="text" name="username" class="registerform"><br/>
E-mail: <br/><input type="text" name="email" class="registerform"><br/>
Password: <br/><input type="password" name="password" class="registerform"><br/>
Confirm Password: <br/><input type="password" name="confirmpassword" class="registerform"><br/>
First Name: <br/><input type="text" name="forename" class="registerform"><br/>
Surname: <br/><input type="text" name="surname" class="registerform"><br/>
Address 1: <br/><input type="text" name="address1" class="registerform"><br/>
Address 2: <br/><input type="text" name="address2" class="registerform"><br/>
Postcode: <br/><input type="text" name="postcode" class="registerform"><br/><br/>
Country: <br/><input type="text" name="country" class="registerform"><br/><br/>
<input type="checkbox" name="agree" value="Yes" />
I have read, understood and agree to the <a href="terms.php">Terms &amp; Conditions.</a>
<input type="submit" name="submit" value="Register">
<input type="hidden" name="referal" value="<?php $referal ?>">

Everything updates apart from $id, $gtitle and $gvalue.

What am I doing wrong?


02-23-2010, 10:22 PM
For one thing, you're not checking your queries to see if they are throwing errors.

$gval1 = mysql_query("SELECT * FROM gifts WHERE id='$gift'");
if (!$gval1) {
die("Query error! Error: ".mysql_error());

Even better, because you get to see what the actual query was:

$query = "SELECT * FROM gifts WHERE id='$gift'";
$gval1 = mysql_query($query);
if (!$gval1) {
die("Query error! Query: $query<br />Error: ".mysql_error());

I can see that your variable $gift doesn't appear to be assigned any value until AFTER you've run that query. But putting in proper error checking will tell you immediately what the real problem is.

02-23-2010, 11:04 PM
I would have ID as your very first field in the database, also I am assuming it's an auto increment? If so you leave the field blank in an INSERT query. So it'd be '',

EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum