View Full Version : Updating Database Help.

02-23-2010, 08:55 PM

When a user signs up to my site at /register.php?gift=11 it's supposed to take the gift from the 'gifts' with that id and insert the id, title and value into a database called 'users'.

Here is my code:

require ("connect.php");
require ("functions.php");
include ("template/template.class.php");
$template = new Template;
$template->replace("Login", file_get_contents("template/includes/login.php"));

$username = mysql_real_escape_string($_POST['username']);
$email = mysql_real_escape_string($_POST['email']);
$password = mysql_real_escape_string($_POST['password']);
$forename = mysql_real_escape_string($_POST['forename']);
$surname = mysql_real_escape_string($_POST['surname']);
$address1 = mysql_real_escape_string($_POST['address1']);
$address2 = mysql_real_escape_string($_POST['address2']);
$postcode = mysql_real_escape_string($_POST['postcode']);
$country = mysql_real_escape_string($_POST['country']);
$agree = mysql_real_escape_string($_POST['agree']);
$refer = mysql_real_escape_string($_POST['referal']);

$id = mysql_real_escape_string($_GET['id']);
$gtitle = mysql_real_escape_string($_GET['title']);
$gvalue = mysql_real_escape_string($_GET['value']);

$gval1 = mysql_query("SELECT * FROM gifts WHERE id='$gift'");
$gval2 = mysql_fetch_array($gval1);
$gtitle = $gval2['title'];
$gvalue = $gval2['amount'];

$giftid = mysql_real_escape_string($_GET['title']);
$data = "SELECT * FROM gifts WHERE title='$giftid'";
$result = mysql_query($data);
$ugift = mysql_fetch_object($result);
$gift = $data['giftID'];

$date = date('Y-m-d H:i:s');
$cpass = $_POST['confirmpassword'];
$uresult = mysql_query("SELECT * FROM users");
$unum = mysql_num_rows($uresult);
if($unum == 0){
$status = "2";
$status = "1";

if($password != $cpass){
$error = "The passwords entered do not match!";
if($username == cpanel){
$error = "Invalid Username.";
if(empty($username) || empty($email) || empty($password)){
$error = $error . "You have to fill in all the fields!";
if(strlen($password) <= 5){
$error = "Your password needs to be at least 6 characters in length!";
$result = mysql_query("SELECT * FROM users WHERE username = '$username'");
$num = mysql_num_rows($result);
if($num == 1){
$error = $error . "The username $username is already in use! Please select another!";
$result = mysql_query("SELECT * FROM users WHERE email = '$email'");
$num = mysql_num_rows($result);
if($num == 1){
$error = $error . "The email $email is already in use! Please use another!";

echo "$error";
$password = sha1($password);
mysql_query("INSERT INTO users VALUES(NULL, '$username', '$email', '$password', '$forename', '$surname', '$status', '0', '0', '0', '0', '0', '$address1', '$address2', '$postcode', '$country', '$id', '$gtitle', '$gvalue', '$refer', '$agree', '$ip')");
$result = mysql_query("SELECT * FROM users WHERE id = '$refer'");
$num = mysql_num_rows($result);
if($num == 0){

$refer = "none";
echo "You are now a registered member. You can now <a href=\"login.php\">login</a>!";
$referal = $_SESSION['refer'];
<div align="center">
<form method="POST" action=""><br/>
<?php echo "$id"; ?>
Username: <br/><input type="text" name="username" class="registerform"><br/>
E-mail: <br/><input type="text" name="email" class="registerform"><br/>
Password: <br/><input type="password" name="password" class="registerform"><br/>
Confirm Password: <br/><input type="password" name="confirmpassword" class="registerform"><br/>
First Name: <br/><input type="text" name="forename" class="registerform"><br/>
Surname: <br/><input type="text" name="surname" class="registerform"><br/>
Address 1: <br/><input type="text" name="address1" class="registerform"><br/>
Address 2: <br/><input type="text" name="address2" class="registerform"><br/>
Postcode: <br/><input type="text" name="postcode" class="registerform"><br/><br/>
Country: <br/><input type="text" name="country" class="registerform"><br/><br/>
<input type="checkbox" name="agree" value="Yes" />
I have read, understood and agree to the <a href="terms.php">Terms &amp; Conditions.</a>
<input type="submit" name="submit" value="Register">
<input type="hidden" name="referal" value="<?php $referal ?>">

Everything updates apart from $id, $gtitle and $gvalue.

What am I doing wrong?


02-23-2010, 09:22 PM
For one thing, you're not checking your queries to see if they are throwing errors.

$gval1 = mysql_query("SELECT * FROM gifts WHERE id='$gift'");
if (!$gval1) {
die("Query error! Error: ".mysql_error());

Even better, because you get to see what the actual query was:

$query = "SELECT * FROM gifts WHERE id='$gift'";
$gval1 = mysql_query($query);
if (!$gval1) {
die("Query error! Query: $query<br />Error: ".mysql_error());

I can see that your variable $gift doesn't appear to be assigned any value until AFTER you've run that query. But putting in proper error checking will tell you immediately what the real problem is.

02-23-2010, 10:04 PM
I would have ID as your very first field in the database, also I am assuming it's an auto increment? If so you leave the field blank in an INSERT query. So it'd be '',