Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    New Coder
    Join Date
    Jul 2009
    Posts
    68
    Thanks
    1
    Thanked 1 Time in 1 Post

    Updating Database Help.

    Hey,

    When a user signs up to my site at /register.php?gift=11 it's supposed to take the gift from the 'gifts' with that id and insert the id, title and value into a database called 'users'.

    Here is my code:
    PHP Code:
    <?php
    session_start
    ();
    require (
    "connect.php");
    require (
    "functions.php");
    include (
    "template/template.class.php");
    $template = new Template;
    $template->load("template/header.php");
    $template->replace("Login"file_get_contents("template/includes/login.php"));
    $template->publish();
    if(isset(
    $_POST['submit'])){
       
       
    $username mysql_real_escape_string($_POST['username']);
       
    $email mysql_real_escape_string($_POST['email']);
       
    $password mysql_real_escape_string($_POST['password']);
       
    $forename mysql_real_escape_string($_POST['forename']);
       
    $surname mysql_real_escape_string($_POST['surname']);
       
    $address1 mysql_real_escape_string($_POST['address1']);
       
    $address2 mysql_real_escape_string($_POST['address2']);
       
    $postcode mysql_real_escape_string($_POST['postcode']);
       
    $country mysql_real_escape_string($_POST['country']);
       
    $agree mysql_real_escape_string($_POST['agree']);
       
    $refer mysql_real_escape_string($_POST['referal']);
       
       
    $id mysql_real_escape_string($_GET['id']);
       
    $gtitle mysql_real_escape_string($_GET['title']);
       
    $gvalue mysql_real_escape_string($_GET['value']);
       
       
    $gval1 mysql_query("SELECT * FROM gifts WHERE id='$gift'");
       
    $gval2 mysql_fetch_array($gval1);
       
    $gtitle $gval2['title'];
       
    $gvalue $gval2['amount'];
       
       
    $giftid mysql_real_escape_string($_GET['title']);
       
    $data "SELECT * FROM gifts WHERE title='$giftid'";
       
    $result mysql_query($data);
       
    $ugift mysql_fetch_object($result);
       
    $gift $data['giftID'];
       
       
    $date date('Y-m-d H:i:s');
       
    $ip $_SERVER['REMOTE_ADDR'];
       
    $cpass $_POST['confirmpassword'];
       
    $uresult mysql_query("SELECT * FROM users");
       
    $unum mysql_num_rows($uresult);
       if(
    $unum == 0){
          
    $status "2";
          }else{
             
    $status "1";
          }
       
       if(
    $password != $cpass){
          
    $error "The passwords entered do not match!";
       }
       if(
    $username == cpanel){
          
    $error "Invalid Username.";
       }
       if(empty(
    $username) || empty($email) || empty($password)){
          
    $error $error "You have to fill in all the fields!";
       }
       if(!isset(
    $error)){
       if(isset(
    $password)){
       if(
    strlen($password) <= 5){
          
    $error "Your password needs to be at least 6 characters in length!";
       }}}
       
    $result mysql_query("SELECT * FROM users WHERE username = '$username'");
       
    $num mysql_num_rows($result);
       if(
    $num == 1){
          
    $error $error "The username $username is already in use! Please select another!";
       }
       
    $result mysql_query("SELECT * FROM users WHERE email = '$email'");
       
    $num mysql_num_rows($result);
       if(
    $num == 1){
          
    $error $error "The email $email is already in use! Please use another!";
       }
       
       if(isset(
    $error)){
       echo 
    "$error";
       }else{
       
    $password sha1($password);
       
    mysql_query("INSERT INTO users VALUES(NULL, '$username', '$email', '$password', '$forename', '$surname', '$status', '0', '0', '0', '0', '0', '$address1', '$address2', '$postcode', '$country', '$id', '$gtitle', '$gvalue', '$refer', '$agree', '$ip')");
       
    $result mysql_query("SELECT * FROM users WHERE id = '$refer'");
       
    $num mysql_num_rows($result);
       if(
    $num == 0){
       
          
    $refer "none";
       }else{
       
    credituser($refer);
       }
       echo 
    "You are now a registered member. You can now <a href=\"login.php\">login</a>!";
          }
          }else{
             
    $referal $_SESSION['refer'];
    ?>   
          <div align="center">
          <h4>Register</h4>
          <form method="POST" action=""><br/>
          <?php echo "$id"?>
             Username: <br/><input type="text" name="username" class="registerform"><br/>
             E-mail: <br/><input type="text" name="email" class="registerform"><br/>
             Password: <br/><input type="password" name="password" class="registerform"><br/>
             Confirm Password: <br/><input type="password" name="confirmpassword" class="registerform"><br/>
             First Name: <br/><input type="text" name="forename" class="registerform"><br/>
             Surname: <br/><input type="text" name="surname" class="registerform"><br/>
             Address 1: <br/><input type="text" name="address1" class="registerform"><br/>
             Address 2: <br/><input type="text" name="address2" class="registerform"><br/>
             Postcode: <br/><input type="text" name="postcode" class="registerform"><br/><br/>
             Country: <br/><input type="text" name="country" class="registerform"><br/><br/>
             <input type="checkbox" name="agree" value="Yes" />
             I have read, understood and agree to the <a href="terms.php">Terms &amp; Conditions.</a>
             <br/><br/>
             <input type="submit" name="submit" value="Register">
             <input type="hidden" name="referal" value="<?php $referal ?>">
          </form>
          </div>
    <?php
          
    }
    include(
    "template/footer.php");
    ?>

    Everything updates apart from $id, $gtitle and $gvalue.

    What am I doing wrong?

    Thanks.

  • #2
    UE Antagonizer Fumigator's Avatar
    Join Date
    Dec 2005
    Location
    Utah, USA, Northwestern hemisphere, Earth, Solar System, Milky Way Galaxy, Alpha Quadrant
    Posts
    7,691
    Thanks
    42
    Thanked 637 Times in 625 Posts
    For one thing, you're not checking your queries to see if they are throwing errors.

    PHP Code:
    $gval1 mysql_query("SELECT * FROM gifts WHERE id='$gift'"); 
    //CHECK THE RETURN VALUE!
    if (!$gval1) {
        die(
    "Query error! Error: ".mysql_error());

    Even better, because you get to see what the actual query was:

    PHP Code:
    $query "SELECT * FROM gifts WHERE id='$gift'";
    $gval1 mysql_query($query); 
    //CHECK THE RETURN VALUE!
    if (!$gval1) {
        die(
    "Query error! Query: $query<br />Error: ".mysql_error());

    I can see that your variable $gift doesn't appear to be assigned any value until AFTER you've run that query. But putting in proper error checking will tell you immediately what the real problem is.

  • #3
    Senior Coder
    Join Date
    May 2005
    Posts
    2,137
    Thanks
    96
    Thanked 72 Times in 72 Posts
    I would have ID as your very first field in the database, also I am assuming it's an auto increment? If so you leave the field blank in an INSERT query. So it'd be '',
    Rowsdower! has accused me of having mental problems, and the administrator allowed it. What a great forum huh?


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •