User information does not get sent to database

StackOverflow https://stackoverflow.com/questions/21618003

Question

I am new at designing websites and I recently wanted to add login/registration forms to my website I have a database and have coded all of the forms but when I attempt to register I am unable to because my information is not added to the database. I have been working on this for a while any advice on how to better my forms and registration system would be more than helpful. Thanks in advance!

Here are my forms:

Registration: 

<?php 
session_start(); 
include "dbConfig.php"; 
if (isset($_GET["op"]) == "login") {
    if (!$_POST["username"] || !$_POST["password"]) { 
        die("You need to provide a username and password."); 
    } 
    // Create query 
    $q = "SELECT * FROM `gd_database` " 
        ."WHERE `username`='".$_POST["username"]."' " 
        ."AND `password`=PASSWORD('".$_POST["password"]."') " 
        ."LIMIT 1"; 
    // Run query 
    $r = mysql_query($q); 
    if ( $obj = @mysql_fetch_object($r) ) { 
        // Login good, create session variables 
        $_SESSION["valid_id"] = $obj->id; 
        $_SESSION["valid_user"] = $_POST["username"]; 
        $_SESSION["valid_time"] = time(); 
        // Redirect to member page 
        Header("Location: members.php"); 
    } else { 
        // Login not successful 
        die("Sorry, could not log you in. Wrong login information."); 
    } 
} else { 
    echo "<form action=\"?op=login\" method=\"POST\">"; 
    echo "Username: <input name=\"username\" size=\"15\">"; 
    echo "Password: <input type=\"password\" name=\"password\" size=\"8\">"; 
    echo "<input type=\"submit\" value=\"Login\">"; 
    echo "</form>"; 
} 
?>

Login:

<?php 
session_start(); 
include "dbConfig.php"; 
if (isset($_GET["op"]) == "login") { 
    if (!$_POST["username"] || !$_POST["password"]) { 
        die("You need to provide a username and password."); 
    } 
    // Create query 
    $q = "SELECT * FROM `gd_database` " 
        ."WHERE `username`='".$_POST["username"]."' " 
        ."AND `password`=PASSWORD('".$_POST["password"]."') " 
        ."LIMIT 1"; 
    // Run query 
    $r = mysql_query($q); 
    if ( $obj = @mysql_fetch_object($r) ) { 
        // Login good, create session variables 
        $_SESSION["valid_id"] = $obj->id; 
        $_SESSION["valid_user"] = $_POST["username"]; 
        $_SESSION["valid_time"] = time(); 
        // Redirect to member page 
        Header("Location: members.php"); 
    } else { 
        // Login not successful 
        die("Sorry, could not log you in. Wrong login information."); 
    } 
} 
else 
{ 
    echo "<form action=\"?op=login\" method=\"POST\">"; 
    echo "Username: <input name=\"username\" size=\"15\">"; 
    echo "Password: <input type=\"password\" name=\"password\" size=\"8\">"; 
    echo "<input type=\"submit\" value=\"Login\">"; 
    echo "</form>";
} 
?>
Was it helpful?

Solution

Your login and registration scripts are the same code and they assume that you already have an account are trying to verify the credentials. You'll need to insert the data from the form into the database with an INSERT statement before anything else. Right now, you're just checking for accounts in an empty table.

Look up some tutorials for registering users. Tutsplus is nice.

OTHER TIPS

here is a code for registration

     register.php

    <?php       

        include ("dbConfig.php");

        if ( $_GET["op"] == "reg" )

        {

            $bInputFlag = false;

            foreach ( $_POST as $field )

            {

                if ($field == "")

                {

                    $bInputFlag = false;

                }

                else

                {

                    $bInputFlag = true;

                }

            }

            if ($bInputFlag == false)

            {

                die( "Problem with your registration info. "

                ."Please go back and try again.");

            }

            $q = "INSERT INTO `dbUsers` (`username`,`password`,`email`) "

            ."VALUES ('".$_POST["username"]."', "

            ."PASSWORD('".$_POST["password"]."'), "

            ."'".$_POST["email"]."')";

            $r = mysql_query($q);

            if ( !mysql_insert_id() )

            {

                die("Error: User not added to database.");

            }

            else

            {

                Header("Location: register.php?op=thanks");

            }

        }

        elseif ( $_GET["op"] == "thanks" )

        {

            echo "<h2>Thankyou for registering!</h2>";

        }

        else

        {

            echo "<form action=\"?op=reg\" method=\"POST\">\n";

            echo "Username: <input name=\"username\" MAXLENGTH=\"16\"><br />\n";

            echo "Password: <input type=\"password\" name=\"password\" MAXLENGTH=\"16

\">\n";

            echo "Email Address: <input name=\"email\" MAXLENGTH=\"25\"><br />\n";

            echo "<input type=\"submit\">\n";

            echo "</form>\n";

        }

    ?>

inorder to add data into your database you need to use a query INSERT.hope this code would help you in solving your problem.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top