Creating Login/register system in php but nothing shows in mysql database phpmyadmin

Question

So actualy the problem is i need a login/register system and thast what i wrote and it works all fine login and register is working except when i try to create account i write in all the things its needed and create it and it says You've succsessfully registered! but when i go check the database there isnt the new data with id username pass and so on but i get no error connecting to database or anything and when i try to login i cant cuz there are no data from registering in database. I also checked the database name twice and its not wrong in the code i think or it is im kinda new in php.

if anyone wants i can add him on skype or you can check over teamviewer if u prefer i rly need this fixed please!!

picture of the database: http://shrani.si/f/1f/pO/3sIbCuUk/brez-naslova.png cant post pictures directly yet

Database server

Server: 127.0.0.1 via TCP/IP
Server type: MySQL
Server version: 5.6.14 - MySQL Community Server (GPL)
Protocol version: 10
User: root@localhost
Server charset: UTF-8 Unicode (utf8)

Web server

Apache/2.4.7 (Win32) OpenSSL/1.0.1e PHP/5.5.6
Database client version: libmysql - mysqlnd 5.0.11-dev - 20120503 
PHP extension: mysqli Documentation

this is my register.php file

echo "<h1>Sign Up</h1>";

$submit = @$_POST['submit'];

//form data
$fullname = strip_tags(@$_POST['fullname']);
$username = strip_tags(@$_POST['username']);
$password = strip_tags(@$_POST['password']);
$confirmpassword = strip_tags(@$_POST['confirmpassword']);
$date = date("Y-m-d");

if($submit)
{
//check for existance
    if($fullname&&$username&&$password&&$confirmpassword)
    {
        if($password==$confirmpassword)
        {
            if (strlen($username)>25||strlen($fullname)>25)
            {
                echo "Lenght of username or full name is too long!"; 
            }
            else
            {
                if(strlen($password)>25||strlen($password)<6)
                {
                    echo "Your password must be between 6 and 25 characters long!";
                }
                else
                {
                    //register the user
                    //encrypt password
                    $password = md5($password);
                    $confirmpassword = md5($confirmpassword);
                    //connect to databases
                    $connect = mysql_connect("localhost", "root", "");
                    mysql_select_db("login");

                    $queryreg = mysql_query("INSERT INTO users VALUES   ('','$fullname','$username','$password','$date'");

                    die("You've succsessfully registered! <a href='index2.php'>Click here to return to the login page!</a>");

                }
            }
        }
        else
        {
            echo "Your passwords do not match!";
        }
    }
    else
    {
        echo "Please enter all fields!";
    }
}

?>


<p>
<form action="register.php" method="POST">
    <table>
        <tr>
            <td>
            Full Name: 
            </td>
            <td>
                <input type="text" name="fullname" value="<?php echo $fullname?>">
            </td>
        </tr>
        <tr>
            <td>
            Username: 
            </td>
            <td>
                <input type="text" name="username" value="<?php echo $username ?>">
            </td>
        </tr>
        <tr>
            <td>
            Password: 
            </td>
            <td>
                <input type="password" name="password">
            </td>
        </tr>
        <tr>
            <td>
            Confirm Password: 
            </td>
            <td>
                <input type="password" name="confirmpassword">
            </td>
        </tr>
    </table>
    <p>
        <input type="submit" name="submit" value="Create Account"> 
    </p>
</form>

thats my index2.php i named it index2.php cuz i arleady have 1 index.php

<head>
    <title>Login Session</title>
</head>

<body>

    <form method="POST" action="login.php">
        Username: <input type="text" name="username"><br/>
        Password: <input type="password" name="password"><br/>
            <input type="submit" name="submit" value="Log in">
            <a href="register.php">Create An Account</a>
            <a href="index.php">Domov</a>
    </form>


</body>

and here is login.php

session_start();

$username = $_POST['username'];
$password = $_POST['password'];

if ($username&&$password)
{
$connect = mysql_connect("localhost", "root", "") or die("Couldn't connect to host!");
mysql_select_db("login") or die("Couldn't find database!");

$query = mysql_query("SELECT * FROM users WHERE username ='$username'");

$numrows = mysql_num_rows($query);
if ($numrows!=0)
{
    while ($row = mysql_fetch_assoc($query))
    {
        $dbusername = $row['username'];
        $dbpassword = $row['password'];
    }

    if($username==$dbusername&&md5($password)==$dbpassword)
    {

        $_SESSION['username']=$username;
        header("Location: member.php");


    }
    else
    {
        echo "Wrong password!";
    }
}
else
{
    die("That user hasn't been created!");

}   
}

else 
{
    echo "Username and password must be entered!";   
}

and member.php

session_start();

if ($_SESSION['username'])
    echo "Hello, ".$_SESSION['username']."!<br/><a href='logout.php'>Sign Out";
else 
{
        header("Location: index2.php");
}

Answer 1

I think you are trying to insert a record without a valid primary key. Use null instead of '' for the primary key

$queryreg = mysql_query("INSERT INTO users VALUES (null,'$fullname','$username','$password','$date'");

You can also see if there is any error in the query using die(mysql_error()); after the query.

Very Important

You should NOT use md5 to hash a password, it is very vulnerable and insecure. Use bcrypt instead. Also you shouldn't use the mysql_* functions, as they are deprecated, use mysqli instead

Answer 2

your errors

---

1.the connection

the connection line should be:

 $db = mysql_connect("localhost", "root", "" ,"login") or trigger_error(mysql_error());

instead of:

$connect = mysql_connect("localhost", "root", "");
                mysql_select_db("login");

---summary-----keep it in one line and always declare an error where ever possible

---

2.the insertion into the database

first of all you should specify in which columns it should insert what

for eg.

 $new_user= mysqli_query("INSERT INTO userinfo (id,firstname,lastname) VALUES ('','firstname','$lastname')");

explaination:the above code states that insert the values stored in the variable firstname & lastname into the column firstname & column lastname.The value of id is left blank because we want it to auto_increment

secondly

you should use a if....else condition to kill the script if it does not insert the data in the database

---

ok since you clearly know that your php extenson is mysqli the simply change mysql to mysqli note:if your connection line is in the same file and not in a different one you should include the connection variable before the sql line

for eg:

$search=mysqli_query($db,"select * from userinfo where ......

where $db is the variable that holds the connection script

Answer 3

Well, there are a few things that i would recommend.

There is no use for the @ symbol in the post fields: http://us3.php.net/manual/en/language.operators.errorcontrol.php

There is no point of using strip_tags for $password and $confirmpassword. You are hashing them in md5. I recommend you to use mcrypt: http://php.net/mcrypt

$password = md5($password);

$confirmpassword = md5($confirmpassword);

In: $queryreg = mysql_query("INSERT INTO users VALUES ('','$fullname','$username','$password','$date'");

Provide the columns name in the query, like:

$queryreg = mysql_query("INSERT INTO users (fullname, username, password, date) VALUES ('$fullname','$username','$password','$date'");

• You don't need to provide blank space as id in order to let MYSQL use AUTOINCREMENT.
• Check your column value type for date, you are passing it as string.

Try to resolve first your inserts to the database.