I'm relatively new to web coding, but I know quite a bit, I was making a registration form earlier, which also checks if the fields are empty. It comes up OK, but nothing seems to work, when the fields are empty, the message doesn't come up, and when the fields are fine, it just loads but doesn't actually insert it into the database. Also, once I press the submit button, the form just disappears as well. Any help would be much appreciated.
<form method="post">
<?php
if(isset($_POST['submit'])){
$username=$_POST['username'];
$password=$_POST['password'];
$password=md5(hash("sha512",$password));
if(empty($username) or empty($password)){
$message="Please enter information into the fields.";
} else {
mysql_query("INSERT INTO `users` VALUES('',$username,$password)");
$message="Register successful!";
}
echo "<div id='box>$message</div>";
}
?>
Username: <input type="text" name="username" /><br>
Password: <input type="password" name="password" /><br>
<input type="submit" name="submit" value="Sign Up">
</form>
It looks like you are not printing out mysql
errors, you just need to add or die(mysql_error());
at the end of the query as in my example i did. Anyway you should surround your strings with quotes
. The page came out blank when you press because if condition is met. So change as follow
mysql_query("INSERT INTO `users` VALUES('','$username','$password')") or die(mysql_error());
As side note i would stop using mysql_
function since they are derecated and use instead either PDO
or mysqli
with prepared statements to avoid any risk of mysql injections since your code is highly vulnerable. LEARN MORE HERE
As CodeBird
correctly stated
md5 of an empty string will return a 32 chars string, so the password you are testing will never be empty
Change the query statement to
mysql_query("INSERT INTO `users` VALUES('','$username','$password')");
Start using mysqli_* functions instead of mysql_* as the latter are deprecated
check this out "(`id`, `username`, `password`)" example column name use what you have made it.
<?php
if(isset($_POST['submit']))
{
$username=$_POST['username'];
$password=$_POST['password'];
enter code here
if(empty($username) || empty($password)){
$message="Please enter information into the fields.";
} else {
$password=md5(hash("sha512",$password));
mysql_query("INSERT INTO `users` (`id`, `username`, `password`) VALUES('','$username','$password');");
$message="Register successful!";
}
echo "<div id='box'>".$message."</div>";
}
?>
<form method="post" action="">
<input type="text" name="username" /><br>
<input type="password" name="password" /><br>
<input type="submit" name="submit" value="Sign Up">
</form>
Your insert query is wrong, use:
INSERT INTO tablename (col1, col2) VALUES('data1', 'data2' )
Or you can use
INSERT INTO tablename SET col1 = "data1", col2 = "data2"
You are having an issue because you are misusing empty()
A variable is considered empty if it does not exist or if its value equals FALSE
Also you should use double-pipes ||
for or in your if()
This:
if(empty($username) or empty($password)){
Should be:
if($username === '' || $password === ''){
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.