Inserting into database my sql php

Question

I am trying to insert user input into a database on submit. I am required to use POSTBACK method but i am having problems. When open the registration page under al the text boxes it is saying Notice: Undefined variable: firstname in I:\\twa\\twa291\\assignment1\\rego.php on line 147

Notice: Undefined variable: middlename in I:\\twa\\twa291\\assignment1\\rego.php on line 147

Notice: Undefined variable: lastname in I:\\twa\\twa291\\assignment1\\rego.php on line 147

Notice: Undefined variable: user in I:\\twa\\twa291\\assignment1\\rego.php on line 147

ETC ETC ETC....

Doesnt it have to wait for the user to input? Why is this happening? Here is my code:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>
<link rel="stylesheet" type="text/css" href="stylesheet.css" />

<title>Registration</title>

<script>
function validateForm()
 {
 var x=document.forms["rego"]["gname"].value;
 if (x==null || x=="")
   {
   alert("Given name must be filled out");
   return false;
 }
 var x=document.forms["rego"]["mname"].value;
 if (x==null || x=="")
   {
   alert("Middle name must be filled out");
   return false;
 }
 var x=document.forms["rego"]["surname"].value;
 if (x==null || x=="")
   {
   alert("Surname must be filled out");
   return false;
 }
 var x=document.forms["rego"]["username"].value;
 if (x==null || x=="")
   {
   alert("Username must be filled out");
   return false;
 }
 var x=document.forms["rego"]["address"].value;
 if (x==null || x=="")
   {
   alert("Address must be filled out");
   return false;
 }
 var x=document.forms["rego"]["postcode"].value;
 if (x==null || x=="")
   {
   alert("Postcode must be filled out");
   return false;
 }
 var x=document.forms["rego"]["state"].value;
 if (x==null || x=="")
   {
   alert("State must be filled out");
   return false;
 }
 var x=document.forms["rego"]["tel"].value;
 if (x==null || x=="")
   {
   alert("Telephone must be filled out");
   return false;
 }
 var x=document.forms["rego"]["password"].value;
 if (x==null || x=="")
   {
   alert("Password must be filled out");
   return false;
 }
 var x=document.forms["rego"]["passconfirm"].value;
 if (x==null || x=="")
   {
   alert("Confirmation of password must be filled out");
   return false;
 }
}
</script>

</head>

<body>

<div id="container">
<div id="header">

<h1>Registration</h1></div>

<div id="menu">
<a href="home.php"><h2>Homepage</h2></a><br />
<a href="rego.php"><h2>Registration</h2></a><br />
<a href="userlogin.php"><h2>User Login</h2></a><br />
<a href="adminlogin.php"><h2>Administrator Login</h2></a><br />
<a href="tipping.php"><h2>Tipping</h2></a><br />
<a href="termsnconditions.php"><h2>Terms & Conditions</h2></a><br />
</div>

<form id="rego" action="<?php echo 
htmlspecialchars($_SERVER["PHP_SELF"]);?>" method="post" onSubmit="return validateForm()">

<label>Given Name:</label> <input type="text" name="gname"><br />
<br />
<label>Middle Name: </label><input type="text" name="mname"><br />
<br />
<label>Family Name:</label> <input type="text" name="surname"><br />
<br />
<label>Chosen Username:</label> <input type="text" name="username"><br />
<br />
<label>Address:</label> <input type="text" name="address"><br />
<br />
<label>Postcode: </label><input type="text" name="postcode"><br />
<br />
<label>State:</label> <input type="text" name="state"><br />
<br />
<label>Tel number: </label><input type="text" name="tel"><br />
<br />
<label>Password:</label> <input type="password" name="password"><br />
<br />
<label>Password confirmation:</label> <input type="password" name="passconfirm"><br />
<br />

<input type="submit" value="submit" name="submit">
</div>
</form>

<?php
require_once("conn.php");
if (isset($_REQUEST["submit"]))
{

   if (isset($_POST["submit"]))
   {

 $firstname = mysql_real_escape_string($_POST["gname"]);
 $middlename = mysql_real_escape_string($_POST["mname"]);
 $lastname = mysql_real_escape_string($_POST["surname"]);
 $user = mysql_real_escape_string($_POST["username"]);
 $addy = mysql_real_escape_string($_POST["address"]);
 $post = mysql_real_escape_string($_POST["postcode"]);
 $sta = mysql_real_escape_string($_POST["state"]);
 $telephone = mysql_real_escape_string($_POST["tel"]);
 $pass = mysql_real_escape_string($_POST["password"]);
 $systemuser= mysql_real_escape_string($_POST["susername"]);
   }
}



$sql = "INSERT INTO users(gname, mname, surname, username, address, postcode, state, tel, password)
VALUES('$firstname', '$middlename', '$lastname', '$user', '$addy', '$post', '$sta', '$telephone', 
'$pass')";   
$rs = mysql_query($sql, $conn);

if (!$rs) {
  die('Problem with query' . mysql_error());
}
echo "1 record added";



mysql_close($conn);
?>
</body>

</html>

PLEASE NOTE: i understand that mysql is being removed or something like that. But i am currently studying it in University and have no choice but to do it. I finish the subject in a week so if you could please bear with me itll be great. Thank you!

Answer 1

You're creating your SQL query before the variables are defined.

<?php
require_once("conn.php");
if (isset($_REQUEST["submit"]))
{

   if (isset($_POST["submit"]))
   {

     $firstname = $_POST["gname"];
     $middlename = $_POST["mname"];
     $lastname = $_POST["surname"];
     $user = $_POST["username"];
     $addy = $_POST["address"];
     $post = $_POST["postcode"];
     $sta = $_POST["state"];
     $telephone = $_POST["tel"];
     $pass = $_POST["password"];
   }




$sql = "INSERT INTO users(gname, mname, surname, username, address, postcode, state, tel, password)
VALUES('$firstname', '$middlename', '$lastname', '$user', '$addy', '$post', '$sta', '$telephone', 
'$pass')";   
$rs = mysql_query($sql, $conn);

if (!$rs) {
  die('Problem with query' . mysql_error());
}
echo "1 record added";



mysql_close($conn);
}
?>

Answer 2

您的数据库查询不在if语句中，因此每次脚本运行时都会发生

Answer 3

You're trying to run SQL queries outside the IF statement that checks for user submission.

<?php
require_once("conn.php");
if (isset($_REQUEST["submit"]))
{

   if (isset($_POST["submit"]))
   {

     $firstname = $_POST["gname"];
     $middlename = $_POST["mname"];
     $lastname = $_POST["surname"];
     $user = $_POST["username"];
     $addy = $_POST["address"];
     $post = $_POST["postcode"];
     $sta = $_POST["state"];
     $telephone = $_POST["tel"];
     $pass = $_POST["password"];

$sql = "INSERT INTO users(gname, mname, surname, username, address, postcode, state, tel, password)
VALUES('$firstname', '$middlename', '$lastname', '$user', '$addy', '$post', '$sta', '$telephone', 
'$pass')";   
$rs = mysql_query($sql, $conn);

if (!$rs) {
  die('Problem with query' . mysql_error());
}
echo "1 record added";


   }
}