Difficulty adding data to db using PHP and MYSQL

Asked

Viewed 64 times

0

Well, I’m starting my studies in php and mysql, and I’m having a hard time doing something theoretically simple, which would be a form that sends the information provided to a local db. By pressing send, nothing happens, db table remains intact. Thank you in advance for the time you have to help me

<?php
session_start();

$mysqli = new mysqli('localhost', 'root', '', 'dbteste');

if($_SERVER['REQUEST_METHOD'] == 'POST'){

    if($_POST['password'] == $_POST['confirmpassword']){
        $username = $_POST['username'];
        $email = $_POST['email'];
        $password = $_POST['password']; //md5 hash passwor security

        $sql = "INSERT INTO user (username, password, email) VALUES($username, $password, $email)";

        $mysqli->query($sql);

    }
}

?>
    <h1>Register</h1>
<form class="form" action="create-account.php" method="post" enctype="multipart/form-data" autocomplete="off">
    <input type="text" name="username" value="" placeholder="username" required/>
    <input type="password" name="password" value="" placeholder="password" required/>
    <input type="password" name="confirmpassword" value="" placeholder="confirm password" required/>
    <input type="text" name="email" value="" placeholder="e-mail" required/>
    <input type="submit" name="createacount" value="create acount">
</form>
  • 2

    These variavies:$username, $password, $email must be in single quotes... '$username', '$password', '$email' If Voce der echo nesse $sql and run the query on a client like Heidi and Workbench, they will show you the error that is giving

2 answers

0

PHP variables in VALUES must be in single quotes!

$sql = "INSERT INTO user (username, password, email) VALUES ('$username', '$password', '$email')";

I don’t know about $_SERVER, I do so:

$con=mysqli_connect("localhost", "root", "") or die(mysqli_error()); mysqli_select_db($con,$bank) or die(mysqli_error());

  • Thanks for the answer, I managed to solve here

0

I believe it is an error in creating the SQL command, try to use:

$sql = "INSERT INTO user (username, password, email) VALUES('".$username."', '."$password."', '".$email."')";

Use these commands to show errors if any are occurring:

ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);

I also recommend that you do a little research on SQL Injection.

  • Thank you for the reply. I will read about yes!!

Browser other questions tagged

You are not signed in. Login or sign up in order to post.