0

I am trying to insert data submitted in a form, into a MySQL Database, and I can't see the problem in my code(except for MySQL injection, that I will work to resolve after actually being able to insert any data). I have searched in Stack Overflow, and found someone who probably worked by the same manual, but I work in localhost, he's on GoDaddy. The solution given there doesn't work for me.

Here is my code for the HTML and the PHP code:

<?php 
  require'connection/connect.php';
  ?>
  <?php
  if(isset($_POST['Register'])){
      session_start();
      $Fname = $_POST['FirstName'];
      $Lname = $_POST['LastName'];
      $Email = $_POST['Email'];
      $pw = $_POST['Password'];


  $sql= $con->query("INSERT INTO user (Fname,Lname,Email,Password) values('{$Fname}', '{$Lname}', '{$Email}', '{$pw}')");
  }

  ?>
  <!DOCTYPE html >
  <html>
  <head>
  <link href="css/Master.css" rel="stylesheet" type="text/css" />
  <link href="css/Menu.css" rel="stylesheet" type="text/css" />
  <title>Register</title>
  </head>

  <body>


  <div class="container">
    <div class="header">

    </div>
    <div class="menu">
      <div id="NavBar">
       <nav>
       <ul>
       <li>
       <a href="Login.php">Login</a>
       </li>
       <li>
       <a href="Register.php">Register</a>
       </li>
       </ul>
       </nav>
  </div>

    </div>
    <div class="leftBody"></div>
    <div class="rightBody">
      <form  action="" method="post" name="RegisterForm" id="RegisterForm">
      <div class="FormElement">
      <input name="FirstName" id="FirstName" type="text" placeholder="First Name" class="TField">
      </div><br>
       <div class="FormElement">
      <input name="LastName" id="LastName" type="text" placeholder="Last Name" class="TField">
      </div><br>
       <div class="FormElement">
      <input name="Email" id="Email" type="email" placeholder="E-Mail" class="TField">
      </div><br>
       <div class="FormElement">
      <input name="Password" id="Password" type="password" placeholder="Password" class="TField">
      </div><br>
      <input name="Register" id="Register" type="button" value="Register" class="regButton">
      </form>

    </div>
    <div class="footer"></div>


  </div>

  </body>
  </html>

And this is my connection.php file: That it does show that it connects.

<?php
$host="localhost";
$username="root";
$password="";
$dataBase="users";
$con=mysqli_connect($host,$username,$password,$dataBase);
if (!$con) {
    die("Could not connect: " . mysqli_error());
}
echo "Connected successfully";
?>

And a picture of my database in phpMyAdmin: Database

I have tried also using this line like this for some reason, but to no avail.:

$sql= $con->query("INSERT INTO user
                          (Fname,Lname,Email,Password)   
                   values ('Fname', 'Lname', 'Email', 'pw')");
Improve this question
18
  • 2
    ('Fname', 'Lname', 'Email', 'pw') you're trying to literally enter those values as strings rather than the POST arrays/variables. Guess what you're missing here? Clue: Think "money" ;-) Commented Aug 4, 2016 at 11:41
  • 1
    Check for errors via PHP and MySQL; you're not doing that. Commented Aug 4, 2016 at 11:43
  • 1
    @GordonM Bad practice yes, but those work together. Commented Aug 4, 2016 at 11:45
  • 1
    "and found someone who probably worked by the same manual, but I work in localhost, he's on GoDaddy" - This smells like you're accessing as file:///file.xxx rather than http://localhost/file.xxx. Commented Aug 4, 2016 at 11:46
  • 1
    @GrowingDev Ok, I see your submit button and should be an submit type, not button and Sanjiv Dhakal's answer picked up on that and I overlooked it. That should work. Commented Aug 4, 2016 at 11:51

2 Answers 2

Reset to default
5

i didn't see submit button that actually submit the form. So if i am not wrong please try to use

<input name="Register" id="Register" type="submit" value="Register" class="regButton">
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

This looks promising. I'll upvote if it works for them. I overlooked that in the question; good catch.
Yes, that's it. and i have also updated the OP with this answer. Thanks.
-1

your code should be run

$sql= $con->query("INSERT INTO user 
                           (Fname,Lname,Email,Password)   
                     VALUES('$Fname', '$Lname', '$Email', '$pw')");
Improve this answer

2 Comments

They said they already tried that. What do you think my "comment" was about. They had values('{$Fname}', '{$Lname}', '{$Email}', '{$pw}') also; same thing here.
Little Bobby says your script is at risk for SQL Injection Attacks. Learn about prepared statements for MySQLi. Even escaping the string is not safe! Don't believe it?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.