Php and mysql insert

Question

I have the next code, but it inserts two rows in the mysql database instead of one. Could ypu please take a look to the code?

Regards.

            <?php
            $name=  $_POST['name'];
                    $password = $_POST['password'];

            mysql_connect("localhost","username","mypass");


            mysql_select_db("databaseName"); 


            mysql_query($query ="insert into users(name,password) values ('$name','$password')");

            if (mysql_query($query) === TRUE) {
                echo "Record saved";
            } else {
                echo "Error";
            }
            ?>

Answer 1

Don't call mysql_query() when you assign the $query variable. And remember to escape your data, since you're not using prepared statements.

mysql_connect("localhost","username","mypass");
$name = mysql_real_escape_string($_POST['name']);
$password = mysql_real_escape_string($_POST['password']);

$query ="insert into users(name,password) values ('$name','$password')";

if (mysql_query($query)) {
    echo "Record saved";
} else {
    echo "Error: " . mysql_error();
}

Answer 2

Dont use the mysql_query function twice, you want to check it in if statement, then dont call it before if clause. See this following code.

$query ="insert into users(name,password) values ('$name','$password')"

if (mysql_query($query) === TRUE) {
echo "Record saved";
} else {
echo "Error";
}