0

This is not connecting to database anyway. I was inserting data on compile time with almost same code by commenting $_POST portion.

No errors are showing on Netbeans IDE. My database image: http://imgur.com/a/znqTV

Could it be a MySQL configuration problem in my computer?

<?php

$server = '127.0.0.1';
$userid = 'root';
$pass = '';
$db = 'test';

$con = mysqli_connect($server, $userid, $pass, $db) or die(mysqli_error($con));
if(isset($_POST['submit']))
{
    $username= $_POST['uid'];
    $password= $_POST['pass'];

        $sql="insert into users values ($username,$password)";
        mysqli_query($con, $sql);

}

?>
<html>
    <head>
        <meta charset="UTF-8">
        <title>Register</title>
    </head>
    <body>
        <form method="POST" action="index.php" >
            <table>
                <tr>
                    <td>UserName : </td>
                    <td><input type="text" placeholder="Choose a unique username" name="uid"></td>
                </tr>
                <tr>
                    <td>Password :</td>
                    <td><input type="password" placeholder="Choose a suitable password" name="pass"></td>
                </tr>

                <tr>
                    <td><button type="submit" value="submit" name="submit">Register</button></td>
                </tr>
            </table>

        </form>

    </body>
</html>

enter image description here

halfer
  • 18,701
  • 13
  • 79
  • 158
Parameshwar Panja
  • 43
  • 8
  • 2
    You code is at risk of [SQL Injection](https://stackoverflow.com/questions/601300/what-is-sql-injection) – litelite Aug 21 '17 at 19:24
  • Have you checked if the query was successful? `mysqli_query` returns false if the query have failed. – litelite Aug 21 '17 at 19:28
  • Yes I've checked before I shortened the code and put into one page... It was was working fine when I was using $query = "insert into student(id,name,Semester,contact_no,email) values ('009','abcd','4th','9850145559','soit@mail.com')" or die(mysqli_error($con)); $result = mysqli_query($con,$query); – Parameshwar Panja Aug 21 '17 at 19:32
  • Also, for security reasons, passwords should not be stored in plaintext. Of course, finish your current bug-fixing first, but you should not go live until your passwords are hashed with a strong hashing algorithm. – halfer Aug 21 '17 at 19:44
  • Check errors. You're not putting the strings in quotes so it's all going wrong. Use parameters, don't put data from the user into the SQL query! – Sami Kuhmonen Aug 21 '17 at 19:45
  • Forgotten to comment....Got solution, not from here. I used filter and problem solved..filter_input(INPUT_POST,'uid'); – Parameshwar Panja Aug 26 '17 at 16:18

0 Answers0