I have combined two peices of insert code however it now creates the register error “There was a problem registering you. Please check your details and try again.”
It must be a bad logic in the insert code. Can anyone advise how it should be laid to logically please?
if(!$errors){
$query = mysql_query("INSERT INTO users
(firstname, surname) VALUES ('" . $firstname . "', '" . $surname . "')");
"' . mysql_real_escape_string($registerEmail) . '";
'password = MD5("' . mysql_real_escape_string($registerPassword) . '")';
'date_registered = "' . date('Y-m-d H:i:s') . '"';
if(mysql_query($query)){
$success['register'] = 'Thank you for registering. You can now log in on the left.';
}else{
$errors['register'] = 'There was a problem registering you. Please check your details and try again.';
}
To be honest, this is riddled with errors, does it even run?
if(!$errors){
$query = mysql_query("INSERT INTO users (firstname, surname, email, password, date_registered) VALUES ('" . $firstname . "', '" . $surname . "', '" . mysql_real_escape_string($registerEmail) . "', MD5('" . mysql_real_escape_string($registerPassword) . "'), GETDATE())");
if(mysql_query($query)){
$success['register'] = 'Thank you for registering. You can now log in on the left.';
}else{
$errors['register'] = 'There was a problem registering you. Please check your details and try again.';
}
}
As a side note, you will need to ensure you are using mysql_real_escape_string on your $firstname and $surname to help prevent SQL Injections as well. I assumed you were doing this since the code for assigning those variables wasn’t shown.
No errors appear but it creates the error “'There was a problem registering you. Please check your details and try again.”
I tried your code and this also creates the error mesasge. What errors are there, I notice the date insert is very different.
if(!$errors){
$query = mysql_query("INSERT INTO users (firstname, surname, email, password, date_registered) VALUES ('" . $firstname . "', '" . $surname . "', '" . mysql_real_escape_string($registerEmail) . "', MD5('" . mysql_real_escape_string($registerPassword) . "'), GETDATE())");
if(mysql_query($query)){
$success['register'] = 'Thank you for registering. You can now log in on the left.';
}else{
$errors['register'] = 'There was a problem registering you. Please check your details and try again.';
}
}
}
I used the GETDATE() function in MySQL so it automatically writes the date, and you don’t have to calculate it/figure it out.
Try the following, it will still throw an error, but it will hopefully tell you why.
if(!$errors){
$query = mysql_query("INSERT INTO users (firstname, surname, email, password, date_registered) VALUES ('" . $firstname . "', '" . $surname . "', '" . mysql_real_escape_string($registerEmail) . "', MD5('" . mysql_real_escape_string($registerPassword) . "'), GETDATE())");
$result = mysql_query($query) or die(mysql_error()); // remove the or die(mysql_error()) code after you resolve the error
if($result){
$success['register'] = 'Thank you for registering. You can now log in on the left.';
}else{
$errors['register'] = 'There was a problem registering you. Please check your details and try again.';
}
}
}
Oh doh! Of course it is. You are calling mysql_query twice and I missed it both times.
Here is the updated code
if(!$errors){
$query = "INSERT INTO users (firstname, surname, email, password, date_registered) VALUES ('" . $firstname . "', '" . $surname . "', '" . mysql_real_escape_string($registerEmail) . "', MD5('" . mysql_real_escape_string($registerPassword) . "'), GETDATE())";
$result = mysql_query($query) or die(mysql_error()); // remove the or die(mysql_error()) code after you resolve the error
if($result){
$success['register'] = 'Thank you for registering. You can now log in on the left.';
}else{
$errors['register'] = 'There was a problem registering you. Please check your details and try again.';
}
}