if(empty($_POST['txtEmail'])) 
{
    if (!mysql_query($sql,$con))
      {
      die('Error: ' . mysql_error());
      }

    $page='SignUp.php';
    header('Location:'.$page);   
}
else
{
    $page='SignUp.php?emptyusr=1';
    header('Location:'.$page);   
} 

Recommended Answers

Syntacticaly code is OK. What error do you get? What do you want to achieve?

Jump to Post

please post more detail

Jump to Post

I do not understand why you run the query if the field is blank. What is the $sql query? Maybe you should negate the condition (if $_POST['txtEmail'] is not empty then...):

if(!empty($_POST['txtEmail']))

You actually have to tell what to achieve or maybe post the whole script.

Jump to Post

All 11 Replies

Syntacticaly code is OK. What error do you get? What do you want to achieve?

please post more detail

if(empty($_POST['txtEmail'])) 
{
    if (!mysql_query($sql,$con))
      {
      die('Error: ' . mysql_error());
      }

    $page='SignUp.php';
    header('Location:'.$page);   
}
else
{
    $page='SignUp.php?emptyusr=1';
    header('Location:'.$page);   
} 


if (isset($_REQUEST['emptyusr']))
{
    echo "<font color=red>Please fill in email</font>";
}

If the filed is blank, should be cant add into database and will show msg "Please fill in email".. But I still can add data into database and din show and error msg... Thank for help...

if(empty($_POST['txtEmail']))

I think you should make the first line to check as NOT EMPTY like this:-

if ($_POST['txtEmail'] != "")

Try and see... Please let me know if it didn't help. Thanks

And this Block of code should be in another PHP file called "Signup.php". Not over here...

if (isset($_REQUEST['emptyusr']))
{    
   echo "<font color=red>Please fill in email</font>";
}

Please try and see if it helps....

Thanks

Yes, I already change to

if ($_POST['txtEmail'] != "")

But still the same... Din show any error msg..

if (isset($_REQUEST['emptyusr'])){echo "<font color=red>Please fill in email</font>";}
Ya, this code is inside SignUp.php

I do not understand why you run the query if the field is blank. What is the $sql query? Maybe you should negate the condition (if $_POST['txtEmail'] is not empty then...):

if(!empty($_POST['txtEmail']))

You actually have to tell what to achieve or maybe post the whole script.

$sql="INSERT INTO username (username, password, repassword, firstname, lastname, nationality, gender)
VALUES
('$_POST[txtEmail]','$_POST[txtPassword]','$_POST[txtRePassword]','$_POST[txtFirstName]','$_POST[txtLastName]','$_POST[cboNationality]','$_POST[cboGender]')";



if ($txtEmail != '')
{
    if (!mysql_query($sql,$con))
      {
      die('Error: ' . mysql_error());
      }

    $page='SignUp.php';
    header('Location:'.$page);   
}
else
{
    $page='SignUp.php?emptyusr=1';
    header('Location:'.$page);   
} 

if($_POST['txtPassword'] == $_POST['txtRePassword'])
{
    //Passwords Matched, so proceed with code
    if (!mysql_query($sql,$con))
      {
      die('Error: ' . mysql_error());
      }

    $page='SignUp.php';
    header('Location:'.$page);   
}
else
{
    $page='SignUp.php?wrongpwd=1';
    header('Location:'.$page);   
} 



mysql_close($con)

Sorry to keep you waiting so long for reply, I've been away.

You have an error in your SQL statement. The associative indexes of the $_POST array have to be enclosed in quotes and in addition to that $_POST elements have to be enclosed in curly braces since they are composite variables. So the correct syntax for the query would be:

$sql="INSERT INTO username (username, password, repassword, firstname, lastname, nationality, gender)
VALUES
('{$_POST['txtEmail']}','{$_POST['txtPassword']}','{$_POST['txtRePassword']}','{$_POST['txtFirstName']}','{$_POST['txtLastName']}','{$_POST['cboNationality']}','{$_POST['cboGender']}')";

But there is a better and safer way. Firstly it is a very bad idea to include values form POST directly to your query without cleaning them first. Someone can input a SQL injection code in one of your textboxes and run her query with bad intentions on your database. So you better clean the values first (at least escape them using i.e. mysql_real_escape_string - http://php.net/manual/en/function.mysql-real-escape-string.php). Secondly using quotes and curly braces as above is correct but can lead to errors. So better, safer and cleaner approach would be:

// clean values, I used trim and mysql_real_escape_string,
// you can also use filters or your functions, also depending on values
$txtEmail = mysql_real_escape_string(trim($_POST['txtEmail']), $con);
$txtPassword = mysql_real_escape_string(trim($_POST['txtPassword']), $con);
$txtRePassword = mysql_real_escape_string(trim($_POST['txtRePassword']), $con);
$txtFirstName = mysql_real_escape_string(trim($_POST['txtFirstName']), $con);
$txtLastName = mysql_real_escape_string(trim($_POST['txtLastName']), $con);
$cboNationality = mysql_real_escape_string(trim($_POST['cboNationality']), $con);
$cboGender = mysql_real_escape_string(trim($_POST['cboGender']), $con);

// use clean values in the query
$sql="INSERT INTO username (username, password, repassword, firstname, lastname, nationality, gender)
VALUES
('$txtEmail','$txtPassword','$txtRePassword','$txtFirstName','$txtLastName','$cboNationality','$cboGender')";

Another error (and probably the main reason to not working) is in line 7 of your code:

if ($txtEmail != '')

$txtEmail has probably not been declared yet. You probably meant $POST['txtEmail'].

Thank you.. Your suggestion is great!!

Be a part of the DaniWeb community

We're a friendly, industry-focused community of 1.21 million developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.