Here is my code below:

<?php

if(isset($_POST['create']))
{

    // db connection
    $dbHost = "localhost";
    $dbUser = "root";
    $dbPass = "";
    $dbName = "emanage";

    $conn = mysql_connect($dbHost, $dbUser, $dbPass);

    if(!$conn){
        die(mysql_error());
    }

    mysql_select_db($dbName, $conn) or die(mysql_error());

    // prevent mysql injection
    foreach ($_POST as $key => $value) {
        $_POST[$key] = mysql_real_escape_string(strip_tags($value));
    }

    // data container
    $name = $_POST['name'];
    $name = strtolower($name);
    $password = $_POST['password'];
    $password = md5($password);
    $type = $_POST['type'];
    $account = $_POST['account'];
    date_default_timezone_set('Asia/Dhaka');
    $time = date("h:i:s A");
    $date = date("D d M y");
    $create = ($date." @ ".$time);
    $ip = $_SERVER['REMOTE_ADDR'];
    $login = ($date." @ ".$time);
    $logout = ($date." @ ".$time);


    // error message
    $error = "";
    $success = "";          

    // check duplicate data
    $u_check = mysql_query('SELECT name FROM users WHERE name = "'. $name .'"');

    if(mysql_num_rows($u_check)>0){             
     $error = "User name is already taken, try different one !!!";               
     mysql_close($conn);        
    }
    else{               

     // insert data into table
     mysql_query
     ("
        INSERT INTO users (id, name, password, type, account, create, ip, login, logout) 
        VALUES ('', '$name', '$password', '$type', '$account', '$create', '$ip', '$login', '$logout') 
     ");

     $id = mysql_insert_id();
     $get_id = mysql_query('SELECT * FROM users WHERE id = "'. $id .'"');
     $data = mysql_fetch_array($get_id);
     $success = '<a class="u-name" href="add_info.php?id='.$data['id'].'">'.$data['name'].'</a>'.' is created successfully.';
     mysql_close($conn);

    }
}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Add User</title>

<!-- Stylesheet -->
<link type="text/css" rel="stylesheet" href="css/reset.css" media="screen" />
<link type="text/css" rel="stylesheet" href="css/style.css" media="screen" />
<link rel="stylesheet" href="css/jquery-ui.css" />
<style type="text/css">
#w-menu ul li .m_add_u{
    background: #FFFFFF url(img/add_u_hvr.png) top center no-repeat;
    color: #014949;
}
</style>

<!-- Javascript -->
<script type="text/javascript" src="js/jquery-1.9.1.min.js"></script>
<!-- Form Validation -->
<script type="text/javascript" src="js/jquery.bvalidator.js"></script>
<script type="text/javascript">
    $(document).ready(function () {
        $('#create').bValidator();
    });
</script>

</head>

<body>

 <div id="wrap">

  <?php include 'admin_menu.php'; ?>  

  <div id="w-top-con">

   <div class="top-con">



   </div>

  </div>

  <div id="w-mid-con">

   <div class="mid-con">

    <h1>Notice</h1>

    <ul class="font-style">Please read the guidance notes below, before completing the form :

     <li class="pad-top"><span>•</span> User Name must be <span>unique</span>.</li>
     <li><span>•</span> User Name can contain <span>alphabets</span> & <span>numbers</span> only.</li>
     <li><span>•</span> User Name characters length limit is from <span>4 to 20</span>.</li>
     <li><span>•</span> Password must be equal or more then <span>8 characters</span> long.</li>
     <li><span>•</span> Click on <span>underlined user name</span> to add account information.</li>
     <li><span>•</span> Marked ( <span>•</span>) field can't be left empty.</li>

    </ul>

   </div>

   <div class="mid-con-2">

    <h1>Add User Account</h1>

    <form id="create" action="" method="post" enctype="multipart/form-data">
     <ul>

      <?php if(!empty($success)) { ?>
      <li class="sc-notice"><?php echo $success; ?></li>
      <?php } ?>

      <?php if(!empty($error)) { ?>
      <li class="er-notice"><?php echo $error; ?></li>
      <?php } ?>

      <li>
       <small>•</small>
       <label>User Name</label>
       <span>:</span>
       <input type="text" name="name" data-bvalidator="alphanum,rangelength[4:20],required" />
      </li>
      <li>
       <small>•</small>
       <label>Password</label>
       <span>:</span>
       <input type="password" id="u_pass" name="password" data-bvalidator="minlength[8],required" />     
      </li>
      <li>
       <small>•</small>
       <label>Confirm Password</label>
       <span>:</span>
       <input type="password"  data-bvalidator="equalto[u_pass],required" />     
      </li>
      <li>
       <small>•</small>
       <label>User Type</label>
       <span>:</span>
       <select name="type" data-bvalidator="required,max[1],required" >
        <option value="" selected="selected"></option>
        <option value="admin">Admin</option>
        <option value="manager">Manager</option>
        <option value="stuff">Stuff</option>
       </select>    
      </li>
      <li>
       <small>•</small>
       <label>User Access</label>
       <span>:</span>
       <select name="account" data-bvalidator="required,max[1],required" >
        <option value="" selected="selected"></option>
        <option value="activate">Activate</option>
        <option value="deactivate">Deactivate</option>
       </select>    
      </li>
      <li class="end-list">
       <button type="reset">Clear</button>
       <button type="submit" name="create">Login</button>     
      </li>

     </ul>
    </form>

   </div>

  </div>

  <?php include 'rit_content.php'; ?>

 </div>

</body>
</html>

Here is my db structure

CREATE TABLE IF NOT EXISTS users (
id int(11) NOT NULL AUTO_INCREMENT,
name varchar(30) NOT NULL,
password int(11) NOT NULL,
type varchar(30) NOT NULL,
account varchar(30) NOT NULL,
create varchar(30) NOT NULL,
ip varchar(30) NOT NULL,
login varchar(30) NOT NULL,
logout varchar(30) NOT NULL,
PRIMARY KEY (id)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

Recommended Answers

All 15 Replies

Do you get errors? Check with this:

mysql_query
 ("
    INSERT INTO users (id, name, password, type, account, create, ip, login, logout) 
    VALUES ('', '$name', '$password', '$type', '$account', '$create', '$ip', '$login', '$logout') 
 ") or die (mysql_error());

thanx for your reply...
this shows a error, but i dont know how to solve this problem, please suggest me any ideas to overcome this problem.
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'create, ip, login, logout) VALUES ('', 'tareq', '25f9e794323b453885f5181f1b6' at line 1

Replace the '' for id with null

thanx for your reply again...
mysql_query("INSERT INTO users (id, name, password, type, account, create, ip, login, logout) VALUES (null, '$name', '$password', '$type', '$account', '$create', '$ip', '$login', '$logout')") or die (mysql_error());
but still it shows the same error.

if i write thecode below then its insert records to database but if i try to insert another field then it shows the error, i am really confused with this...

mysql_query("INSERT INTO users (id, name, password) VALUES (null, '$name', '$password')") or die (mysql_error());

Oh, I see now:

password int(11) NOT NULL

But you are trying to insert a string. Change the column type. If you are using md5 use varchar(32).

Always, whether your database table indicates int, and you are inserting a character, it shows no error. So, I think the error is with your insert query.

First start by renaming your column "type", coz type is a reserved word.

That is why, the script is not executing beyond the password character. But your query looks fine.

i change the column type as you are said, but sorry, still the same error message is showing...

CREATE TABLE IF NOT EXISTS `users` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `name` varchar(30) NOT NULL,
  `password` varchar(32) NOT NULL,
  `type` varchar(30) NOT NULL,
  `account` varchar(30) NOT NULL,
  `create` varchar(30) NOT NULL,
  `ip` varchar(30) NOT NULL,
  `login` varchar(30) NOT NULL,
  `logout` varchar(30) NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=3 ;

Nice catch, but if you put backticks around type you can safely use it. Same applies to create.

thank you so much...pritaeas & Webville312...and finally its work...thanx again...

Yo most welcome.

@pritaeas, I was refering to the type included before the values, coz the ones in value have '' quotes on them, and so they are read as strings. However, the one that says; .."INSERT INTO ...(...type)" is the one I was refering to.

@webville: yes, that was clear. With the backticks you can use reserved words.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.