0

Hi Guys when I click on the submit button on my register page I'm getting the following errors

Notice: Undefined variable: a in C:\xampp\htdocs\submit-form.php on line 3

Warning: mysql_select_db() expects parameter 2 to be resource, null given in C:\xampp\htdocs\submit-form.php on line 3

Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in C:\xampp\htdocs\config.php on line 8
DB select failed: Unknown database 'database_name'

This is the code
config.php

<?php 

ini_set('display_errors', true); // change to false when you go live
error_reporting(E_ALL);

//Mysql Connect  |   mysql_connect("host= 3306","username","");
//Below example to connect in localhost
$a=mysql_connect("localhost","root","");
if($a == false) {
    die("Connect failed: ".mysql_error());
}
//select your database
$b=mysql_select_db("database_name",$a);
if($b == false) {
    die("DB select failed: ".mysql_error());
}
?>

This is the submit_form.php code

<?php
//select your database
$b=mysql_select_db("database_name",$a);
$firstname=$_POST['firstname'];
$lastname=$_POST['lastname'];
$username=$_POST['username'];
//$confirmusername=$_POST['confirmusername'];
$password=$_POST['password'];
$confirmpassword=$_POST['confirmpassword'];
$email=$_POST['email'];
$confirmemail=$_POST['confirmemail'];

//Database connection
require_once("config.php");

//mysql query to insert value to database
$query=mysql_query("INSERT INTO registration (`firstname`, `lastname`, `username`, `confirmusername`, `password`, `confirmpassword`, `email` ,`confirmemail`) VALUES ('$firstname', '$lastname', '$username', '$password', '$confirmpassword', '$email' , '$confirmemail')");



//if value inserted successyully disply success message
if($query)
{

    echo 'Registred successfully..!!</div>';
}else
{
//error message
    echo '<unable to registred !!</div>';
}
?>

Hope someone can help me, someone has suggested that i change sql to sqli

3
Contributors
2
Replies
14
Views
3 Years
Discussion Span
Last Post by Bob Hensley
1

Hope someone can help me, someone has suggested that i change sql to sqli

That person gave you very valuable advice. The original MySQL extension, which you're using, has been deprecated as of PHP 5.5. Development on the MySQL extension ended years ago. Even if you disregard the deprecation you should be aware that it is missing features that make it very worthwhile to convert for (chiefly parameterized statements. Your code is extremely vulnerable to SQL injection attacks; parameterized statements are your solution.

As for your problem:

$b=mysql_select_db("database_name",$a);

This is your problem. In submit_form.php you haven't declared a value for $a. You have in config.php, though. But you don't bring in config.php for over 10 more lines. Fix this by requiring config.php at the top of your script.

Also, you're declaring $b in config.php. No need to do it in submit_for.php as well.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.