0

Please help....i want to save a user to my database..using wampserver...

<form method="POST" action="">
    <center><br>
<H1>USER REGISTRATION</H1>
        <table>   
    <tr>
        <td>User Id</td>
        <td><input type="text" name="userId"></td>
    </tr>
        <tr>
        <td>Lastname</td>
        <td><input type="text" name="lastname"></td>
    </tr>
         <tr>
        <td>Firstname</td>
        <td><input type="text" name="firstname"></td>
    </tr>
        <tr>
        <td>Middle Name</td>
        <td><input type="text" name="middleName"></td>
    </tr>
         <tr>
        <td>Suffix</td>
        <td><input type="text" name="suffix"></td>
    </tr>
        <tr>
        <td>Position</td>
        <td><input type="text" name="position"></td>
    </tr>
        <tr>
        <td>Privilege</td>
        <td><select name="priv">
                        <option>Administrator</option>
                        <option>User</option>
                    </select>
                </td>
        </tr>
        <tr>
        <td>Username</td>
        <td><input type="username" name="username" ></td>
         </tr>
        <tr>
        <td>Password</td>
        <td><input type="password" name="password" ></td>
        </tr>
         <tr>
                <td></td>
                <td><input type="submit" name="save" value="Save"></td>
        </tr>
</table>
</form>


<?php
 include '../config/connect.php';
if (isset($_POST['save']))
                {
                    $userId=  strtoupper($_POST['userId']);
                    $lastname=  strtoupper($_POST['lastname']);
                    $firstname=strtoupper($_POST['firstname']);
                    $middleName=  strtoupper($_POST['middleName']);
                    $suffix=  strtoupper($_POST['suffix']);
                    $position=  strtoupper($_POST['position']);
                    $privilege=strtoupper($_POST['priv']);
                    $userName=$_POST['username'];
                    $password=$_POST['password'];


                     $query = "INSERT INTO users
                    VALUES (Null,'$userId',
                        '$lastname',
                        '$firstname',
                        '$middleName',  
                        '$suffix',
                        '$position',
                        '$privilege',
                        '$userName',  
                        '$password')";
            $result = mysqli_query($query);
            if ($result)
            {
                echo "<center>Successfully Saved!</center>";
            }
            else
            {
                echo "<center>User Account Saving Failed!</center>";
            }
        }    
 ?>

Edited by lloydsbackyard

4
Contributors
3
Replies
18
Views
1 Year
Discussion Span
Last Post by diafol
0

You haven't mentioned what is happening or included your code class so we don't have much to go on. I would suggest adding code to output PHP errors on the page and see what errors/warnings you get.

0

Normally you give a form an action - a script to run. The script gets the variables from the form, then does something with them.
<form method="POST" action="">
Yours doesn't. Action is empty.

0

As the action property is empty, I'm assuming that you are sending to the form page itself. This is not the usual way of performing a form send. Usually form data is sent to a specific form handler script, usually in a different file. Otherwise, you get issues on page refresh / reload.

In addition, you are open to SQL Injection as you have not sanitized your user input nor used a prepared statement. See DW Tutorial: Common Issues with MySQL and PHP for options. Server-side data validation is also important, e.g. checking size and type of input.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.