Hi all, I think this is going to be easy to resolve but for I have been looking at it to long and I cannot see my issue!
I hope this is in the right section as it uses modalbox, however I think its a php error not modalbox.
Basically I have a registration form as follows:
Code: <form action="pages/reg_do.php" id="myform" onsubmit="return false;">
<fieldset>
<legend>Register New User</legend>
<table>
<tr>
<td><label for="name"><strong>Username </strong></label></td>
<td> </td>
<td><input type="text" size="30" id="username" name="username" /></td>
</tr>
<tr>
<td><label for="password"><strong>Password </strong></label></td>
<td> </td>
<td><input type="text" size="30" id="password" name="password" /></td>
</tr>
<tr>
<td><label for="email"><strong>Email</strong></label></td>
<td> </td>
<td><input type="text" size="30" id="email" name="email" /></td>
</tr>
<tr>
<td> <label for="first_name"><strong>First Name</strong></label></td>
<td> </td>
<td><input type="text" size="30" id="first_name" name="first_name" /></td>
</tr>
<tr>
<td><label for="last_name"><strong>Last Name</strong></label></td>
<td> </td>
<td><input type="text" size="30" id="last_name" name="last_name" /></td>
</tr>
<tr>
<td><label for="city"><strong>City</strong></label></td>
<td> </td>
<td><input type="text" size="30" id="city" name="city" /></td>
</tr>
<tr>
<td><label for="state"><strong>State</strong></label></td>
<td> </td>
<td><select name="state">
<option value="WA">Western Australia</option>
<option value="SA">Southern Australia</option>
<option value="VIC">Victoria</option>
<option value="NT">Nothern Territories</option>
<option value="TAS">Tasmania</option>
<option value="QLD">Queensland</option>
</select></td>
</tr>
</table>
</fieldset>
<p><input type="submit" value="Register" onclick="Modalbox.show('pages/reg_do.php', {title: 'Registering....', width: 500, params:Form.serialize('myform') }); return false;" /> or <a href="#" title="Cancel & close dialog" onclick="Modalbox.hide(); return false;">Cancel & close</a></p>
</form>
</body>
</html>
This is opened from the main page in a modalbox popup box, once the form is submitted it goes to red_do.php, which loads in a replacement modalbox:
Code: <?php
session_start();
include '../common/dbconnect.php';
$username = $_GET['username'];
$password = $_GET['password'];
$first_name = $_GET['first_name'];
$last_name = $_GET['last_name'];
$email = $_GET['email'];
$city = $_GET['city'];
$state = $_GET['state'];
$query = 'INSERT INTO users (user_id, username, password)
VALUES ("", "$username", "$password")';
$result = mysql_query($query, $conn) or die(mysql_error());
$user_id = mysql_insert_id($conn);
$query = 'INSERT INTO users_details
(user_id, username, first_name, last_name, email, city, state)
VALUES
("$user_id","$username", "$first_name", "$last_name", "$email", "$city", "$state") ';
$result = mysql_query($query, $conn) or die(mysql_error());
$_SESSION['logged'] = 1;
$_SESSION['username'] = $username;
echo "thankyou, working";
?>
I then get the thankyou message, however instead of submitting the actual values into the database it will physically submit $username as apposed to the value of $username.
What am I missing.
As a sidenote, i understand the importance of escaping strings and this is done in the database connect file using:
Code: foreach ($_POST as $key => $value) {
$_POST[$key] = mysql_real_escape_string($value);
}
foreach ($_GET as $key => $value) {
$_GET[$key] = mysql_real_escape_string($value);
}
as I know people like pointing this out
Preventing SQL Injection
I have a question about SQL Injection, In some of our code we use this:
Is this possible? If one file assigned to an ID...
I have a page that lists property listings assigned to a specific user (a manage page), with brief text details and a picture.Each of these listings has several images with it, that aren't seen unless
AJAX form submit
I recently built a form that submits data to my database with an ajax function that is called through onClick="function ..." on the submit button. That all works perfectly, however the
Query failed issue with php script but works fine in mssql manager!
hi i have the script below which copies data from one table to another but will only insert new data update current data or delete old data from tempproducts to products then it will delete the
Grouping and sorting results
Please help with this query.I have 2 tables in a database, countires and cities. states looks like thiscountriesid -----------country1 ------------uk2 ------------us3 ------------japancitiesid
Shuffle Array
Hi,I am writing a script for a game that needs players to randomly be assigned a target (another player) in a loop so that each player is matched with someone other than who has them. See below:Andy
Update Database
Hi All,I have a problem with this:Code: [Select]<?phpsession_start();include('../common/dbconnect.php');$stock_id = $_GET['stock_id'];$query='SELECT * FROM users_stocks WHERE user_id ="' .
Text to picture Generator
Hello, i have found this script and it works really good^^ But i have one problem, i would like to change the font and font size. Is there anyone here that know what code i should edit/paste in
php mysql query from input textbox
Hi,I have a text box, in that i have given the mysql query. I can able to get the query in variable. But after submit button i want to get data to be printed on a same page. But how can i print the
Can't get the unicode character
I'm trying to get some text from various parts of a file. I have converted the file to hex (bin2hex) and I've got this:64 72 e6 62 65 72 (without spaces)I'm converting that back by:Code:
