Home/ Questions/Q 7997719
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-04T15:01:43+00:00

When a user registers with my website they are then required to enter personal

  • 0

When a user registers with my website they are then required to enter personal details. The entered details will be added to the personaldetails table in my datbase. I have the following code but it does not work, I cannot figure out why. Can anyone help? I am getting error:query was empty

    $myusername=$_POST['username'];
    $mypassword=$_SESSION['mypassword'];
    $firstname = $_POST['firstname'];
    $surname = $_POST['surname'];
    $dob = $_POST['dob'];
    $totalwins = $_POST['totalwins'];
    $totalloses = $_POST['totalloses'];
    $email = $_POST['email'];
    $country = $_POST['country'];
    $info = $_POST['info'];

    // Connect to server and select database.
    mysql_connect("$host", "$username", "$password")or die("cannot connect");
    mysql_select_db("$db_name")or die("cannot select DB");

    $queryreg = mysql_query("

                INSERT INTO $tbl_name VALUES('','','$myusername','$mypassword''$firstname','$surname','$totalwins','$totalloses','$email','$country','$info','$dob' )
        ");

if (!mysql_query($sql))
      {
     die('Error: ' . mysql_error());
      }
      else  {
      echo "<br><br>Your details have been successfully updated. Go back to the                 personal details page to view your updated information.";
    }
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    First of all, you are exposed to SQL injection with your code. Please, prepare and escape your post data! This is really important to prevent SQLinjection attacks. Please read thouroughly about it.

    Then, the error occurs because of this

    if (!mysql_query($sql))
  {
 die('Error: ' . mysql_error());
  }
  else  {
  echo "<br><br>Your details have been successfully updated. Go back to the                 personal details page to view your updated information.";
}

    You don’t seem to have a variable named $sql, and, you are executing two query’s!

    Please do the following and post your feedback

    $sql = "INSERT INTO $tbl_name VALUES('','','$myusername','$mypassword''$firstname','$surname','$totalwins','$totalloses','$email','$country','$info','$dob' )";

if (!mysql_query($sql))
  {
 die('Error: ' . mysql_error());
  }
  else  {
  echo "<br><br>Your details have been successfully updated. Go back to the                 personal details page to view your updated information.";
}
    • 0