latheesan
09-02-2005, 11:46 AM
Hi,
i have a registeration script that post all the field values to this script called reg_validate.php
this is the content of the script
<?php
include ("admin/db.php");
$first = $_POST['first'];
$last = $_POST['last'];
$email = $_POST['email'];
$username = $_POST['username'];
$pass = $_POST['password'];
$password = md5($pass);
if (!$first){
header("Location: error.php?id=5");
exit();
}
elseif (!$last){
header("Location: error.php?id=6");
exit();
}
elseif (!$email){
header("Location: error.php?id=7");
exit();
}
elseif (!$username){
header("Location: error.php?id=8");
exit();
}
elseif (!$pass){
header("Location: error.php?id=9");
exit();
}
$query1 = "SELECT * FROM members WHERE username = '$username'";
$query2 = "SELECT * FROM members WHERE email = '$email'";
$result1 = mysql_query($query1);
$result2 = mysql_query($query2);
if ($username == "$result1"){
header("Location: error.php?id=10");
exit();
}
elseif ($email == "$result2"){
header("Location: error.php?id=11");
exit();
}
$update = "INSERT INTO members(first, last, email, username, password) VALUES($first, $last, $email, $username, $password)";
$updatedb = mysql_query("$update") or die(mysql_error());
?>
so, i entered some fake details in the registeration form and click send, and for some reason, i keep getting this error message
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@hotmail.com, latheesan, 098f6bcd4621d373cade4e832627b4f6)' at line 1
can someone help me understand why im getting the error message please... :bawling:
i have a registeration script that post all the field values to this script called reg_validate.php
this is the content of the script
<?php
include ("admin/db.php");
$first = $_POST['first'];
$last = $_POST['last'];
$email = $_POST['email'];
$username = $_POST['username'];
$pass = $_POST['password'];
$password = md5($pass);
if (!$first){
header("Location: error.php?id=5");
exit();
}
elseif (!$last){
header("Location: error.php?id=6");
exit();
}
elseif (!$email){
header("Location: error.php?id=7");
exit();
}
elseif (!$username){
header("Location: error.php?id=8");
exit();
}
elseif (!$pass){
header("Location: error.php?id=9");
exit();
}
$query1 = "SELECT * FROM members WHERE username = '$username'";
$query2 = "SELECT * FROM members WHERE email = '$email'";
$result1 = mysql_query($query1);
$result2 = mysql_query($query2);
if ($username == "$result1"){
header("Location: error.php?id=10");
exit();
}
elseif ($email == "$result2"){
header("Location: error.php?id=11");
exit();
}
$update = "INSERT INTO members(first, last, email, username, password) VALUES($first, $last, $email, $username, $password)";
$updatedb = mysql_query("$update") or die(mysql_error());
?>
so, i entered some fake details in the registeration form and click send, and for some reason, i keep getting this error message
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@hotmail.com, latheesan, 098f6bcd4621d373cade4e832627b4f6)' at line 1
can someone help me understand why im getting the error message please... :bawling: