-1

Registration.php

<?php
include('db.php')
?>

<div id="wrapper">
    <nav class="navbar-default navbar-side" role="navigation">
        <div class="sidebar-collapse">
            <ul class="nav" id="main-menu">

                <li>
                    <a  href="../index.php"><i class="fa fa-home"></i> 
Homepage</a>
                </li>

                </ul>

        </div>

    </nav>

<div id="page-wrapper" >
        <div id="page-inner">
         <div class="row">
                <div class="col-md-12">
                    <h1 class="page-header">
                        REGISTRATION <small></small>
                    </h1>
                </div>
            </div> 


        <div class="row">


                <div class="panel panel-primary">
                    <div class="panel-heading">
                         ACCOUNT INFORMATION

the contain of registration form

</div>
<div class="panel-body">
    <form name="form" method="post">
        <div class="form-group">
            <label>Username</label>
            <input name="username" class="form- 
   control" required>

        </div>
        <div class="form-group">
            <label>Password</label>
            <input name="pw" class="form-control" required>

        </div>
        <div class="form-group">
            <label>Confirm Password</label>
            <input name="confirmpw" class="form- 
   control" required>

        </div>
        <div class="form-group">
            <label>Subscription Date</label>
            <input name="subdate" type="date" class="form-control" required>

        </div>
        <label>Title*</label>
        <select name="title" class="form- 
    control" required>
            <option value selected></option>
            <option value="Dr.">Dr.</option>
            <option value="Miss.">Miss.
            </option>
            <option value="Mr.">Mr.</option>
            <option value="Mrs.">Mrs.
            </option>
            <option value="Prof.">Prof.
            </option>
            <option value="Rev .">Rev .
            </option>
            <option value="Rev . Fr">Rev . Fr .
            </option>
        </select>
</div>
<div class="form-group">
    <label>First Name</label>
    <input name="fname" class="form- 
    control" required>

</div>
<div class="form-group">
    <label>Last Name</label>
    <input name="lname" class="form- 
   control" required>

</div>
<div class="form-group">
    <label>Email</label>
    <input name="email" type="email" class="form-control" required>

</div>
<div class="form-group">
    <label>Date Of Birth</label>
    <input name="dob" type="date" class="form-control" required>

</div>
<?php

                                $placeofbirth = array("Johor", "Kedah", 
    "Kelantan", "Kuala Lumpur", "Labuan", "Melaka", "Negeri Sembilan", "Pahang", 
    "Perak", "Perlis", "Pulau Pinang", "Putrajaya", "Sabah", "Sarawak", 
    "Selangor", "Terengganu");

                                ?>
    <div class="form-group">
        <label>Place of Birth*</label>
        <select name="pob" class="form- 
    control" required>
            <option value selected></option>
            <?php
                                                foreach($placeofbirth as $key => 
    $value):
                                                echo '<option 
    value="'.$value.'">'.$value.'</option>'; //close your tags!!
                                                endforeach;
                                                ?>
        </select>
    </div>

    <div class="form-group">
        <label>IC/Passport No.</label>
        <input name="ic_passport" type="text" class="form-control" required>

    </div>
    <div class="form-group">
        <label>Home Address</label>
        <input name="address" type="text" class="form-control" required>

    </div>
    <div class="form-group">
        <label>Postcode</label>
        <input name="postcode" type="text" class="form-control" required>

    </div>
    <div class="form-group">
        <label>City</label>
        <input name="city" type="text" class="form-control" required>

    </div>
    <?php

                                $state = array("Johor", "Kedah", "Kelantan", 
     "Kuala Lumpur", "Labuan", "Melaka", "Negeri Sembilan", "Pahang", "Perak", 
     "Perlis", "Pulau Pinang", "Putrajaya", "Sabah", "Sarawak", "Selangor", 
     "Terengganu");

                                ?>
        <div class="form-group">
            <label>State*</label>
            <select name="state" class="form- 
     control" required>
                <option value selected></option>
                <?php
                                                foreach($state as $key => 
     $value):
                                                echo '<option 
     value="'.$value.'">'.$value.'</option>'; //close your tags!!
                                                endforeach;
                                                ?>
            </select>
        </div>
        <?php

                                $countries = array("Afghanistan", "Albania", 
     "Algeria", "American Samoa", "Andorra", "Angola", "Anguilla", "Antarctica", 
     "Antigua and Barbuda", "Argentina", "Armenia", "Aruba", "Australia", 
     "Austria", "Azerbaijan", "Bahamas", "Bahrain", "Bangladesh", "Barbados", 
     "Belarus", "Belgium", "Belize", "Benin", "Bermuda", "Bhutan", "Bolivia", 
     "Bosnia and Herzegowina", "Botswana", "Bouvet Island", "Brazil", "British 
      Indian Ocean Territory", "Brunei Darussalam", "Bulgaria", "Burkina Faso", 
     "Burundi", "Cambodia", "Cameroon", "Canada", "Cape Verde", "Cayman Islands", 
     "Central African Republic", "Chad", "Chile", "China", "Christmas Island", 
     "Cocos(Keeling) Islands", "Colombia", "Comoros", "Congo", "Congo, the 
     Democratic Republic of the", "Cook Islands", "Costa Rica", "Cote d'Ivoire", 
     "Croatia(Hrvatska)", "Cuba", "Cyprus", "Czech Republic", "Denmark", 
     "Djibouti", "Dominica", "Dominican Republic", "East Timor", "Ecuador", 
     "Egypt", "El Salvador", "Equatorial Guinea", "Eritrea", "Estonia", 
     "Ethiopia", "Falkland Islands (Malvinas)", "Faroe Islands", "Fiji", 
     "Finland", "France", "France Metropolitan", "French Guiana", "French 
     Polynesia", "French Southern Territories", "Gabon", "Gambia", "Georgia", 
    "Germany", "Ghana", "Gibraltar", "Greece", "Greenland", "Grenada", 
    "Guadeloupe", "Guam", "Guatemala", "Guinea", "Guinea-Bissau", "Guyana", 
    "Haiti", "Heard and Mc Donald Islands", "Holy See (Vatican City State)", 
    "Honduras", "Hong Kong", "Hungary", "Iceland", "India", "Indonesia", "Iran 
    (Islamic Republic of)", "Iraq", "Ireland", "Israel", "Italy", "Jamaica", 
    "Japan", "Jordan", "Kazakhstan", "Kenya", "Kiribati", "Korea, Democratic 
    People's Republic of", "Korea, Republic of", "Kuwait", "Kyrgyzstan", "Lao, 
    People's Democratic Republic", "Latvia", "Lebanon", "Lesotho", "Liberia", 
    "Libyan Arab Jamahiriya", "Liechtenstein", "Lithuania", "Luxembourg", 
    "Macau", "Macedonia, The Former Yugoslav Republic of", "Madagascar", 
    "Malawi", "Malaysia", "Maldives", "Mali", "Malta", "Marshall Islands", 
    "Martinique", "Mauritania", "Mauritius", "Mayotte", "Mexico", "Micronesia, 
    Federated States of", "Moldova, Republic of", "Monaco", "Mongolia", 
    "Montserrat", "Morocco", "Mozambique", "Myanmar", "Namibia", "Nauru", 
    "Nepal", "Netherlands", "Netherlands Antilles", "New Caledonia", "New 
    Zealand", "Nicaragua", "Niger", "Nigeria", "Niue", "Norfolk Island", 
    "Northern Mariana Islands", "Norway", "Oman", "Pakistan", "Palau", "Panama", 
    "Papua New Guinea", "Paraguay", "Peru", "Philippines", "Pitcairn", "Poland", 
    "Portugal", "Puerto Rico", "Qatar", "Reunion", "Romania", "Russian 
    Federation", "Rwanda", "Saint Kitts and Nevis", "Saint Lucia", "Saint Vincent 
    and the Grenadines", "Samoa", "San Marino", "Sao Tome and Principe", "Saudi 
    Arabia", "Senegal", "Seychelles", "Sierra Leone", "Singapore", "Slovakia 
    (Slovak Republic)", "Slovenia", "Solomon Islands", "Somalia", "South Africa", 
    "South Georgia and the South Sandwich Islands", "Spain", "Sri Lanka", "St. 
    Helena", "St. Pierre and Miquelon", "Sudan", "Suriname", "Svalbard and Jan 
    Mayen Islands", "Swaziland", "Sweden", "Switzerland", "Syrian Arab Republic", 
    "Taiwan, Province of China", "Tajikistan", "Tanzania, United Republic of", 
    "Thailand", "Togo", "Tokelau", "Tonga", "Trinidad and Tobago", "Tunisia", 
    "Turkey", "Turkmenistan", "Turks and Caicos Islands", "Tuvalu", "Uganda", 
    "Ukraine", "United Arab Emirates", "United Kingdom", "United States", "United 
    States Minor Outlying Islands", "Uruguay", "Uzbekistan", "Vanuatu", 
    "Venezuela", "Vietnam", "Virgin Islands (British)", "Virgin Islands (U.S.)", 
    "Wallis and Futuna Islands", "Western Sahara", "Yemen", "Yugoslavia", 
    "Zambia", "Zimbabwe");

                                ?>
            <div class="form-group">
                <label>Country*</label>
                <select name="country" class="form 
    control" required>
                    <option value selected></option>
                    <?php
                                                foreach($countries as $key => 
    $value):
                                                echo '<option 
    value="'.$value.'">'.$value.'</option>'; //close your tags!!
                                                endforeach;
                                                ?>
                </select>
            </div>

            <div class="form-group">
                <label>Phone Number</label>
                <input name="phone" type="text" class="form-control" required>

            </div>

            </div>

            </div>
            </div>

            <div class="row">

                <div class="col-md-12 col-sm-12">
                    <div class="well">
                        <h4>HUMAN VERIFICATION</h4>
                        <p>Type Below this code
                            <?php $Random_code=rand(); 
     echo$Random_code; ?>
                        </p>
                        <br />
                        <p>Enter the random code
                            <br />
                        </p>
                        <input type="text" name="code1" title="random code" />
                        <input type="hidden" name="code" value="<?php echo 
     $Random_code; ?>" />
                        <input type="submit" name="submit" class="btn btn- 
     primary">
                        <?php
                            if(isset($_POST['submit']))
                            {
                            $code1=$_POST['code1'];
                            $code=$_POST['code']; 
                            if($code1!="$code")
                            {
                            $msg="Invalide code"; 
                            }
                            else
                            {

here is the code to connect with database. i think the problem come from this part but i cannot find the reason. my database already align with the details in this code

 $con=mysqli_connect("localhost","root","","hotel");
                                $check="SELECT * FROM listofmembers WHERE 
 email = '$_POST[email]'";
                                $rs = mysqli_query($con,$check);
                                $data = mysqli_fetch_array($rs, MYSQLI_NUM);
                                if($data[0] > 1) {
                                    echo "<script type='text/javascript'> 
 alert('User Already in Exists')</script>";

                                }

                                else
                                {

                                    $new ="Not Conform";
                                    $newUser="INSERT INTO 
 `listofmembers`(`Username`,`Pw`,`Confirmpw`, `Subdate`,`Title`, `Fname`, 
`Lname`, `Email`, `Dob`, `Pob`, `Ic_passport`, `Address`,`Postcode`, `City`, 
 `State`, `Country`, `Phone`) VALUES `('$_POST[username]','$_POST[pw]','$_POST[confirmpw]]','$_POST[subdate]''$_POST[title]','$_POST[fname]','$_POST[lname]','$_POST[email]','$_POST[dob]','$_POST[pob]','$_POST[ic_passport]','$_POST[address]','$_POST[postcode]','$_POST[city]','$_POST[state]','$_POST[country]','$_POST[phone]')";`

                                    if (mysqli_query($con,$newUser))
                                    {
                                        echo "<script type='text/javascript'> 
alert('Your Booking application has been sent')</script>";

                                    }
                                    else
                                    {
                                        echo "<script type='text/javascript'> 
alert('Error adding user in database')</script>";

                                    }
                                }

                        $msg="Your code is correct";
                        }
                        }
                        ?>
                    </form>

                </div>
            </div>
        </div>


            </div>

javascript

                </div>
         <!-- /. PAGE INNER  -->
        </div>
     <!-- /. PAGE WRAPPER  -->
    </div>
 <!-- /. WRAPPER  -->
<!-- JS Scripts-->
<!-- jQuery Js -->
<script src="assets/js/jquery-1.10.2.js"></script>
  <!-- Bootstrap Js -->
<script src="assets/js/bootstrap.min.js"></script>
<!-- Metis Menu Js -->
<script src="assets/js/jquery.metisMenu.js"></script>
  <!-- Custom Js -->
<script src="assets/js/custom-scripts.js"></script>


</body>
</html>

There will pop up saying "Error adding user in database" every time I'm pressing the submit button

Dharman
  • 26,923
  • 21
  • 73
  • 125
melissa
  • 1
  • Use mysqli_error() to get some info about what is failing with insert query. – José Carlos PHP Nov 16 '19 at 08:07
  • It's a bad idea to put user input data directly inside a query, you must escape post values. – José Carlos PHP Nov 16 '19 at 08:09
  • $_POST[username] must be $_POST['username'] (an other similar so on) – José Carlos PHP Nov 16 '19 at 08:09
  • Take a look at '$_POST[confirmpw]]' you have a double ] at the end. – José Carlos PHP Nov 16 '19 at 08:10
  • You have a missing comma in `'$_POST[subdate]''$_POST[title]'` and a random quote at the end of the line. You are probably getting errors, but either not displaying them or just ignoring them. – Nigel Ren Nov 16 '19 at 08:31
  • Your code is vulnerable to SQL injection. You should use prepared statements. – Dharman Nov 16 '19 at 09:45
  • Thank you for all of your suggestion. I remove the bracket on the '$_POST[confirmpw]]' and add comma to '$_POST[subdate]''$_POST[title]' and the data can be connected to database – melissa Nov 17 '19 at 02:45
  • Does this answer your question? [mysqli\_fetch\_assoc() expects parameter / Call to a member function bind\_param() errors. How to get the actual mysql error and fix it?](https://stackoverflow.com/questions/22662488/mysqli-fetch-assoc-expects-parameter-call-to-a-member-function-bind-param) – Dharman Feb 29 '20 at 19:12

1 Answers1

-1

Firstly Use prepared statements. Read about them if you don't know about them.

Right now you can do this:
POST variables are stored in form of array so they should be access in the way you access your arrays.

Your $_POST['variable'] aren't quite right POST variable should be like $_POST['username'] and not like $_POST[username] also its' better to save post variables after passing them through mysqli_real_escape_string funtion:

eg: $username = mysqli_real_escape_string($_POST['username']);

then use this $username in your queries.

agentofchaoss
  • 114
  • 8