Hi everyone! I have a problem in My system when I send My data to My database, and I do not know why it happens,
by the way my queries I have to change them to parameterized (THE ERROR IS IN MY QUESTION 😉)
This is my code
(THE ERROR IT´S IN THE LAST LINE):
<?php
include ("conex.php");
session_start();
include("conex.php");
if(isset($_POST['ingre'])){
$name = $_POST["name"];
$password = $_POST["pass"];
$sql = "SELECT COUNT(*) as contar FROM usuario WHERE name ='$name' AND pass ='$password'";
$consult=mysqli_query($conn,$sql);
$arreglo=mysqli_fetch_array($consult);
if($arreglo['contar']> 0) {
$_SESSION['usuario']=$name;
echo "<script>alert('Bienvenido: $name'); window.location='home.php'</script>";
}else{
echo "<script>alert('Los datos estan mal'); window.location='login.php'</script>";
}
$name = $_POST["name"];
$apellido = $_POST["apec"];
$dad = $_POST["namep"];
$mom = $_POST["namem"];
$tipeCI = $_POST["tipeid"];
$ci = $_POST["ci"];
$phone = $_POST["te"];
$correo = $_POST["email"];
$add = $_POST["dirre"];
$day = $_POST["diana"];
$gradoI = $_POST["gradoin"];
$esC = $_POST["estado"];
$sex = $_POST["sex"];
$pass = $_POST["pass"];
if(isset($_POST["butt"]))
{
$sqlgrabar = "INSERT INTO usuario(name,last,nameDad,nameMom,tipoIdentificacion,identificacion,telefono,email,address
,born,rango,estadoC,sex,pass)
values ('$name','$apellido','$dad','$mom','$tipeCI','$ci','$phone','$correo','$add','$day','$gradoI','$esC',
'$sex','$pass')";
$veri_correo=mysqli_query($conn,"SELECT * FROM usuario WHERE email='$correo'");
$veri_pass=mysqli_query($conn,"SELECT * FROM usuario WHERE pass='$pass'");
if(mysqli_num_rows($veri_correo) > 0){
echo '<script>window.location="dise/errorEgistro.php";</script>';
exit();
}
if(mysqli_num_rows($veri_pass) > 0){
echo '<script>window.location="dise/errorEgistro.php";</script>';
exit();
}
if(mysqli_query($conn,$sqlgrabar))
{
echo "<script> alert('Felicidades el usuario fue registrado con exito: $name'); window.location='login.php' </script>";
}else
{
echo "Error: ".$sqlgrabar."<br>".mysqli_error($conn);
}
}
?>
What I have tried:
I tried some thing but nothing, I Am a little NOOB, and I don't why the error happened