Click here to Skip to main content
15,035,866 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
register.class.php code

PHP
<?php
class DataBase
{
    public $connection;
    private $hostname;
    private $username;
    private $password;
    private $db;

    public function connect($host,$user,$pass,$dtb)
    {
        $this->hostname=$host;
        $this->username=$user;
        $this->password=$pass;
        $this->db=$dtb;

        return $this->connection=mysqli_connect($host,$user,$pass,$dtb) or die("Could not connect");
    }

    public function insert($fields,$data,$table)
    {
        try{
            $queryfield=implode(",",$fields);
            $queryvalues=implode('","',$data);

            $sql='insert into '.$table.'('.$queryfield.') values("'.$queryvalues.'")';

            if(mysqli_query($this->connection,$sql)
            {
                return TRUE;
            }else{
                die(mysqli_error($this->connection));
            }

        }catch(Exception $e){
            echo "Error:" .$e;
        }
    }
}

?>


register.php code

PHP
<?php

include 'register.class.php';

$con=new DataBase();
$con->connect('localhost','root','ricky','mydatabase');

if(isset($_POST['submit']))
{
    $uName=$_POST['username'];
    $email=$_POST['email'];
    $uPassword=$_POST['password'];
    $passHash=crypt($uPassword);
    $field=array('username','email','password');
    $values=array($uName,$email,$passHash);

    $res=$con->insert($field,$values,'users5');
    if($res)echo"1 record inserted";
}
?>



form.php

XML
<?php

?>

<!DOCTYPE html>
<html lang="en">
    <head>
        <meta charset="utf-8" />
        <title></title>
    </head>
    <body>
        <form action="register.php" method="post" enctype="multipart/form-data">
        <label>NAME:</label><br>
            <input type="text" name="username" required value=""><br><br>
            <label>E-MAIL:</label><br>
            <input type="text" name="email" required value=""><br><br>
            <label>PASSWORD:</label><br>
            <input type="password" name="password" required value=""><br><br>
            <input type="submit" name="submit" value="Submit">
        </form>

    </body>
</html>


unable to insert record page show blank without inserting record
Posted
Comments
E.F. Nijboer 2-Feb-15 9:11am
   
Are you creating a test site to explain SQL injection? Or is this a serious attempt to create a website?
Rakesh 00 2-Feb-15 9:20am
   
Hi thanx for reply this is just for test.I am new to oops concept... Big Grin | :-D
E.F. Nijboer 2-Feb-15 9:24am
   
I would really advize you to read up on proper handling of values used in your sql statement. A well known joke about it can be found on xkcd: http://xkcd.com/327/

Have a look here:
http://php.net/manual/en/mysqli-stmt.bind-param.php
http://php.net/manual/en/mysqli.prepare.php
Rakesh 00 2-Feb-15 9:24am
   
I will be really thankfull if you will give me complete code with oops concept to update, insert, select, delete data from database :P
W Balboos, GHB 3-Feb-15 15:02pm
   
It looks to me like your using the wrong delimiter in this statement:

$queryvalues=implode(' "," ',$data);

I would think you want something more like:
$queryvalues=implode(" ',' ",$data);


This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900