MyBB Community Forums

Ok, I'm trying to poineer into the wonderful area of PHP/MySQL programming, but I'm having some difficulties. http://www.paulhq.com/php/freepage.html should register, but when anyone fills something out, it returns a MySQL error: Could not insert data because You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1

Here are the codes:

freepage.html ::

<form action="register.php" method="post">
<strong>Username:</strong></td><td><input name="username" /></td></tr>
<tr><td><strong>Password:
<br />[3-12 letters/numbers]</strong></td><td><input type="password" name="secure" /></td></tr>
<tr><td><strong>Email: [Valid Please]</strong></td><td><input name="email" /></td></tr>
<tr><td><strong>MSN Email:</strong></td><td><input name="MSN" /></td></tr>
<tr><td><strong>Yahoo:</strong></td><td><input name="yahoo" /></td></tr>
<tr><td><strong>AIM:</strong></td><td><input name="AIM" /></td></tr>
<tr><td><strong>ICQ Number:</strong></td><td><input name="ICQ" /></td></tr>
<tr><td><strong>Picture URL:</strong></td><td><input name="pic" /></td></tr>
<tr><td colspan="2"><div align="center">
<input type="submit" value="Register!"></div></td></tr></table>
</form>

I just included the form to save space... That's the only thing that really matters anyways.

register.php ::

<?php 

include("config.php");

// connect to the mysql server
$link = mysql_connect($server, $db_user, $db_pass)
or die ("Could not connect to mysql because ".mysql_error());

// select the database
mysql_select_db($database)
or die ("Could not select database because ".mysql_error());

// check if the username is taken
$check = "select id from $table where username = '".$_POST['username']."';"; 
$qry = mysql_query($check) or die ("Could not match data because ".mysql_error());
$num_rows = mysql_num_rows($qry); 
if ($num_rows != 0) { 
echo "Sorry, there the username $username is already taken.<br>";
echo "<a href=register.html>Try again</a>";
exit; 
} else {

// insert the data
$insert = mysql_query("insert into $table values ('NULL', '".$_POST['username']."', '".$_POST['secure']."', '".$_POST['email']."', '".$_POST['msn']."', '".$_POST['yahoo']."', '".$_POST['aim']."', '".$_POST['icq']."', '".$_POST['picture']."',)")
or die("Could not insert data because ".mysql_error());

// print a success message
echo "Your user account has been created!<br>"; 
echo "Now you can <a href=login.html>log in</a>"; 
}

?>

This is the script that handles the information given on the registration form.

config.php ::

<?php
$server = "localhost";	// server to connect to.
$database = "ptn_php";	// the name of the database.
$db_user = "ptn_****";	// mysql username to access the database with.
$db_pass = "******";	// mysql password to access the database with.
$table = "users";		// the table that this script will set up and use.
?>

I've starred out sensitive information, but it's all correct.


Thanks for any help you can give me!

Try this:

register.php ::

<?php 

include("config.php");

// connect to the mysql server
$link = mysql_connect($server, $db_user, $db_pass)
or die ("Could not connect to mysql because ".mysql_error());

// select the database
mysql_select_db($database)
or die ("Could not select database because ".mysql_error());

// check if the username is taken
$check = "select id from $table where username = '".addslashes($_POST['username'])."';"; 
$qry = mysql_query($check) or die ("Could not match data because ".mysql_error());
$num_rows = mysql_num_rows($qry); 
if ($num_rows != 0) { 
echo "Sorry, there the username $username is already taken.<br>";
echo "<a href=register.html>Try again</a>";
exit; 
} else {

// insert the data
$insert = mysql_query("insert into $table values ('NULL', '".addslashes($_POST['username'])."', '".addslashes($_POST['secure'])."', '".addslashes($_POST['email'])."', '".addslashes($_POST['msn'])."', '".addslashes($_POST['yahoo'])."', '".addslashes($_POST['aim'])."', '".addslashes($_POST['icq'])."', '".addslashes($_POST['picture'])."')")
or die("Could not insert data because ".mysql_error());

// print a success message
echo "Your user account has been created!<br>"; 
echo "Now you can <a href=login.html>log in</a>"; 
}

?>

Thanks for the fix! That worked great X3 Would you mind explaining what that did, and how you knew how to fix it? o.o I really want to have a good understanding of it ^^

EDIT: Wow, I just fixed my own problem this time X3 I'm happy with myself.

you had an extra comma