<?php
session_start();
$host="fenrir"; // Host name
$username="x"; // Mysql username
$password="x"; // Mysql password
$db_name="x"; // Database name
$tbl_name="register_users"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$myBirthDay=$_POST['myBirthDay'];
$myEmail=$_POST['myEmail'];
echo $_SESSION['myFirstName'], $_SESSION['myLastName'], $myLastName, $myBirthDay, $myEmail;
// To protect MySQL injection (more detail about MySQL injection)
$myBirthDay = stripslashes($myBirthDay);
$myEmail = stripslashes($myEmail);
$myBirthDay = mysql_real_escape_string($myBirthDay);
$myEmail = mysql_real_escape_string($myEmail);
$sql="INSERT INTO $tbl_name (id, firstName, lastName, birthDay, email) VALUES(0, $myFirstName, $myLastName, $myBirthDay, $myEmail);";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
echo "Success.";
}
else {
echo "Wrong Username or Password";
}
?>
preferences:
47.35 ms | 402 KiB | 5 Q