Insert daned

[tudo2d64]

well, tenhoum site and to using the code Seguito

[PHP]<? Php require_once ('Connections / rede.php');?>
<? Php mysql_select_db ($ database_rede, $ network);


$ Name = $ _POST ['name'];
$ Name = $ _POST ['name'];
$ Age = $ _POST ['age'];
$ Sex = $ _POST ['gender'];
$ City = $ _POST ['city'];
$ User = $ _POST ['User'];
$ Email1 = $ _POST ['email1'];
$ Email2 = $ _POST ['email2'];
$ Password2 = $ _POST ['password2'];
Password3 $ = $ _POST ['Password3'];





if ($ email1! = "$ email2" | | $ password2! = "$ Password3")

header ("Location: nomeousenha.php");
else
{




Email_validade $ = $ _POST ['email1'];
Senha_validada $ = $ _POST ['password2'];

$ Sql ​​= "INSERT INTO cadastrar_usuario (name, surname, age, gender, city, User, email, password) VALUES ('$ name', '$ name', '$ age', '$ sex', '$ city' , '$ User', '$ email_validade', '$ senha_validada') ";

if (mysql_query ($ sql) or die ("Oops ... Your registration can not be completed, try again later". mysql_error ()));


Nome_exemplo $ = $ _POST ['email1'];

$ Sql2 = "INSERT INTO` `redesocial. Meu_perfil` `(` id `,` donodoperfil `,` sobremim `,` pensandoagora `,` city `,` sex `,` birth `) VALUES (NULL, '$ nome_exemplo' 'Sample text.', 'Sample text.', 'Sample text.', 'Sample text.', 'Sample text .')";

if (mysql_query ($ sql2) or die ("Oops ... Your registration can not be completed, try again later". mysql_error ()));

Nome_exemplo $ = $ _POST ['email1'];

$ SQL3 = "INSERT INTO nome_exibicao (id_dono, name) VALUES ('$ nome_exemplo', '$ nome_exemplo')";
if (mysql_query ($ SQL3) or die ("error in sql3, please report to the owner of the site so that it changes this error ... Thanks"));

$ Eumesmo = "My Profile !!!";
$ Baseimagem = "brancobase.JPG";

$ Sql4 = "INSERT INTO friends (amigo1, amigo2, image, nomeexibicao) VALUES ('$ nome_exemplo', '$ nome_exemplo', '$ baseimagem', '$ eumesmo')";
if (mysql_query ($ sql4) or die ("error in sql4"));

$ Sql5 = "INSERT INTO foto_perfil (id_dono, photo) VALUES ('$ nome_exemplo', '$ baseimagem')";
if (mysql_query ($ sql5) or die ("error in sql5"));




header ("Location: usuarioexistente.php");
}
?> [/ PHP]



just that it's time to register the insert daned

sorry for my English, is that I'm Brazilian

[Dead-i]

There are some crucial errors in your script:

Firstly, you have a space after every $ symbol. There should be no space, it should be something like $name NOT $ Name

Secondly, there is a space after your <? and before your PHP code near the start. There should be no space, it should be something like <?php NOT <? PHP

Thirdly, there is a space after _POST and before ['. There should be no space, it should be something like _POST[' NOT _POST ['

Fourth, on the first line there is a space before and after the /. There are no spaces, it should be something like connections/rede.php NOT connections / rede.php

Fifth, near the start you used

Code:

if ($ email1! = "$ email2" | | $ password2! = "$ Password3")

when it should be

Code:

if ($email1! == "$ email2" || $password2! == "$ Password3")

Also, next time you post, wrap your code round

Code:

 and

NOT [HTML] [/ HTML].

[tudo2d64]

Sesculpe, but the errors that you talked so that I appeared to put the message in an interactive google translators, sorry ...
going postal in Portuguese.
The error that is appearing this.

Ops... Seu cadastro não pode ser completado, tente novamente mais tardeINSERT command denied to user 'vidaloka_admin'@'localhost' for table 'meu_perfil'

and I gave all permissions phpmyadmin panel


The page code is this

PHP Code:

<?php require_once('Connections/rede.php'); ?>
<?php mysql_select_db($database_rede,$rede);


$nome = $_POST['nome'];
$sobrenome=$_POST['sobrenome'];
$idade=$_POST['idade'];
$sexo=$_POST['sexo'];
$cidade=$_POST['cidade'];
$usuario=$_POST['usuario'];
$email1=$_POST['email1'];
$email2=$_POST['email2'];
$senha2=$_POST['senha2'];
$senha3=$_POST['senha3'];





if ($email1 != "$email2" || $senha2 != "$senha3")

    header("Location:nomeousenha.php");
else
{
    
    


$email_validade=$_POST['email1'];
$senha_validada=$_POST['senha2'];
    
$sql = "INSERT INTO cadastrar_usuario (nome, sobrenome, idade, sexo, cidade, usuario, email, senha) VALUES ('$nome','$sobrenome','$idade','$sexo','$cidade','$usuario','$email_validade','$senha_validada')";

if (mysql_query($sql) or die("Ops... Seu cadastro não pode ser completado, tente novamente mais tarde".mysql_error()));


$nome_exemplo = $_POST['email1'];

$sql2 = "INSERT INTO `redesocial`.`meu_perfil` (`id`, `donodoperfil`, `sobremim`, `pensandoagora`, `cidade`, `sexo`, `nascimento`) VALUES (NULL, '$nome_exemplo', 'Texto exemplo.', 'Texto exemplo.', 'Texto exemplo.', 'Texto exemplo.', 'Texto exemplo.')";

if (mysql_query($sql2) or die("Ops... Seu cadastro não pode ser completado, tente novamente mais tarde".mysql_error()));

$nome_exemplo = $_POST['email1'];

$sql3 = "INSERT INTO nome_exibicao(id_dono, nome) VALUES ('$nome_exemplo','$nome_exemplo')";
if (mysql_query($sql3) or die ("erro no sql3, favor relatar ao proprietario do site para que ele mude esse erro... Obrigado"));

$eumesmo = "Meu perfil!!!";
$baseimagem = "brancobase.JPG";

$sql4 = "INSERT INTO amizades(amigo1, amigo2, imagem, nomeexibicao) VALUES ('$nome_exemplo','$nome_exemplo','$baseimagem','$eumesmo')";
if (mysql_query($sql4) or die ("erro no sql4"));

$sql5 = "INSERT INTO foto_perfil(id_dono, foto) VALUES ('$nome_exemplo','$baseimagem')";
if(mysql_query($sql5) or die ("erro no sql5"));




header("Location:usuarioexistente.php");
}
?>

if you prefer to look at the same site that the link is


myfriends.x10.mx/myfriends

[misson]

In this case, the [php] tag would be more appropriate than [code] (which tudo2d64 has discovered).

@tudo2d64: Make sure you've followed all the steps to create a MySQL user and database.

The sample code is vulnerable to SQL injection, which is a very serious security risk. To fix this hole, switch from the outdated mysql extension to PDO and use prepared statements. If you need a PDO tutorial, try "Writing MySQL Scripts with PHP and PDO". The site you save may just be your own.

Don't use die when outputting HTML (which you should be doing for a registration page). You'll get invalid HTML.

Outputting database error messages to non-admin users discloses too much information. Instead, log the MySQL error message. For some errors (such as those related to missing or invalid values), output your own error message to the user and what action the user can take to address it. For the rest, inform the user that there was an internal error.

All or none of the queries must apply to the database. If the later queries fail and you don't undo the affects of the earlier queries, you will leave the database in an inconsistent state. The simplest way of doing this is to use transactions. You must use InnoDB tables for the transaction statements to work.

I don't have Portugese-language resources for any of the pages linked to above. A web search (or Google translate) should supply such.

[essellar]

In addition to what misson has already posted, I'd like to point people to Joel Spolky's article Making Wrong Code Look Wrong. (Unfortunately, it's not one of the articles that has been translated into a lot of languages. If there's anyone out there who can create a decent translation into Portugese or Brazilian Portugese -- or any other language -- feel free to use the wiki that's linked from Joel's front page.)

For the tl;dr crowd, it boils down to using Charles Simonyi's original "Hungarian notation" (which was not about encapsulating the declaration and scope in a variable name, but rather about noting "type" as an ordinary, non-programming human being would understand the term). In this case, you'd name something that came directly from user input as "unsafe":

PHP Code:

$unsafe_name = $_POST["name"};
//or, if "unsafe" seems like too may characters to type
$u_name = $_POST["name"]; 


Similarly, you'd mark checked and sanitized values as "safe". If you ever find yourself using a variable that's marked "unsafe" anywhere that it could possibly cause damage, it will stand out like a sore thumb -- and if you ever mark direct user input as "safe", your code will also give off an unpleasant odor. It's an easy way of keeping yourself out of all kinds of trouble.