When I press submit on my form the action is register.php this file should add the input values in my database but it goes straight to echo "error" can someone please tell me what the problem is?
The Form
<form action="PHP/register.php" method="post">
First name:<br/>
<input type="text" name="firstname"/><br/>
Last name:<br/>
<input type="text" name="lastname"/><br/><br/>
Username:<br/>
<input type="text" name="username" id="username"/><br/>
Email:<br/>
<input type="text" name="email" id="email"/><br/><br/>
Country:<br/>
<input type="text" name="country"/><br/>
Province:<br/>
<input type="text" name="province"/><br/><br/>
Address:<br/>
<input type="text" name="address"/><br/>
Postal code:<br/>
<input type="text" name="postalcode"/><br/>
Password:<br/>
<input type="text" name="password" id="password"/><br/><br/>
Reenter password:<br/>
<input type="text" name="passwordcheck"/><br/>
<input type="submit" value="Submit" name="submit"/>
</form>
Register.php
<?php
session_start();
include('configdb.php');
if(isset($_POST['submit']))
{
//whether the username is blank
if($_POST['username'] == '')
{
$_SESSION['error']['username'] = "User Name is required.";
}
//whether the email is blank
if($_POST['email'] == '')
{
$_SESSION['error']['email'] = "E-mail is required.";
}
else
{
//whether the email format is correct
if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9._-]+)+$/", $_POST['email']))
{
//if it has the correct format whether the email has already exist
$email= $_POST['email'];
$sql1 = "SELECT * FROM user WHERE email = '$email'";
$result1 = mysqli_query($mysqli,$sql1) or die(mysqli_error());
if (mysqli_num_rows($result1) > 0)
{
$_SESSION['error']['email'] = "This Email is already used.";
}
}
else
{
//this error will set if the email format is not correct
$_SESSION['error']['email'] = "Your email is not valid.";
}
}
//whether the password is blank
if($_POST['password'] == '')
{
$_SESSION['error']['password'] = "Password is required.";
}
//if the error exist, we will go to registration form
if(isset($_SESSION['error']))
{
echo "error";
}
else
{
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$username = $_POST['username'];
$email = $_POST['email'];
$country = $_POST['country'];
$province = $_POST['province'];
$address = $_POST['address'];
$postalcode = $_POST['postalcode'];
$password = $_POST['password'];
$com_code = md5(uniqid(rand()));
$sql2 = "INSERT INTO user (firstname, lastname, username, email, country, province, address, postalcode, password, com_code) VALUES ('$firstname', '$lastname', '$username', '$email', '$country', '$province', '$address', '$postalcode', '$password', '$com_code')";
$result2 = mysqli_query($mysqli,$sql2) or die(mysqli_error());
if($result2)
{
$to = $email;
$subject = "Confirmation from TutsforWeb to $username";
$header = "TutsforWeb: Confirmation from TutsforWeb";
$message = "Please click the link below to verify and activate your account. rn";
$message .= "http://clan.red-spirit.com/PHP/confirm.php?passkey=$com_code";
$sentmail = mail($to,$subject,$message,$header);
if($sentmail)
{
echo "Your Confirmation link Has Been Sent To Your Email Address.";
}
else
{
echo "Cannot send Confirmation link to your e-mail address";
}
}
}
}
?>