-1

I create a sign up page but there is an error

Notice: Undefined variable: statement in D:\xampp\htdocs\123\signup.php on line 35

its inserting in the database but php file show error . How its inserting in database but still show error?

signup page

<!doctype html>
<html>
  <head><title>ABU E-ADVISING</title>
  <link rel="stylesheet" type="text/css" href="style.css" \>
</head>
<body>
  <?php

    $Username1 = $_POST['usr'];
   $Pass1 = $_POST['pass'];
   $Surname = $_POST['sur'];
   $Othernames = $_POST['oname'];
   $DOB = $_POST['dob'];
   $email = $_POST['email'];
   $Tel = $_POST['tel'];
   $Add = $_POST['add'];
   $Postcode = $_POST['postcode'];



   $db = mysql_connect('localhost','root','ROOT');
   if (!$db)
   {
     print "<h1>Unable to Connect to MySQL</h1>";
   }

   $dbname = 'adv';

   $btest = mysql_select_db($dbname);

   if (!$btest)
   {
     print "<h1>Unable to Select the Database</h1>";
   }
   $statement .= "insert into user (userName, Password, FName, LName, DOB,Email, Tele, Address, PCode) ";
   $statement .= "values (";
   $statement .= "'".$Username1."', '".$Pass1."',  
    '".$Surname."','".$Othernames."','".$DOB."','".$Tel."', '".$Add."', 
    '".$Postcode."','".$email."'";
   $statement .= ")";
   $result = mysql_query($statement);

   if ($result)
   {
     echo "<br>Author Added: ".$Surname.", ".$Othernames;
   } else {
      $errno = mysql_errno($db);

      if ($errno == '1062') {
        echo "<br>Author is already in Table: <br />".$mylastname.", 
  ".$myfirstname;
      } else {
        echo("<h4>MySQL No: ".mysql_errno($result)."</h4>");
        echo("<h4>MySQL Error: ".mysql_error($result)."</h4>");
        echo("<h4>SQL: ".$statement."</h4>");
        echo("<h4>MySQL Affected Rows: ".mysql_affected_rows($result)."  
   </h4>");
      }

      print 'NotAdded';
   }

 ?>
  </body>

sql

CREATE TABLE IF NOT EXISTS `user` (
  `UID` int(11) NOT NULL,
  `userName` varchar(70) NOT NULL,
  `Password` text NOT NULL,
  `FName` text,
  `LName` text,
  `DOB` text,
  `Email` text,
  `Tele` text,
  `Address` text,
  `PCode` text
)   ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=6 ;

Can anyone help ?

amdixon
  • 3,814
  • 8
  • 25
  • 34
aysha
  • 1
  • 1
    Please [don't use `mysql_*`](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php?rq=1); the `mysql_*` functions are outdated, [deprecated](http://us3.php.net/manual/en/intro.mysql.php), and insecure. Use [`MySQLi`](http://us3.php.net/manual/en/book.mysqli.php) or [`PDO`](http://us3.php.net/manual/en/intro.pdo.php) instead. Also, you are wide open to [**SQL injection**](https://www.owasp.org/index.php/SQL_Injection). – elixenide Oct 28 '15 at 11:39
  • stop using mysql, i know it is not related to your question but it would be better for future, avoid using mysql, go for mysqli, pdo or any other. – Amrinder Singh Oct 28 '15 at 11:39

3 Answers3

1

Here's where you have the error: 

$statement .= "insert into user (userName, Password, FName, LName, DOB,Email, Tele, Address, PCode) ";

You are concatenating a previously undeclared string variable.

It should read :

 $statement = "insert into user (userName, Password, FName, LName, DOB,Email, Tele, Address, PCode) ";
NaijaProgrammer
  • 2,892
  • 2
  • 24
  • 33
1

Update the following line

$statement .= "insert into user (userName, Password, FName, LName, DOB,Email, Tele, Address, PCode) ";

To

$statement = "insert into user (userName, Password, FName, LName, DOB,Email, Tele, Address, PCode) ";

$x .= $y means $x = $x . $y

So, if $x is not defined prior to this statement you'll get the notice for the second $x (after =).

Don't use mysql_*. It's deprecated and insecure.

Ashwini Agarwal
  • 4,828
  • 2
  • 42
  • 59
1

You are trying to append something after the $statement variable on line 35.

$statement wasn't defined, and you're trying to append to it.

Try that.

<!doctype html>
<html>
    <head>
        <title>ABU E-ADVISING</title>
        <link rel="stylesheet" type="text/css" href="style.css" \>
    </head>
    <body>
        <?php
        $Username1 = $_POST['usr'];
        $Pass1 = $_POST['pass'];
        $Surname = $_POST['sur'];
        $Othernames = $_POST['oname'];
        $DOB = $_POST['dob'];
        $email = $_POST['email'];
        $Tel = $_POST['tel'];
        $Add = $_POST['add'];
        $Postcode = $_POST['postcode'];

        $db = mysql_connect('localhost','root','ROOT');
        if (!$db)
        {
            print "<h1>Unable to Connect to MySQL</h1>";
        }

        $dbname = 'adv';
        $btest = mysql_select_db($dbname);

        if (!$btest)
        {
            print "<h1>Unable to Select the Database</h1>";
        }

        $statement = "insert into user (userName, Password, FName, LName, DOB,Email, Tele, Address, PCode) ";
        $statement .= "values (";
        $statement .= "'".$Username1."', '".$Pass1."', '".$Surname."','".$Othernames."','".$DOB."','".$Tel."', '".$Add."', '".$Postcode."','".$email."'";
        $statement .= ")";
        $result = mysql_query($statement);

        if ($result)
        {
            echo "<br>Author Added: ".$Surname.", ".$Othernames;
        } else {
            $errno = mysql_errno($db);

            if ($errno == '1062') {
                echo "<br>Author is already in Table: <br />".$mylastname.", ".$myfirstname;
            } else {
                echo("<h4>MySQL No: ".mysql_errno($result)."</h4>");
                echo("<h4>MySQL Error: ".mysql_error($result)."</h4>");
                echo("<h4>SQL: ".$statement."</h4>");
                echo("<h4>MySQL Affected Rows: ".mysql_affected_rows($result)."</h4>");
            }

        print 'NotAdded';
        }
        ?>
    </body>

Update, indented everything properly for you, if you learn it yourself this way, it improves productivity and readability!

Also, I would suggest you to clean up your code a bit this way:

<html>
    <head>
    </head>
    <body>
        <?php
        if($bla == $bla) {
            echo "bla = bla";
        }
        ?>
    </body>
</html>

Note how I am indenting every time I open either a new tag or inbetween {}

L Ja
  • 1,384
  • 1
  • 11
  • 22