Hey guys, I'd like some help with making a code on a webpage to access a database. The code i have so far doesen't seem to work because it gives me an error and never creates the account. The code i'm using
Config:
<?php
//MSSQL Host IP
$db_host = 'localhost';
//MSSQL Username
$db_user = 'sa';
//MSSQL Password
$db_pass = '';
//MSSQL Database
$db_name = 'redmoon';
$conn = mssql_connect($db_host,$db_user,$db_pass);
mssql_select_db($db_name,$conn);
?>
Addacount.php
<?php
include("config.php");
if (isset($_POST['AddAccount'])) {
if ($_POST['Username'] > "" && $_POST['Password'] > "") {
$validchars = "abcdefghijklmnopqrstuvwxyz0123456789";
$valid = true;
for ($i = 0; $i < strlen($_POST['username']); $i++) {
if (strpos($validchars,strtolower(substr($_POST['username'],$i,1))) === false){
$valid = false;
**
**
for ($i = 0; $i < strlen($_POST['Password']); $i++) {
if (strpos($validchars,strtolower(substr($_POST['Password'],$i,1))) === false){
$valid = false;
**
**
if ($valid == true) {
$query = "SELECT BillID FROM tblBillID WHERE BillID = '".$_POST['Username']."'";
$result = mssql_query($query,$conn);
if (mssql_num_rows($result) > 0) {
echo "<b>Account name in use.</b>";
** else {
$accquery = "INSERT INTO tblBillID (BillID,Password) VALUES('".$_POST['Username']."','".$_POST['Password']."')";
$accresult = mssql_query($accquery,$conn);
echo "<b>Account Added</b>";
**
** else {
echo "<b>You didn't fill out all the required fields.</b>";
**
** else {
echo "dont try to hack me biatch!";
**
echo "<br><br>";
**
?>
<table border="0">
<tr>
<td class="mytext">
<u>Add an Account</u><br>
<form action="addaccount.php" method="post">
<table border="0">
<tr>
<td>Username</td>
<td><input type="text" name="Username" height="5" maxlength="12" style="width: 100px;"></td>
</tr>
<tr>
<td>Password</td>
<td><input type="text" name="Password" height="5" maxlength="10" style="width: 100px;"></td>
</tr>
<tr>
<td></td>
<td><input type="submit" value="Add" name="AddAccount"></td>
</tr>
</table>
</form>
</td>
</tr>
</table
Does anyone see anything wrong with this? Thanks for your time...
~Shoki
Config:
<?php
//MSSQL Host IP
$db_host = 'localhost';
//MSSQL Username
$db_user = 'sa';
//MSSQL Password
$db_pass = '';
//MSSQL Database
$db_name = 'redmoon';
$conn = mssql_connect($db_host,$db_user,$db_pass);
mssql_select_db($db_name,$conn);
?>
Addacount.php
<?php
include("config.php");
if (isset($_POST['AddAccount'])) {
if ($_POST['Username'] > "" && $_POST['Password'] > "") {
$validchars = "abcdefghijklmnopqrstuvwxyz0123456789";
$valid = true;
for ($i = 0; $i < strlen($_POST['username']); $i++) {
if (strpos($validchars,strtolower(substr($_POST['username'],$i,1))) === false){
$valid = false;
**
**
for ($i = 0; $i < strlen($_POST['Password']); $i++) {
if (strpos($validchars,strtolower(substr($_POST['Password'],$i,1))) === false){
$valid = false;
**
**
if ($valid == true) {
$query = "SELECT BillID FROM tblBillID WHERE BillID = '".$_POST['Username']."'";
$result = mssql_query($query,$conn);
if (mssql_num_rows($result) > 0) {
echo "<b>Account name in use.</b>";
** else {
$accquery = "INSERT INTO tblBillID (BillID,Password) VALUES('".$_POST['Username']."','".$_POST['Password']."')";
$accresult = mssql_query($accquery,$conn);
echo "<b>Account Added</b>";
**
** else {
echo "<b>You didn't fill out all the required fields.</b>";
**
** else {
echo "dont try to hack me biatch!";
**
echo "<br><br>";
**
?>
<table border="0">
<tr>
<td class="mytext">
<u>Add an Account</u><br>
<form action="addaccount.php" method="post">
<table border="0">
<tr>
<td>Username</td>
<td><input type="text" name="Username" height="5" maxlength="12" style="width: 100px;"></td>
</tr>
<tr>
<td>Password</td>
<td><input type="text" name="Password" height="5" maxlength="10" style="width: 100px;"></td>
</tr>
<tr>
<td></td>
<td><input type="submit" value="Add" name="AddAccount"></td>
</tr>
</table>
</form>
</td>
</tr>
</table
Does anyone see anything wrong with this? Thanks for your time...
~Shoki