Awais Ahmad Awais Ahmad - 26 days ago 9
MySQL Question

Can't add user using php form in mysql database

This is my first question here. I hope I will find the answer.
As the title says I am unable to add users using form I created in html and I am unable to add a user using php function into database.

db.php

<?php
$db['db_host'] = 'localhost';
$db['db_user'] = 'root';
$db['db_pass'] = '';
$db['db_name'] = 'cms';
foreach($db as $key => $value){
define(strtoupper($key),$value);
}

$con = mysqli_connect(DB_HOST,DB_USER,DB_PASS,DB_NAME);

if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
//you need to exit the script, if there is an error
exit();
}

?>
add-user.php
<?php
require_once('inc/top.php');
if(!isset($_SESSION['username'])){
header('Location:login.php');
}

else if(isset($_SESSION['username']) and $_SESSION['role'] =='author'){
header('Location:index.php');
}
?>
</head>
<body>
<div id="wrapper">
<?php require_once('inc/header.php');?>
<div class="container-fluid body-section">
<div class="row">
<div class="col-md-3">
<?php require_once('inc/sidebar.php');?>
</div>
<div class="col-md-9">
<h1><i class="fa fa-user-plus"></i> Add User<small>Add
New User</small></h1>
<hr>
<ol class="breadcrumb">
<li><a href="#"><i class="fa fa-tachometer">
</i> Dashboard</a></li>
<li class="active"><i class="fa fa-user-plus">
</i>Add New User</li>
</ol>

<?php
if(isset($_POST['submit'])){
$date=time();
$first_name = mysqli_real_escape_string($con,$_POST['first-name']);
$last_name = mysqli_real_escape_string($con,$_POST['last-name']);
$username = mysqli_real_escape_string($con,strtolower($_POST['username']));
$username_trim=preg_replace('/\s*/','',$username);
$email = mysqli_real_escape_string($con,strtolower($_POST['email']));
$password = mysqli_real_escape_string($con,$_POST['password']);
$role = $_POST['role'];
$image = $_FILES['image']['name'];
$image_tmp = $_FILES['image']['tmp_name'];

$check_query="SELECT * FROM users WHERE username='$username' or email='$email'";
$check_run=mysqli_query($con,$check_query);
$salt_query="SELECT * FROM users ORDER BY id LIMIT 1";
$salt_run=mysqli_query($con,$salt_query);
$salt_row=mysqli_fetch_array($salt_run);
$salt=$salt_row['salt'];
$password=crypt($password, $salt);

if(empty($first_name) or empty($last_name) or empty($username) or empty($email) or empty($password) or empty($image)) {
$error="All field Required";

}
else if($username!=$username_trim){
$error="Don't use spaces in username";

}
else if(mysqli_num_rows($check_run)){
$error="Username or Email Already Exist";
}
else{

$insert_query="INSERT INTO `users` (`id`, `date`, `first_name`, `last_name`, `username`, `email`, `image`, `password`, `role`) VALUES (NULL, NULL', '$first_name', '$last_name', '$username', '$email', '$image', '$password', '$role')";
if(mysqli_query($con,$insert_query)){
$msg="User has been Added";
move_uploaded_file($image_tmp,"img/$image");

}
else{
$error="user has not been Added";
}
}
}

?>
<div class="row">
<div class="col-md-8">
<form action="" method="post" enctype="multipart/form-data">
<div class="form-group">
<label for="first-name">First Name:*</label>
<?php
if(isset($error)){
echo "<span class='pull-right' style='color:red;'>$error</span>";
}
else if(isset($msg)){
echo "<span class='pull-right' style='color:green;'>$msg</span>";
}

?>
<input type="text" name="first-name" value="<?php if(isset($first_name)){ echo $first_name;}?>" id="first-name" class="form-control" placeholder="First Name">
</div>

<div class="form-group">
<label for="last-name">Last Name:*</label>
<input type="text" name="last-name" value="<?php if(isset($last_name)){ echo $last_name;}?>" id="last-name" class="form-control" placeholder="Last Name">
</div>

<div class="form-group">
<label for="username">Username:*</label>
<input type="text" name="username" id="username" value="<?php if(isset($username)){ echo $username;}?>" class="form-control" placeholder="Username">
</div>

<div class="form-group">
<label for="email">Email:*</label>
<input type="text" name="email" id="email" value="<?php if(isset($email)){ echo $email;}?>" class="form-control" placeholder="Email Address">
</div>

<div class="form-group">
<label for="Password">Password:*</label>
<input type="password" name="password" id="password" class="form-control" placeholder="Password">
</div>

<div class="form-group">
<label for="role">Role:*</label>
<select name="role" id="role" class="form-control">
<option value="author">Author</option>
<option value="admin">Admin</option>
</select>
</div>

<div class="form-group">
<label for="image">Profile Picture:*</label>
<input type="file" name="image" id="image">
</div>



<input type="submit" value="Add User" name="submit" class="btn btn-primary">

</form>


</div>
<div class="col-md-4">
<?php
if(isset($check_image)){

echo "<img src='img/$check_image' width='100%'>";
}

?>

</div>
</div>

</div>
</div>
</div>
<?php require_once('inc/footer.php');?>


I have done many searches but didn't find it to work the code and add user. whenever I try to add a user as "author" or "admin" it says "user has not been added".
Thanks in advance

Answer Source

Please try this query where you insert:

INSERT INTO `users` (`date`, `first_name`, `last_name`, `username`, `email`, `image`, `password`, `role`) VALUES (NULL, '$first_name', '$last_name', '$username', '$email', '$image', '$password', '$role');