-
Put the mysql query in the if statement curly braces just like this:
if(isset($_POST['submit'])) { $name1=$_POST['name']; $phone1=$_POST['phone']; $email1=$_POST['email']; $pass1=$_POST['password']; $query="INSERT INTO `register`(`name`,`phone`,`email`,`pass`) VALUES('$name1','$phone1','$email1','$pass1')"; $result=mysql_query($query) or die("Error in pushing".mysql_error()); mysql_close($conn); } ?>When the form isn't submited, your variables are not defined and you are querying the db with them. So you put everything in the if statement, so that only when the form is submitted that the query will execute. Also you are vulnerable to mysql injection, use the mysql_real_escape_string function or use mysqli prepared statement.
加载中...
- 热议问题