[RESOLVED] Mysql/PHP insert & CONCAT
Hello all, Im building a login script for some people, and I would like somone to have a once over this script thus far. I know I still havent check the emails nor a few other things i need to do. I will get back to those. But for now can anyone have a looky and see if it looks good. They only issue I think here is the CONCAT function. I am not sure I scripted that part right.
PHP Code:
<?php
require_once('../wp-includes/class-phpass.php');
//connects to databases
require_once('dbconnect.php');
//Create var names
$first_name = mysql_real_escape_string($_POST['F_Name']);
$last_name = mysql_real_escape_string($_POST['L_Name']);
$phone_number_1 = mysql_real_escape_string($_POST['Pnumber1']);
$phone_number_2 = mysql_real_escape_string($_POST['Pnumber2']);
$address = mysql_real_escape_string($_POST['Address']);
$state = mysql_real_escape_string($_POST['State']);
$city = mysql_real_escape_string($_POST['City']);
$zip_code = mysql_real_escape_string($_POST['Zip']);
$email_1 = mysql_real_escape_string($_POST['Email1']);
$email_2 = mysql_real_escape_string($_POST['Email2']);
$username = mysql_real_escape_string($_POST['Uname']);
$password_1 = mysql_real_escape_string($_POST['Pass']);
$jed = mysql_real_escape_string($_POST['Jednostka']);
$dob = mysql_real_escape_string($_POST['DOB']);
$stopien = mysql_real_escape_string($_POST['Stopein']);
$funk = mysql_real_escape_string($_POST['FUNK']);
$hasher = new PasswordHash(8, True);
$password = $hasher->HashPassword($password_1);
$ENC =MD5($password_1);
$ERRmsg = "";
//Checks if any feilds were left empty and creates an error message to display
if(empty($first_name)) $ERRmsg .= 'You did not enter a First Name! Pleaase go back and try again! \n';
if(empty($last_name)) $ERRmsg .= 'You did not enter a Last Name! Please go back and try again! \n';
if(empty($phone_number_1)) $ERRmsg .= 'You did not enter a Phone Number! Please go back and try again! \n';
if(empty($address)) $ERRmsg .= 'You did not enter an Address! Please go back and try again! \n';
if(empty($state)) $ERRmsg .= 'You did not choose a State! Please go back and try again! \n':
if(empty($city)) $ERRmsg .= 'You did not enter a City! Please go back and try again! \n';
if(empty($zip_code) $ERRmsg .= 'You did not enter a Zip Code. Please go back and try again! \n';
if(empty($email_1) $ERRmsg .= 'You did not enter a Email. Please go back and try again! \n';
if(empty($email_2) $ERRmsg .= 'You did not re-enter you Email. Please go back and try again! \n';
if(empty($username) $ERRmsg .= 'You did not enter a Username. Please go back and try again! \n';
if(empty($password_1) $ERRmsg .= 'You did not enter a password! Please go back and try again! \n';
if(empty($jed) $ERRmsg .= 'You did not choose a Jednostka! Please go back and try again! \n';
if(empty($dob) $ERRmsg .= 'You did not enter a Date of Birth! Please go back and try again! \n';
if(empty($stopien) $ERRmsg .= 'You did not choose a Stopien! Please go back and try again! \n';
if(empty($funk) $ERRmsg .= 'You did not enter a Funkcjia! Please go back and try again! \n';
//Checks to see if error message is empty, if empty does rest of code
if(empty($ERRmsg) {
//pick databases and tables
//creates query for warta database
$wdp = "INSERT INTO Users_tbl (`ID`, `F_NAME`, `L_Name`, `P_number1`, `P_number2`, `Address`, `City`, `State`, `Zip`, `Email`, `username`, `password`, `Jednostka`, `Funkcjia`, `High`, `Active`, `user_registered`, `user_email`, `user_login`, `user_pass`, `user_nicename`, `display_name`, `groupID`, `prefs_list_item`)
VALUES('', '$first_name', '$last_name', '$phone_number_1', $phone_number_2', '$address', '$state', '$zip_code', '$email_1', '$username', '$password', '$jed', '$funk', '$jed', '0', '', '$email_1', '$username', '$password', '."=CONCAT("$First_name" ' ' "$Last_name")".', '."=CONCAT("$First_name" ' ' "$Last_name")".', '', '')";
}
else {
echo $ERRmsg;
exit;
}
?>
