Problem adding new fields to register.php Problem adding new fields to register.php
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Problem adding new fields to register.php

Started by Cam_Evenson, October 05, 2009, 10:33:04 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Cam_Evenson

I have been asked by a friend of mine to add 3 extra mandatory fields in the register.php file. I built the fields in SQL to support the change within cpg_user. I got the fields to view in the register form and can enter information. I confirmed that the data was being stored in the variables but when the form runs the SQL it fails. I checked the format of the Insert into value query and all my brackets and quotation marks match. Is there some other criteria I am missing that would be preventing this?

   // the following query I am getting errors on.

    $sql = "INSERT INTO {$CONFIG['TABLE_USERS']} (user_regdate, user_active, user_actkey, user_name, user_password, user_email, user_fname, user_address, user_phone, user_profile1, user_profile2, user_profile3, user_profile4, user_profile5, user_profile6) ".
          "VALUES (NOW(), '$active', '$act_key', '" . addslashes($user_name) . "', '" . addslashes($encpassword) . "', '" . addslashes($email) . "', '$name', '$address', '$phone', '$profile1', '$profile2', '$profile3', '$profile4', '$profile5', '$profile6') or die(mysql_error())";


// this query works
   
// $sql = "INSERT INTO {$CONFIG['TABLE_USERS']} (user_regdate, user_active, user_actkey, user_name, user_password, user_email, user_profile1, user_profile2, user_profile3, user_profile4, user_profile5, user_profile6) ".

         //  "VALUES (NOW(), '$active', '$act_key', '" . addslashes($user_name) . "', '" . addslashes($encpassword) . "', '" . addslashes($email) . "', '$profile1', '$profile2', '$profile3', '$profile4', '$profile5', '$profile6')";



Nibbler


Nibbler

Oh, you have the quotes in the wrong place.


   $sql = "INSERT INTO {$CONFIG['TABLE_USERS']} (user_regdate, user_active, user_actkey, user_name, user_password, user_email, user_fname, user_address, user_phone, user_profile1, user_profile2, user_profile3, user_profile4, user_profile5, user_profile6) ".
          "VALUES (NOW(), '$active', '$act_key', '" . addslashes($user_name) . "', '" . addslashes($encpassword) . "', '" . addslashes($email) . "', '$name', '$address', '$phone', '$profile1', '$profile2', '$profile3', '$profile4', '$profile5', '$profile6') or die(mysql_error())";


Should be


   $sql = "INSERT INTO {$CONFIG['TABLE_USERS']} (user_regdate, user_active, user_actkey, user_name, user_password, user_email, user_fname, user_address, user_phone, user_profile1, user_profile2, user_profile3, user_profile4, user_profile5, user_profile6) ".
          "VALUES (NOW(), '$active', '$act_key', '" . addslashes($user_name) . "', '" . addslashes($encpassword) . "', '" . addslashes($email) . "', '$name', '$address', '$phone', '$profile1', '$profile2', '$profile3', '$profile4', '$profile5', '$profile6')";

Cam_Evenson

All I get is it in terms of error is that it said that there is a critical error when processing the query. I put the changed SQL Query in but I still get the error.

This is the web page: http://www.strictlyphoto.net/gallery/register.php

Nibbler

Enable debug mode to get the actual error message.