Ok, So i have this form and a PHP processing file, their extremely simple (Ive added no security as of yet!)

Everytime I press submit the form does what its supposed to do but 'password' doesnt insert into the database: can anyone help me??
Thanks in advance!



<html>
<form id="register" method="post" action="newuser.php">

Username:<br />
<input type="text" name="username" /><br /><br />

Password:<br />
<input type="password" name="password" /><br /><br />
Rank:<br />
<input type = "radio" name = "rank" value = "1" /> Admin <br/>
<input type = "radio" name = "rank" value = "2" /> Forum <br/>
<input type = "radio" name = "rank" value = "3" /> News <br/>
<input type = "radio" name = "rank" value = "4" /> Events <br/>
<input type = "radio" name = "rank" value = "5" /> Radio <br/>

<input type="submit" name="submit" value="Create" />
</form>
</html>


Thats the form
This is the PHP:


<?php
include ("config.php");

$user = ($_POST['username']);
$password = ($_POST['password']);
$rank = ($_POST['rank']);

mysql_query("INSERT INTO users (username, password, rank)
VALUES ('$user', '$password', '$rank')");
?>

Excuse the basic-ness!

+rep for any help, and my upper most gratitude! :)

<?php
include "config.php"; // first off, you don't need the ()'s around include.

$username = $_POST['username'];
$password = $_POST['password'];
$rank = $_POST['rank'];

/*
You don't need the ()'s around these either, it's pointless.
$user = ($_POST['username']);
$password = ($_POST['password']);
$rank = ($_POST['rank']);
*/

mysql_query("INSERT INTO `users` (username, password, rank) VALUES('$username', '$password', '$rank')") or die(mysql_error());
?>

Try this, tell me what happens.

Thanks!!! That works! :)

Another VERY quick question!

I want to make it so some pages are only available for rank '2' or rank '3'

So how would i go about checking if the user is rank 3 and then displaying the data, and if there not then not displaying the data??

Thanks again! Btw, what did i do wrong before other than the ()'s? :)

Not really sure what was wrong, it didn't output an error. I put ``(s) around the `users` table.

Well you need to get the user's rank from the database..



$username = "Caleb"; // you can get this from a session, wherever.
$logged = mysql_query("SELECT * FROM `users` WHERE `username`='$username'");
$logged = mysql_fetch_array($logged);

if($logged["rank"] != "1") {
// not an admin.
exit("Not an admin."); // you can redirect to an error page, include something here, doesn't matter, just exit.
}

// aha.. they are an admin.. show the content.

echo "Secret Stuff.";


You can put the $logged part somewhere else, and use it cross-site.

Not really sure what was wrong, it didn't output an error. I put ``(s) around the `users` table.

Well you need to get the user's rank from the database..



$username = "Caleb"; // you can get this from a session, wherever.
$logged = mysql_query("SELECT * FROM `users` WHERE `username`='$username'");
$logged = mysql_fetch_array($logged);

if($logged["rank"] != "1") {
// not an admin.
exit("Not an admin."); // you can redirect to an error page, include something here, doesn't matter, just exit.
}

// aha.. they are an admin.. show the content.

echo "Secret Stuff.";


You can put the $logged part somewhere else, and use it cross-site.

if i was to put $logged in my config.php and include it in on everypage would it still work?

It wouldn't work on the register pages, and things where you are not logged in, so that's really not the best place to put it.

You could first determine if the user is logged in or not, and if he is.. then do the $logged procedure.

It wouldn't work on the register pages, and things where you are not logged in, so that's really not the best place to put it.

You could first determine if the user is logged in or not, and if he is.. then do the $logged procedure.

Ok!
Thanks for your help so much!
Ive managed to fulfil the task i needed, so i cant thank you enough!! :)