I'm writing a simple registration form to add users to a database. The code is below.
<?php
include 'header.php';
$tag = randomString();
?>
<html>
<head>
<title>Register an Account</title>
</head>
<body>
<b>Register an account</b><br><br>
<form method="post" action="add_user.php?tag=<?echo $tag;?>">
Username: <br><input type="text" name="username" size=25/><br /><br>
Password: <br><input type="password" name="password" size=25/><br /><br>
Confirm Password: <br><input type="password" name="confirm" size=25/><br /><br>
Email Address: <br><input type="text" name="email" size=25/><br /><br><br>
Additional Info: <br><input type="text" name="info" size=50/><br>
<input type="submit" name="Submit" />
</form>
</body>
</html>
The form seems to work fine. However, when I attempt to read this post data on the next page, some entries are correct, and others are not, even when all entries are filled. For example:
echo mysql_real_escape_string(htmlentities($_POST['username'])); --> outputs what was in the info field
echo mysql_real_escape_string(htmlentities($_POST['password'])); --> output is what was entered in "confirm"
echo mysql_real_escape_string(htmlentities($_POST['confirm'])); --> no output
echo mysql_real_escape_string(htmlentities($_POST['email'])); --> email is outputted, this is correct.
echo mysql_real_escape_string(htmlentities($_POST['info'])); --> No output.
Very confused as to why this is happening, I've written many forms with no such problems.
EDIT: Here's the var_dump (data entered: username, Pass1, Pass2, email@address.com, and info in the proper order):
array(4) { ["username"]=> string(4) "info" ["password"]=> string(5) "Pass2" ["email"]=> string(17) "email@address.com" ["Submit"]=> string(6) "Submit" }
EDIT2: Added entire page's code
add_user.php (Not finished-- the issue came up when I was trying to compare the two passwords. That never evaluated as true, mainly because I wasn't comparing what I thought I was)
<?php
//var_dump($_POST);
echo mysql_real_escape_string(htmlentities($_POST['username'])); echo "<br>";
echo mysql_real_escape_string(htmlentities($_POST['password'])); echo "<br>";
echo mysql_real_escape_string(htmlentities($_POST['confirm'])); echo "<br>";
echo mysql_real_escape_string(htmlentities($_POST['email'])); echo "<br>";
echo mysql_real_escape_string(htmlentities($_POST['info'])); echo "<br>";
if ($_POST['password'] != $_POST['confirm']) {
die("Passwords do not match. Please go back and try again.");
}
$tag = $_GET['tag'];
?>
In that $_POST is not values "confirm" and "info" at all. That’s why they don’t output anything.
I suggest to switch PHP’s notices on, they would tell this instantly.
I can’t think but that you have filled the form wrong. Since ”info” is value of “username”.