PHP/SQL help, Database retrieval

Bender512

ok, i have just started learning PHP about two days ago, but here is what i have so far.
The below code all works fine, but i need to change the way i retrieve data, as password() is a Mysql statment, and to retrieve that, i need to use it in an SQL statement

i am thinking about SELECT * FROm but i would not know how to implement this

there is one part that does not work here, and thats to confirm if data is in the form that gets submitted, so if anyone can give me a pointer there

<?PHP

require_once("config.php");
$db = @mysql_connect( $dbhost, $dbuname, $dbpass);
mysql_select_db($dbname,$db);
$result = mysql_query("SELECT * FROM users",$db);
 	if ($_GET['delete'] == "yes") {
		$sql = "DELETE FROM users WHERE id='".$_GET['id']."'";
		$result = mysql_query($sql);
		echo "Record deleted! <br>Click <a href=\"$_SERVER[PHP_SELF]?admin=yes\">here</a> to return to the Admin tool<p>";
	}
	elseif ($_GET['edit'] == "yes") {
		echo "Not implemented yet!";
	}
	elseif ($_GET['register'] == "yes") {
		if ($_POST['submit']) {
			if (($_POST[aid] == '' ) or ($_POST[email] == '') && ($_POST[pass] == ''))  {
				if (($_POST[pass] != $_POST[conf])) {
					echo "Enter a user name and blah blah blah....
						  Thank You";
					echo "<p>";
					echo "Please use the 'Back' button to continue.";
					echo "</p>";
					exit;
				}
			}
			elseif (('$_POST[aid]' ) or ('$_POST[email]') && ('$_POST[pass]')) {
				$connect = mysql_select_db($dbname, mysql_connect($dbhost, $dbuname, $dbpass));
				$pas = $_POST[pass];
				$sql = "INSERT INTO users (name,email,pass,conf) VALUES ('$_POST[aid]','$_POST[email]',password('$pas'),'$_POST[conf]')";
				$result = mysql_query($sql) or die(mysql_error());
				echo "Thank you! Information entered.\n";
			}
			}
			else {
				?>
				<FORM METHOD="post" ACTION="<?php echo "$_SERVER[PHP_SELF]?register=yes"; ?>">
				Name:<INPUT TYPE="Text" NAME="aid"><BR>
				Email:<INPUT TYPE="Text" NAME="email"><br>
				Password<INPUT TYPE="Text" NAME="pass"><br>
				Confirm:<INPUT TYPE="Text" NAME="conf"><br>

			<INPUT TYPE="Submit" NAME="submit" value="Enter information">
			</FORM>
			<?php
		}
}
elseif ($_GET['admin'] == "yes") {
 if ($myrow = mysql_fetch_array($result))
{
echo "Click <a href=\"$_SERVER[PHP_SELF]?register=yes\">here</a> to add a user<p>";
	echo "<table border=1>\n";
	echo "<tr><td>ID</td><td>Name</td>
	<td>E-Mail</td><td>Password</td><td>Password</td><td>Delete</td></tr>\n";
	do {
		echo "<tr><td>".$myrow['id']."</td><td>".$myrow['name']."</td><td>".
		$myrow[email]."</td><td>".$myrow[pass]."</td><td>
		<a href=\"$PHP_SELF?id=".$myrow['id']."&delete=yes\">(DELETE)</a></td></tr>\n";

	}
	while ($myrow = mysql_fetch_array($result));
	echo "</table>\n";
}
else {
	echo "Sorry, no records were found!";
}
}

else {
echo "Click <a href=\"$_SERVER[PHP_SELF]?register=yes\">here</a> to add a user<p>";
echo "Click <a href=\"$_SERVER[PHP_SELF]?admin=yes\">here</a> to go to admin<p>";
}
?>

Duey

well this is the system i use

<?
//the forms been submitted
$errorList = array();
	$count = 0;

// validate text input fields
//you can add varibles here
	if (!$email) { $errorList[$count] = "Invalid entry: Email"; $count++; }

// check for errors
// if none found...
if (sizeof($errorList) == 0)
{
//carry on with proccessing all required fields filled in
}
//o no not all required fields filled in
else
	{
			// errors occurred
		// print as list
		echo "<font size=-1>The following errors were encountered: <br>";
		echo "<ul>";
		for ($x=0; $x<sizeof($errorList); $x++)
		{
			echo "<li>$errorList[$x]";
		}
		echo "</ul></font>";
	}

hope this helps