<?php

include("config.php");


$con = mysql_connect($dbip,$dbuser,$dbpass);
if (!$con)
	{
	die('Could not connect ' . mysql_error() );
	}

mysql_select_db($dbname, $con);


$insert = "INSERT INTO users (username, password, steamid, fname, lname, email, rank, admin, banned)
VALUES
 ('$_POST[uname]', '$_POST[pword]', '$_POST[steamid]', 'unknown', 'unknown', '$_POST[email]', '2', 'no', 'no')";

 if (!mysql_query($insert,$con))
  {
  die('Error: ' . mysql_error());
  }
echo "You have been added! You may now login!";

mysql_close($con)

?>

Error: No Database Selected

    Find out if/why your mysql_select_db() is failing:

    if(mysql_select_db($dbname, $con) == false)
{
   die("Select DB error: " . mysql_error());
}

    The above is quick-and-dirty debug code. For a more secure solution, you should log the error via error_log() and then provide some user-friendly error message that does not reveal details about your database (the same for any error after the mysql_query()).

      You use:

      mysql_select_db($dbname, $con);

      but $dbname isn't set anywhere in the code you have included, if it isn't set somewhere it won't have a value. It needs to be set to whichever database you are trying to connect to.

        Also note that user-supplied data should never be placed directly into a SQL query, else your code will be vulnerable to SQL injection attacks and/or just plain SQL error messages. Instead, you must sanitize it with a function such as [man]mysql_real_escape_string/man (for string data).

          Write a Reply...