<?phpsession_start();include('db.php');$username=$_POST['username'];$result

1. <?php
2. session_start();
3. include('db.php');
4. $username=$_POST['username'];
5.  
6. $result = mysqli_query($db,"SELECT * FROM member WHERE username='$username'");
7. $num_rows = mysqli_num_rows($result);
8.  
9. if ($num_rows) {
10. header("location: index.php?remarks=failed");
11. }
12. else
13. {
14. $firstname=$_POST['firstname'];
15. $lastname=$_POST['lastname'];
16. $username=$_POST['username'];
17. $password=$_POST['password'];
18. mysqli_query($db,"INSERT INTO member(firstname, lastname, username, password)VALUES('$firstname', '$lastname', '$username', '$password')");
19. header("location: index.php?remarks=success");
20. }
21. ?>
22.  
23. <?php
24. session_start();
25. include('db.php');
26. $username=$_POST['username'];
27.  
28. $result = mysqli_query($db,"SELECT * FROM member WHERE username='$username'");
29. $num_rows = mysqli_num_rows($result);
30.  
31. if ($num_rows) {
32. header("location: index.php?remarks=failed");
33. }
34. else
35. {
36. $titlu = $_POST['titlu'];
37. $descriere = $_POST['descriere'];
38. $joy = $_POST['joy'];
39. $comm = $_POST['comm'];
40. $sql = "UPDATE member
41. SET titlu = '".mysql_real_escape_string($_POST[titlu])."'
42. SET descriere = '".mysql_real_escape_string($_POST[descriere])."'
43. SET joy = '".mysql_real_escape_string($_POST[joy])."'
44. SET comm = '".mysql_real_escape_string($_POST[comm])."'
45. WHERE username='".mysql_real_escape_string($_POST['username'])."'";
46. header("location: welcome.php?remarks=success");
47. }
48. ?>