From real_escape_string code is showing as text not running on browser, even dreamweaver showing no error please help if any alternative then please tell me. trying to create a subscribe php form with validation of email is correct both passwords are same, uploaded file avatar is png, jpg, gif. this is code
<?php
/* form.php */
session_start();
$_SESSION['message'] = '';
$mysqli = new mysqli("localhost", "root", "mypass123", "accounts_complete");
if ($_SERVER['REQUEST_METHOD'] == 'POST'){
if ($_POST['password'] == $_POST['confirmpassword']) {
$username = $mysqli->real_escape_string($_POST['username']);
$email = $mysqli->real_escape_string($_POST['email']);
$password = md5($_POST['password']); //md5 hash password security
$avatar_path = $mysqli-real_escape_string('image/'.$_FILES['avatar']['name']);
//make sure this file type is image
if (preg_match("!image!",$_FILES['avatar']['type'])) {
//copy image to image/folder
if (copy($_FILES['avatar']['temp_name'], $avatar_path)) {
$_SESSION['username'] = $username;
$_SESSION['avatar'] = $avatar_path;
$sql = "INSERT INTO users (username, email, password, avatar) "
. "VALUES ('$username', '$email', '$password', '$avatar_path')";
//if the query is successfull, redirect to welcome.php page, done!
if ($mysqli->query($sql) === true) {
$_SESSION['message'] = 'Registration succesfull! Added $username to the database!';
}
else {
$_SESSION['message'] = "User could not be added to the database!";
}
}
else {
$_SESSION['message'] = "File upload failed!";
}
}
else {
$_SESSION['message'] = "Please only upload GIF, JPG, or PNG images!";
}
}
else {
$_SESSION['message'] = "Two passowrd do not match!";
}
}
?>