Hi RaRa3, I'm not quite sure about the question you're asking but here is how you would hash a password and insert it into a database
Your HTML <form> element should be a POST request. (Using GET requests for passwords is a bad idea)
It should look like this <form action="" method="post">...</form>
<?php //CORRECTED VERSION//GET ALL THE VALUES AND STORE THEM INTO VARIABLES$firstname = $_POST["firstName"];$lastname = $_POST["lastName"];$user = $_POST["username"]$pass = $_POST["pass"]; //We first store the value of the password to $pass$email = $_POST["email"];$address = $_POST["address"];//HASH PASSWORD$pass = md5($pass); //We hash the value of $pass//INSERT THEM INTO DATABASE$sql = "INSERT INTO UserAccount (firstName, lastName, userName, password, email, address) VALUES ('$firstname','$lastname','$user','$pass','$email','$address')";$res=mysql_query($sql); //We INSERT $pass(HASHED) into the database, not $_POST["pass"](NOT HASHED)
<?php //start php tag//include connect.php page for database connectioninclude('connect.php');//if submit is not blanked i.e. it is clicked.if(isset($_POST['submit'])) { //You do not need the !="". This line is enough for checking if a button has been clicked$firstname = $_POST["firstName"];$lastname = $_POST["lastName"];$user = $_POST["username"]$pass = $_POST["pass"];$email = $_POST["email"];$address = $_POST["address"];if(empty($firstname) || empty($lastname) || empty($user) || empty($pass) || empty($email) || empty($address)) { //Try using the built in empty() function to detect blank fields. Much easierEcho "Please fill the empty field(s).";}Else{//////////REPLACE THIS WITH CODE IN THE ABOVE SECTION//////////////$sql = "INSERT INTO UserAccount (firstName, lastName, userName, password, email, address) VALUES ('$_POST[firstName]','$_POST[lastName]','$_POST[user]','$_POST[pass]','$_POST[email]','$_POST[address]')";$password = md5($pass);$res=mysql_query($sql);This code will not work.. Notice how you have not defined $pass or $password yet? and your values are directly taken from a POST[] Request///////////////////////////////////////////////////////////////////if($res){Echo "Thank you for signing up";}Else{Echo "There is some problem in inserting record";}}}?>
Tips for next time:
1. You should really start using mysqli_query since mysql_query is deprecated
2. When you're getting a value from a form please first store it into a variable first. Then you can manipulate the variable.
3. This code is insecure, you should use functions such as mysql_real_escape_string() or stripslashes() to prevent SQL INJECTION Measures.
4. Always use POST[] requests when handling sensitive data (passwords etc.). I'd prefer you stay away from the REQUEST[] operator.