Hi all

On the register.php page - when I enter a new username and password I receive this message:

You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

The code follows below. Please note that i have changed some things slightly from the book (i.e. leaving some un-required fileds) to make it more like the final application I want to implement.

Any help appciated. TIA

<?php
session_start();
include "logged_config.php";
?>
<html>
<head>
    <title>This is a test!</title>
</head>
<body>

<?php
//if the button is pressed
 if ($_POST['submit'] == "Register")
 {
    //check to see that the fields aren't empty
    if ($_POST['username'] != "" && $_POST['password'] != "")
    {
        //create function to see if user already exists
        $check_user = $_POST['username'];

$query = "SELECT username FROM user_info WHERE username ='$check_user';";
    $result = mysql_query($query) or die(mysql_error());

        if (mysql_num_rows($result) !=0)
        {
  //present form to user and warn if username is in use
  ?>

<b>The Username, <?php echo $_POST['username']?>, is already in use, please choose another!</b>
    <form action="register.php" method="post">
    Username: <input type="text" name="username"><br>
    Password: <input type="password" name="password" value="<?php echo $_POST['password']?>"><br>
    <input type="submit" name="submit" value="Register"> &nbsp; <input type="reset" value="Clear">
    </form>
<?php

//place data into database
    }
    else
    {
    $query = "INSERT INTO user_info(username, password) VALUES ('" . $_POST['username'] . "', (password(' ". $_POST['password'] . "'));";
        $result = mysql_query($query) or die(mysql_error());
        $_SESSION['user_logged'] = $_POST['username'];
        $_SESSION['user_password'] = $_POST['password'];
?>
    Thank you, <?php echo $_POST['username'];?> for registering!<br>
        <a href="logged_in.php">Click Here</a> to continue.
<?php

//if fields are empty warn user and display form again
        }
    }
    else
    {
?>

<b>The Username and Password fields are required!</b>
        <form action="register.php" method="post">
        Username: <input type="text" name="username" value"<?php echo $_POST['username']?>"><br>
    Password: <input type="password" name="password" value="<?php echo $_POST['password']?>"><br>
    <input type="submit" name="submit" value="Register"> &nbsp; <input type="reset" value="Clear">
    </form>

<?php
    }
}
else
{
?>

Welcome to the registration page!<br>
The Username and Password fields are required!
<form action="register.php" method="post">
Username: <input type="text" name="username"><br>
Password: <input type="password" name="password"><br>
<input type="submit" name="submit" value="Register"> &nbsp; <input type="reset" value="Clear">
</form>
<?php
}
?>

</body>
</html>

I implemented the changes Firedrill suggested but I still receive the same error message.

Fixed it. Just in case anyone looks at this in future and has a similar problem here is the code:

    $query = "INSERT INTO user_info (username, password) VALUES ('" . $_POST['username'] . "', (password(' ". $_POST['password'] . "')));";
        $result = mysql_query($query) or die(mysql_error());
        $_SESSION['user_logged'] = $_POST['username'];
        $_SESSION['user_password'] = $_POST['password'];
?>

Needed an extra ) after $_POST['password'] on the insert line. Seems to have done the trick!