Form registration

Asked

Viewed 45 times

-1

I want to create a phpmyadmin php and Mysql user registration service however my code inserts.php is not inserting the records in phpmyadmin and I am not realizing where I am to err in the code, already tested with $S_POST and tested as $S_GET and nothing.

the.php form code and insert.php are as follows::

php.php input code:

ob_start();
session_start();
if (isset($_SESSION['user']) != "") {
    header("Location: formulario.php");
}
$conn = mysqli_connect("localhost", "root", "admin", "usersregistados");

if (!$conn) {
    die("Connection failed: " . mysqli_connect_error());
}

$error = false;

if (isset($_POST['Inserir'])) {

    // Prevent SQL Injection

    $username = trim($_GET['username']);
    $username = strip_tags($username);
    $username = htmlspecialchars($username);

    $password = trim($_GET['password']);
    $password = strip_tags($password);
    $password = htmlspecialchars($password);

    $email = trim($_GET['email']);
    $email = strip_tags($email);
    $email = htmlspecialchars($email);

    // Check username
    if (empty($username)) {
        $error         = true;
        $usernameError = "Please fill in this field!";
    } else {
        // Does email address exist?
        $query  = "SELECT username FROM users WHERE username='{$username}'";
        $result = mysqli_query($query);
        $count  = mysqli_num_rows($result);
        if ($count != 0) {
            $error         = true;
            $usernameError = "Username is taken!";
        }
    }

    // Check email
    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
        $error      = true;
        $emailError = "Please enter valid email address.";
    } else {
        // Does email address exist?
        $query  = "SELECT email FROM users WHERE email='{$email}'";
        $result = mysqli_query($query);
        $count  = mysqli_num_rows($result);
        if ($count != 0) {
            $error      = true;
            $emailError = "Email is already in use!";
        }
    }

    // password validation
    if (empty($password)) {
        $error     = true;
        $passError = "Please fill in this field!";
    } else if (strlen($password) < 6) {
        $error     = true;
        $passError = "Field must contain at least 6 characters!";
    }

    // password encrypt using SHA256();
    $password = hash('sha256', $password);

    // if there's no error, continue to signup
    if (!$error) {

        $query = "INSERT INTO users (username, password, email) VALUES ('{$username}', '{$password}', '{$email}')";
        $res = mysqli_query($conn, $query) or die(mysqli_error());

        if ($res) {
            $errTyp = "success";
            $errMSG = "Successfully registered, you may login now";
            unset($name);
            unset($email);
            unset($pass);
        } else {
            $errTyp = "danger";
            $errMSG = "Something went wrong, try again later...";
        }

    }
}
?>

php code.:

<?php
session_start();
?>

    <!DOCTYPE html>
    <html>

    <head>
        <meta charset="utf-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge">
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <link href="https://fonts.googleapis.com/css?family=Open+Sans:300,400,700" rel="stylesheet">
        <link rel="stylesheet" href="css/bulma.min.css" />
        <link rel="stylesheet" type="text/css" href="css/login.css">
    </head>

    <body>
        </form>
        <section class="hero is-success is-fullheight">
            <div class="hero-body">
                <div class="container has-text-centered">
                    <img src="ipcb_logo.png" height="40" width="150">
                    <div class="column is-4 is-offset-4">
                        <h3 class="title has-text-grey">Formulário de Registo</h3>
                        <div class="box">
                            <form action="insere.php" method="POST">
                                <div class="field">
                                    <div class="control">
                                        <input name="username" class="input is-large" placeholder="Your Username" autofocus="">
                                    </div>
                                </div>
                                <div class="field">
                                    <div class="control">
                                        <input name="password" class="input is-large" type="password" placeholder="Your Password">
                                    </div>
                                </div>
                                <div class="field">
                                    <div class="control">
                                        <input name="email" name="text" class="input is-large" placeholder="Your Email" autofocus="">
                                    </div>
                                </div>
                                <div class="input-group">
                                    <butto>
                                        <p>
                                            <input name="inserir" class="button is-block is-link is-large is-fullwidth" type="submit" value="Inserir" </p>
                                            </button>
                                </div>
                            </form>
                        </div>
                        <img src="produtech_logo.png" height="40" width="300" align="middle"></p>
                        <br>
                        <img src="Logo_financiamento.png" height="40" width="300" align="middle"></p>
                    </div>
                </div>
        </section>
    </body>

    </html><?php
session_start();
?>

    <!DOCTYPE html>
    <html>

    <head>
        <meta charset="utf-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge">
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <link href="https://fonts.googleapis.com/css?family=Open+Sans:300,400,700" rel="stylesheet">
        <link rel="stylesheet" href="css/bulma.min.css" />
        <link rel="stylesheet" type="text/css" href="css/login.css">
    </head>

    <body>
        </form>
        <section class="hero is-success is-fullheight">
            <div class="hero-body">
                <div class="container has-text-centered">
                    <img src="ipcb_logo.png" height="40" width="150">
                    <div class="column is-4 is-offset-4">
                        <h3 class="title has-text-grey">Formulário de Registo</h3>
                        <div class="box">
                            <form action="insere.php" method="POST">
                                <div class="field">
                                    <div class="control">
                                        <input name="username" class="input is-large" placeholder="Your Username" autofocus="">
                                    </div>
                                </div>
                                <div class="field">
                                    <div class="control">
                                        <input name="password" class="input is-large" type="password" placeholder="Your Password">
                                    </div>
                                </div>
                                <div class="field">
                                    <div class="control">
                                        <input name="email" name="text" class="input is-large" placeholder="Your Email" autofocus="">
                                    </div>
                                </div>
                                <div class="input-group">
                                    <button>
                                        <p>
                                            <input name="inserir" class="button is-block is-link is-large is-fullwidth" type="submit" value="Inserir" </p>
                                            </button>
                                </div>
                            </form>
                        </div>
                        <img src="produtech_logo.png" height="40" width="300" align="middle"></p>
                        <br>
                        <img src="Logo_financiamento.png" height="40" width="300" align="middle"></p>
                    </div>
                </div>
        </section>
    </body>

    </html>

1 answer

0


I’ve corrected your code and we’ll go in pieces. Starting in HTML there are some errors, first has a tag form being closed but without being opened previously. Exactly where shown below:

    <body>
    </form>
    <section class="hero is-success is-fullheight">

According to the email input it has two name attributes, the second probably would be an attribute type:

<input name="email" name="text" class="input is-large" placeholder="Your Email" autofocus="">

Third and what contributed to not working was the part where the button is:

  <butto>                                        
      <p>
          <input name="inserir" class="button is-block is-link is-large is-fullwidth" type="submit" value="Inserir" </p>
                                        </button>

In the tag button missing the letter n, the input insert is another button (pay attention because here is the problem), besides the input tag insert is not closed.

Now for the insertion part: Note that you expect there to be an input, passed as POST:

if (isset($_POST['Inserir'])) {

However, the input input is not sent once its type has been set to Submit, which means that its value is not sent by the request. Besides that the input is with the name insert(lowercase) and the check is uppercase. That is, would never enter this check. To fix just take out the input insert from inside the button, and change its type to Hidden, so it does not appear in the form and it is possible to recover it in the post variable, and changing the function from button to tag button, thus:

<div class="input-group">                            
  <input name="inserir" type="hidden"   value="Inserir"> 
  <button class="button is-block is-link is-large is-fullwidth" type="submit">Inserir 
  </button>                                
</div>

Then your check in inserts.php looks like this:

if (isset($_POST['inserir'])) {

Last but not least, the function mysqli_query, expects as first parameter the instance of the database connection, you passed only the query itself in two lines.

Here:

 // Does email address exist?
    $query  = "SELECT username FROM users WHERE username='{$username}'";
    $result = mysqli_query($query);

And here:

// Does email address exist?
$query  = "SELECT email FROM users WHERE email='{$email}'";
$result = mysqli_query($query);

Corrected would look like this:

 // Does email address exist?
    $query  = "SELECT username FROM users WHERE username='{$username}'";
    $result = mysqli_query($conn, $query);

And so:

// Does email address exist?
$query  = "SELECT email FROM users WHERE email='{$email}'";
$result = mysqli_query($conn, $query);

In addition to exchanging the $_GET for $_POST.

$username = trim($_POST['username']);
    $username = strip_tags($username);
    $username = htmlspecialchars($username);

    $password = trim($_POST['password']);
    $password = strip_tags($password);
    $password = htmlspecialchars($password);

    $email = trim($_POST['email']);
    $email = strip_tags($email);
    $email = htmlspecialchars($email);

Finally follow the complete codes fixed for you to test, tested here and worked: php form.:

    <?php
session_start();
?>

<!DOCTYPE html>
<html>

<head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <link href="https://fonts.googleapis.com/css?family=Open+Sans:300,400,700" rel="stylesheet">
    <link rel="stylesheet" href="css/bulma.min.css" />
    <link rel="stylesheet" type="text/css" href="css/login.css">
</head>

<body>
    <section class="hero is-success is-fullheight">
        <div class="hero-body">
            <div class="container has-text-centered">
                <img src="ipcb_logo.png" height="40" width="150">
                <div class="column is-4 is-offset-4">
                    <h3 class="title has-text-grey">Formulário de Registo</h3>
                    <div class="box">
                        <form action="insere.php" method="POST">
                            <div class="field">
                                <div class="control">
                                    <input name="username" type="text" class="input is-large" placeholder="Your Username" autofocus="">
                                </div>
                            </div>
                            <div class="field">
                                <div class="control">
                                    <input name="password" class="input is-large" type="password" placeholder="Your Password">
                                </div>
                            </div>
                            <div class="field">
                                <div class="control">
                                    <input name="email" type="email" class="input is-large" placeholder="Your Email" autofocus="">
                                </div>
                            </div>
                            <div class="input-group">

                                        <input name="inserir" type="hidden"   value="Inserir"> 
                                <button class="button is-block is-link is-large is-fullwidth" type="submit">Inserir </button>                                

                            </div>
                        </form>
                    </div>
                    <img src="produtech_logo.png" height="40" width="300" align="middle"></p>
                    <br>
                    <img src="Logo_financiamento.png" height="40" width="300" align="middle"></p>
                </div>
            </div>
    </section>
</body>

</html>

php insert.:

    <?php
ob_start();
session_start();
if (isset($_SESSION['user']) != "") {
    header("Location: formulario.php");
}
$conn = mysqli_connect("localhost", "root", "", "usersregistados");

if (!$conn) {
    die("Connection failed: " . mysqli_connect_error());
}

$error = false;

if (isset($_POST['inserir'])) {

    // Prevent SQL Injection

    $username = trim($_POST['username']);
    $username = strip_tags($username);
    $username = htmlspecialchars($username);

    $password = trim($_POST['password']);
    $password = strip_tags($password);
    $password = htmlspecialchars($password);

    $email = trim($_POST['email']);
    $email = strip_tags($email);
    $email = htmlspecialchars($email);


    // Check username
    if (empty($username)) {
        $error         = true;
        $usernameError = "Please fill in this field!";
    } else {
        // Does email address exist?
        $query  = "SELECT username FROM users WHERE username='{$username}'";
        $result = mysqli_query($conn,$query);
        $count  = mysqli_num_rows($result);
        if ($count != 0) {
            $error         = true;
            $usernameError = "Username is taken!";
        }
    }


    // Check email
    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
        $error      = true;
        $emailError = "Please enter valid email address.";
    } else {
        // Does email address exist?
        $query  = "SELECT email FROM users WHERE email='{$email}'";
        $result = mysqli_query($conn, $query);
        $count  = mysqli_num_rows($result);
        if ($count != 0) {
            $error      = true;
            $emailError = "Email is already in use!";
        }
    }

    // password validation
    if (empty($password)) {
        $error     = true;
        $passError = "Please fill in this field!";
    } else if (strlen($password) < 6) {
        $error     = true;
        $passError = "Field must contain at least 6 characters!";
    }

    // password encrypt using SHA256();
    $password = hash('sha256', $password);

    // if there's no error, continue to signup
    if (!$error) {

        $query = "INSERT INTO users (username, password, email) VALUES ('{$username}', '{$password}', '{$email}')";
        $res = mysqli_query($conn, $query) or die(mysqli_error());

        if ($res) {
            $errTyp = "success";
            $errMSG = "Successfully registered, you may login now";
            unset($name);
            unset($email);
            unset($pass);
        } else {
            $errTyp = "danger";
            $errMSG = "Something went wrong, try again later...";
        }

    }


}
?>
  • Thanks for the help, it worked the introduction of users with password encryption, but when the code performs the checks does not show the messages, but also does not let register if there is a user, password and email already registered in the database.

  • To persist the error messages and display them in the form you will need to save them in session variables. When an error is detected, it returns to the form and checks if there are session variables with the error key for example and displays them. In this link talks a little more about the sessions: link

  • Debug the application using the var_dump(var) and Exit functions. So you can check if the execution is reaching a certain point. May be problem in if checks.

  • It’s already solved!!!! Thanks for everyone’s help

Browser other questions tagged

You are not signed in. Login or sign up in order to post.