This question already has answers here:
Reference - What does this error mean in PHP?
(38 answers)
Closed 1 year ago.
My code is working perfectly well in my xampp localhost but when I tried to put my files online it did not work. On localhost, it works perfectly but when I tried it on online server, it connected to the database but does not store the user data and allows entry. What do I need to change here? I tried to include echos along the way and found out all functions till registering the user works (empty username, email, or password, not confirmed password, username exists, password exits). So I am not sure why there is a problem registering the user.
<?php
session_start();
// initializing variables
$username = "";
$email = "";
$errors = array();
// connect to the database
$db = mysqli_connect('localhost', 'rohit', 'mynameis111', 'registration');
// REGISTER USER
if (isset($_POST[''])) {
// receive all input values from the form
$username = mysqli_real_escape_string($db, $_POST['username']);
$email = mysqli_real_escape_string($db, $_POST['email']);
$password_1 = mysqli_real_escape_string($db, $_POST['password_1']);
$password_2 = mysqli_real_escape_string($db, $_POST['password_2']);
// form validation: ensure that the form is correctly filled ...
// by adding (array_push()) corresponding error unto $errors array
if (empty($username)) { array_push($errors, "Username is required"); }
if (empty($email)) { array_push($errors, "Email is required"); }
if (empty($password_1)) { array_push($errors, "Password is required"); }
if ($password_1 != $password_2) {
array_push($errors, "The two passwords do not match");
}
// first check the database to make sure
// a user does not already exist with the same username and/or email
$user_check_query = "SELECT * FROM users WHERE username='$username' OR email='$email' LIMIT 1";
$result = mysqli_query($db, $user_check_query);
$user = mysqli_fetch_assoc($result);
if ($user) { // if user exists
if ($user['username'] === $username) {
array_push($errors, "Username already exists");
}
if ($user['email'] === $email) {
array_push($errors, "email already exists");
}
}
// Finally, register user if there are no errors in the form
if (count($errors) == 0) {
$password = md5($password_1);//encrypt the password before saving in the database
$query = "INSERT INTO users (username, email, password)
VALUES('$username', '$email', '$password')";
mysqli_query($db, $query);
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
header('location: basics.php');
}
}
if (isset($_POST['login_user'])) {
$username = mysqli_real_escape_string($db, $_POST['username']);
$password = mysqli_real_escape_string($db, $_POST['password']);
if (empty($username)) {
array_push($errors, "Username is required");
}
if (empty($password)) {
array_push($errors, "Password is required");
}
if (count($errors) == 0) {
$password = md5($password);
$query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) == 1) {
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
header('location: basics.php');
}else {
array_push($errors, "Wrong username/password combination");
}
}
}
?>
Update: Hi, here is the errors.php file i forgot to add.
And I checked my error log this is what it shows
[26-Mar-2021 10:17:32 UTC] PHP Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, bool given in /home/z7mselap8dmo/public_html/server.php on line 33
Line 33: $user = mysqli_fetch_assoc($result);
<?php if (count($errors) > 0) : ?>
<div class="error">
<?php foreach ($errors as $error) : ?>
<p><?php echo $error ?></p>
<?php endforeach ?>
</div>
<?php endif ?>
enable error reporting.
For that add this code in start of file
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
Perform a query, check for error
$user_check_query = "SELECT * FROM users WHERE username='$username' OR email='$email' LIMIT 1";
$result = mysqli_query($db, $user_check_query);
if(!$result){
echo("Error description: " . $result->error);
}
Related
This question already has answers here:
How do I get PHP errors to display?
(27 answers)
What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
(1 answer)
Closed 3 years ago.
Hi am trying to display the name of user that just logged in, Now when i sign up it works but when i login it does not work, please help.
This it the php code at the top of the index.php
<?php
session_start();
if (!isset($_SESSION['username'])) {
$_SESSION['msg'] = "You must log in first";
header('location: login.php');
}
if (isset($_GET['logout'])) {
session_destroy();
unset($_SESSION['username']);
header("location: login.php");
}
?>
This is the code that was meant to display the name that is in the index.php
<?php echo ucfirst($_SESSION['username']); ?>
This is my server.php
<?php
session_start();
// initializing variables
$username = "";
$email = "";
$errors = array();
// connect to the database
$db = mysqli_connect('localhost', 'root', '', 'register');
// REGISTER USER
if (isset($_POST['reg_user'])) {
// receive all input values from the form
$username = mysqli_real_escape_string($db, $_POST['username']);
$email = mysqli_real_escape_string($db, $_POST['email']);
$password_1 = mysqli_real_escape_string($db, $_POST['password_1']);
$password_2 = mysqli_real_escape_string($db, $_POST['password_2']);
// form validation: ensure that the form is correctly filled ...
// by adding (array_push()) corresponding error unto $errors array
if (empty($username)) { array_push($errors, "Username is required"); }
if (empty($email)) { array_push($errors, "Email is required"); }
if (empty($password_1)) { array_push($errors, "Password is required"); }
if ($password_1 != $password_2) {
array_push($errors, "The two passwords do not match");
}
// first check the database to make sure
// a user does not already exist with the same username and/or email
$user_check_query = "SELECT * FROM user WHERE username='$username' OR email='$email' LIMIT 1";
$result = mysqli_query($db, $user_check_query);
$user = mysqli_fetch_assoc($result);
if ($user) { // if user exists
if ($user['username'] === $username) {
array_push($errors, "Username already exists");
}
if ($user['email'] === $email) {
array_push($errors, "email already exists");
}
}
// Finally, register user if there are no errors in the form
if (count($errors) == 0) {
$password = md5($password_1);//encrypt the password before saving in the database
$query = "INSERT INTO user (username, email, password)
VALUES('$username', '$email', '$password')";
mysqli_query($db, $query);
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
header('location: index.php');
}
}
// LOGIN USER
if (isset($_POST['login_user'])) {
$email = mysqli_real_escape_string($db, $_POST['email']);
$password = mysqli_real_escape_string($db, $_POST['password']);
if (empty($email)) {
array_push($errors, "Email is required");
}
if (empty($password)) {
array_push($errors, "Password is required");
}
if (count($errors) == 0) {
$password = md5($password);
$query = "SELECT * FROM user WHERE email='$email' AND password='$password'";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) == 1) {
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
header('location: index.php');
}else {
array_push($errors, "Wrong username/password combination");
}
}
}
?>
But is like i have discovered that it is because there is no input code that has name="username" in my login.php
yeah, Remember the user is logging in with email and password not username and password, thank you.
This is what your code needs. You will have to enable sessions if you have not done so.
//enable sessions if you have not done so
//session_start();
//$_SESSION['username'] = 'nancy';
$_SESSION['username'] = $results['username'];
You can then echo it as follows
<?php
//enable sessions if you have not done so
//session_start();
echo htmlentities($_SESSION['username']);
?>
hence your code will look like
// LOGIN USER
if (isset($_POST['login_user'])) {
$email = mysqli_real_escape_string($db, $_POST['email']);
$password = mysqli_real_escape_string($db, $_POST['password']);
if (empty($email)) {
array_push($errors, "Email is required");
}
if (empty($password)) {
array_push($errors, "Password is required");
}
if (count($errors) == 0) {
$password = md5($password);
$query = "SELECT * FROM user WHERE email='$email' AND password='$password'";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) == 1) {
//session_start();
// $_SESSION['username'] = 'nancy';
$_SESSION['username'] = $results['username'];
$_SESSION['success'] = "You are now logged in";
header('location: index.php');
}else {
array_push($errors, "Wrong username/password combination");
}
}
}
Please am sure that you are not using this code in production. Php has a native way of hashing password and you are using deprecated md5.
You can refer on my previous answers on how to write login based on php way.
source As for sql injection, I will suggest that you used prepared statements as its more safer
This question already has an answer here:
What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
(1 answer)
Closed 3 years ago.
When I entered details like username email password and
password confirmation in the signup page it didn't insert into the database.
Here is my code:
server.php
<?php
session_start();
// initializing variables
$username = "";
$email = "";
$errors = array();
// connect to the database
$db = mysqli_connect('127.0.0.1', 'root', '', 'techdrive');
// REGISTER USER
if (isset($_POST['signup'])) {
// receive all input values from the form
$username = mysqli_real_escape_string($db, $_POST['username']);
$email = mysqli_real_escape_string($db, $_POST['email']);
$password_1 = mysqli_real_escape_string($db, $_POST['password_1']);
$password_2 = mysqli_real_escape_string($db, $_POST['password_2']);
// form validation: ensure that the form is correctly filled by adding (array_push()) corresponding error unto $errors array
if (empty($username)) { array_push($errors, "Username is required"); }
if (empty($email)) { array_push($errors, "Email is required"); }
if (empty($password_1)) { array_push($errors, "Password is required"); }
if ($password_1 != $password_2) {
array_push($errors, "The two passwords do not match");
}
// first check the database to make sure a user does not already exist with the same username and/or email
$user_check_query = "SELECT * FROM users WHERE username='$username' OR email='$email' LIMIT 1";
$result = mysqli_query($db, $user_check_query);
$user = mysqli_fetch_assoc($result);
if ($user) { // if user exists
if ($user['username'] === $username) {
array_push($errors, "Username already exists");
}
if ($user['email'] === $email) {
array_push($errors, "email already exists");
}
}
// Register user if there are no errors in the form
if (count($errors) == 0) {
$password = md5($password_1);
//encrypt the password before saving in the database
$query = "INSERT INTO users (username, email, password)
VALUES('$username', '$email', '$password')";
mysqli_query($db, $query);
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
header('location: ..\index.html');
}
}
// LOGIN USER
if (isset($_POST['login'])) {
$username = mysqli_real_escape_string($db, $_POST['username']);
$password = mysqli_real_escape_string($db, $_POST['password']);
if (empty($username)) {
array_push($errors, "Username is required");
}
if (empty($password)) {
array_push($errors, "Password is required");
}
if (count($errors) == 0) {
$password = md5($password);
$query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) == 1) {
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
header('location: ..\index.html');
}else {
array_push($errors, "Wrong username/password combination");
}
}
}
?>
$dbName = "your database name";
$db = mysqli_connect('127.0.0.1', 'root', '', 'techdrive', $dbName);
and then use echo $query; die;
In order to check your query.
so I tried using the code from Andy Holmes from this link How to redirect into different page by user type in php and mysql.
Server.php
<?php
session_start();
// initializing variables
$username = "";
$email = "";
$errors = array();
// connect to the database
$db = mysqli_connect('localhost', 'root', '', 'registration');
// REGISTER USER
if (isset($_POST['reg_user'])) {
// receive all input values from the form
$username = mysqli_real_escape_string($db, $_POST['username']);
$email = mysqli_real_escape_string($db, $_POST['email']);
$password_1 = mysqli_real_escape_string($db, $_POST['password_1']);
$password_2 = mysqli_real_escape_string($db, $_POST['password_2']);
$occupation = mysqli_real_escape_string($db, $_POST['occupation']);
$grdlvl = mysqli_real_escape_string($db, $_POST['grdlvl']);
// form validation: ensure that the form is correctly filled ...
// by adding (array_push()) corresponding error unto $errors array
if (empty($username)) { array_push($errors, "Username is required"); }
if (empty($email)) { array_push($errors, "Email is required"); }
if (empty($password_1)) { array_push($errors, "Password is required"); }
if ($password_1 != $password_2) {
array_push($errors, "The two passwords do not match");
}
if (empty($occupation)) { array_push($errors, "Occupation is required"); }
if (empty($grdlvl)) { array_push($errors, "Grade level Applied is required"); }
// first check the database to make sure
// a user does not already exist with the same username and/or email
$user_check_query = "SELECT * FROM users WHERE username='$username' OR email='$email' LIMIT 1";
$result = mysqli_query($db, $user_check_query);
$user = mysqli_fetch_assoc($result);
if ($user) { // if user exists
if ($user['username'] === $username) {
array_push($errors, "Username already exists");
}
if ($user['email'] === $email) {
array_push($errors, "email already exists");
}
}
// Finally, register user if there are no errors in the form
if (count($errors) == 0) {
$password = md5($password_1);//encrypt the password before saving in the database
$query = "INSERT INTO users (username, email, password, occupation, grdlvl)
VALUES('$username', '$email', '$password', '$occupation', '$grdlvl')";
mysqli_query($db, $query);
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now registered";
header('location: login.php');
}
}
// ...
// ...
// LOGIN USER
if (isset($_POST['login_user'])) {
$username = mysqli_real_escape_string($db, $_POST['username']);
$password = mysqli_real_escape_string($db, $_POST['password']);
if (empty($username)) {
array_push($errors, "Username is required");
}
if (empty($password)) {
array_push($errors, "Password is required");
}
if (count($errors) == 0) {
$password = md5($password);
$query = "SELECT * FROM users WHERE username='$username'AND password='$password'";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) == 1) {
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
}
$occupation = $row['$occupation'];
if($occupation == "student"){ //check usertype
header("Location:/site2/student.php"); //if normal user redirect to app.php
}else{
header("Location:/site2/admin.php"); //if admin user redirect to admin.php
}
}
else {
array_push($errors, "Wrong username/password combination");
}
}
?>
But the problem is it works for only one page and It keeps redirecting to the admin page even if the occupation is not admin.
Unless occupation equals student, it redirects to admin and $occupation = $row['$occupation']. However, I don't see you set the value of $row anywhere. So, the redirect will always be to admin.
I recently used a format for my login that stored the password in the database using $password = md5(password_1) full code below...
Then changed that to $password = (password_hash($password_1, PASSWORD_DEFAULT); full code below....
it successfully saved a hashed password in my database like:$2y$10$.FTJmF/47NbmQMU3nZGTZeKAHYZ8TBm8X2Jc.TLbAIK...
Now verifying the password is where something is going wrong,
The original code was $password = md5($password_1) which would successfully log me in with the md5 storing in the first code.
I changed that to $password = password_verify($password_1, PASSWORD_DEFUALT);
but thats giving me this error.
Ive tried $hash = password_verify($password_1, PASSWORD_DEFAULT );
but its giving me the same error,
<?php
session_start();
// initializing variables
$username = "";
$email = "";
$errors = array();
// connect to the database
$db = mysqli_connect('', '', '', '');
// REGISTER USER
if (isset($_POST['reg_user'])) {
// receive all input values from the form
$username = mysqli_real_escape_string($db, $_POST['username']);
$email = mysqli_real_escape_string($db, $_POST['email']);
$password_1 = mysqli_real_escape_string($db, $_POST['password_1']);
$password_2 = mysqli_real_escape_string($db, $_POST['password_2']);
// form validation: ensure that the form is correctly filled ...
// by adding (array_push()) corresponding error unto $errors array
if (empty($username)) { array_push($errors, "Username is required"); }
if (empty($email)) { array_push($errors, "Email is required"); }
if (empty($password_1)) { array_push($errors, "Password is required"); }
if ($password_1 != $password_2) {
array_push($errors, "The two passwords do not match");
}
// first check the database to make sure
// a user does not already exist with the same username and/or email
$user_check_query = "SELECT * FROM loginsystem WHERE username='$username' OR email='$email' LIMIT 1";
$result = mysqli_query($db, $user_check_query);
$user = mysqli_fetch_assoc($result);
if ($user) { // if user exists
if ($user['username'] === $username) {
array_push($errors, "Username already exists");
}
if ($user['email'] === $email) {
array_push($errors, "email already exists");
}
}
// Finally, register user if there are no errors in the form
if (count($errors) == 0) {
//Hashing the password
$password = password_hash($password_1, PASSWORD_DEFAULT);//encrypt the password before saving in the database
$query = "INSERT INTO loginsystem (username, email, password)
VALUES('$username', '$email', '$password')";
mysqli_query($db, $query);
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
header('location: home.php');
}
}
// ...
// ...
// LOGIN USER
if (isset($_POST['login_user'])) {
$username = mysqli_real_escape_string($db, $_POST['username']);
$password = mysqli_real_escape_string($db, $_POST['password_1']);
if (empty($username)) {
array_push($errors, "Username is required");
}
if (empty($password)) {
array_push($errors, "Password is required");
}
if (count($errors) == 0) $password = password_verify($password, PASSWORD_DEFAULT); {
$query = "SELECT * FROM loginsystem WHERE username='$username' AND password='$password'";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) == 1) {
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
header('location: index.php');
}else {
array_push($errors, "Wrong username/password combination");
}
}
}
?>
apart from the typos there are two problems:
1st: password_verify() has different parameters: the typed password and the hashed password from database.
which leads us to the second problem:
You can only verify the password after you got the hash from the database.
So get that hash first (by querying for usename alone), than verify.
$query = "SELECT username, email, password FROM loginsystem WHERE username='$username'";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) == 1) {
$row = mysqli_fetch_assoc($results);
if(password_verify($password, $row['password'])) {
// password correct!
} else {
// nope
}
} else {
// wrong credentials
}
You should also change to a prepared statements, as this now could be vulnerable to sql injection.
PASSWORD_DEFUALT is misspelled. It should be PASSWORD_DEFAULT as in the example below:
$hash = password_hash($password, PASSWORD_DEFAULT);
[...]
if (password_verify($password, $hash)) {
// Password matches
}
The first parameter of password_verify is the user-entered password. The second parameter is the stored hash generated by password_hash.
I've created a registration form which takes a user's name, username, email and password. I've also created a sql database using XAMPP control panel, named the database 'registration' and created a table called 'users' to store all the inputs.
When the user enters this data, they should be presented with the login page and in the background the data should be store int he database..but when I opened up phpmyadmin to check the table, there is no data saved.
Below is the code I used to sent the inputs from the user to the database which is my 'server.php' file:
<?php
session_start();
// initializing variables
$name = "";
$email = "";
$username = "";
$errors = array();
// connect to the database
$db = mysqli_connect('localhost', 'root', 'root', 'registration');
// REGISTER USER
if (isset($_POST['reg_user'])) {
// receive all input values from the form
$name = mysqli_real_escape_string($db, $_POST['name']);
$email = mysqli_real_escape_string($db, $_POST['email']);
$username = mysqli_real_escape_string($db, $_POST['username']);
$password_1 = mysqli_real_escape_string($db, $_POST['password_1']);
$password_2 = mysqli_real_escape_string($db, $_POST['password_2']);
// form validation: ensure that the form is correctly filled ...
// by adding (array_push()) corresponding error unto $errors array
if (empty($name)) { array_push($errors, "Name is required");
}
if (empty($email)) { array_push($errors, "Email is required");
}
if (empty($username)) { array_push($errors, "Username is required"); }
if (empty($password_1)) { array_push($errors, "Password is required"); }
if ($password_1 != $password_2) {
array_push($errors, "The two passwords do not match");
}
// first check the database to make sure
// a user does not already exist with the same username and/or email
$user_check_query = "SELECT * FROM users WHERE username='$username' OR email='$email' LIMIT 1";
$result = mysqli_query($db, $user_check_query);
$user = mysqli_fetch_assoc($result);
if ($user) { // if user exists
if ($user['username'] === $username) {
array_push($errors, "Username already exists");
}
if ($user['email'] === $email) {
array_push($errors, "email already exists");
}
}
// Finally, register user if there are no errors in the form
if (count($errors) == 0) {
$password = md5($password_1);//encrypt the password before saving in the database
$query = "INSERT INTO users (name, email, username, password)
VALUES('$name', '$email', '$username', '$password')";
mysqli_query($db, $query);
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
header('location: login.php');
}
}
// ...
// ...
// LOGIN USER
if (isset($_POST['login_user'])) {
$username = mysqli_real_escape_string($db, $_POST['username']);
$password = mysqli_real_escape_string($db, $_POST['password']);
if (empty($username)) {
array_push($errors, "Username is required");
}
if (empty($password)) {
array_push($errors, "Password is required");
}
if (count($errors) == 0) {
$password = md5($password);
$query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) == 1) {
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
header('location: https://georginahughes48.wixsite.com/makeupyourmind');
}else {
array_push($errors, "Wrong username/password combination");
}
}
}
?>
Please let me know if any further code is needed to assist me with this issue..Thanks in advance!
After connection code add this line
if($db->connect_errno)
{
echo "Error: ( " .$db->errorno. " )". $db->error;
die;
}
Just replace this code
if (count($errors) == 0) {
$password = md5($password_1);//encrypt the password before saving in the database
$query = "INSERT INTO users (name, email, username, password)
VALUES('$name', '$email', '$username', '$password')";
if( mysqli_query($db, $query))
{
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
header('location: login.php');
}
else
{
echo mysqli_error($db);
}
}
}
Check if it gives any errors.
Try your code in try catch block. Replace your register part with this:
// Finally, register user if there are no errors in the form
try {
if (count($errors) == 0) {
$password = md5($password_1);//encrypt the password before saving in the database
$query = "INSERT INTO users (name, email, username, password)
VALUES('$name', '$email', '$username', '$password')";
mysqli_query($db, $query);
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
header('location: login.php');
}
} catch (Exception $e) {
echo 'Caught exception: ', $e->getMessage(), "\n";
}
This will give you error if anything breaks in between, else your code is seems okay.
Step 1 : change the code like following:
<?php
session_start();
// initializing variables
$name = "";
$email = "";
$username = "";
$errors = array();
// connect to the database
$db = mysqli_connect('localhost', 'root', '', 'registration');
if (!$db) {
die("Connection failed: " . mysqli_connect_error());
}
// REGISTER USER
if (isset($_POST['reg_user'])) {
// receive all input values from the form
$name = mysqli_real_escape_string($db, $_POST['name']);
$email = mysqli_real_escape_string($db, $_POST['email']);
$username = mysqli_real_escape_string($db, $_POST['username']);
$password_1 = mysqli_real_escape_string($db, $_POST['password_1']);
$password_2 = mysqli_real_escape_string($db, $_POST['password_2']);
// form validation: ensure that the form is correctly filled ...
// by adding (array_push()) corresponding error unto $errors array
if (empty($name)) { array_push($errors, "Name is required");
}
if (empty($email)) { array_push($errors, "Email is required");
}
if (empty($username)) { array_push($errors, "Username is required"); }
if (empty($password_1)) { array_push($errors, "Password is required"); }
if ($password_1 != $password_2) {
array_push($errors, "The two passwords do not match");
}
// first check the database to make sure
// a user does not already exist with the same username and/or email
$user_check_query = "SELECT * FROM users WHERE username='$username' OR email='$email' LIMIT 1";
$result = mysqli_query($db, $user_check_query);
$user = mysqli_fetch_assoc($result);
if ($user) { // if user exists
if ($user['username'] === $username) {
array_push($errors, "Username already exists");
}
if ($user['email'] === $email) {
array_push($errors, "email already exists");
}
}
// Finally, register user if there are no errors in the form
if (count($errors) == 0) {
$password = md5($password_1);//encrypt the password before saving in the database
$query = "INSERT INTO users (name, email, username, password)
VALUES('$name', '$email', '$username', '$password')";
if( mysqli_query($db, $query))
{
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
header('location: login.php');
}
else
{
echo mysqli_error($db);
}
}
}
// ...
// ...
// LOGIN USER
if (isset($_POST['login_user'])) {
$username = mysqli_real_escape_string($db, $_POST['username']);
$password = mysqli_real_escape_string($db, $_POST['password']);
if (empty($username)) {
array_push($errors, "Username is required");
}
if (empty($password)) {
array_push($errors, "Password is required");
}
if (count($errors) == 0) {
$password = md5($password);
$query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) == 1) {
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
header('location: https://georginahughes48.wixsite.com/makeupyourmind');
}else {
array_push($errors, "Wrong username/password combination");
}
}
}
?>
Assuming there is no password for mysql.
Step 2:
Recheck mysql connection and table names case and spelling
Step 3:
Check the nullable fields, field types and length in table. If you have primary key check if auto increment is there or not. hope this will help.