Help i wanna make a register system but when i try to access the page on localhost it say me this :
Fatal error: in C:\wamp64\www\Fireblock\index.php on line 3
PDOException: in C:\wamp64\www\Fireblock\index.php on line 3
Idk what's wrong in line 3 since i was following a tutorial oof
My php script :
<?php
try {
$bdd = new PDO('mysql:host=127.0.0.1;dbname=fireblock;', 'root', ''); //where is the error
if (isset($_POST['submitform'])) {
$username = htmlspecialchars($_POST['username']);
$email = htmlspecialchars($_POST['email']);
$email2 = htmlspecialchars($_POST['email2']);
$pass = password_hash($_POST['password']);
$pass2 = password_hash($_POST['password2']);
if (!empty($_POST['username']) AND !empty($_POST['password']) AND !empty($_POST['password2'])) {
$usernamelength = strlen($username);
if ($usernamelength <= 255) {
if ($email == $email2) {
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
if ($password == $password2) {
$insertmember = $bdd->prepare("INSERT into members(username, email, password) VALUES(?, ?, ?)");
$insertmember->execute(array(
$username,
$email,
$password
));
$error = "Your account has been created!";
} else {
$error = "Your passwords aren't the same!";
}
} else {
$error = "Your email address isn't valid!";
}
} else {
$error = "Your emails aren't the same!";
}
} else {
$error = "Your username can't be higher than 255 characters!";
}
} else {
$error = "Every fields should be completed!";
}
}
} catch (PDOException $ex) {
print $ex->getMessage();
}
?>
I putted all the PHP part
Try
$bdd = new PDO('mysql:host=127.0.0.1;dbname=fireblock', 'root', '');
i have removed a semi-colon at the end of the last key/value pair (after fireblock) as it is not used in any code examples i used for comparrison with your code.
Related
Implementing a simple register system and after implementing try to test it I get this error message:
SQLSTATE[HY093]: Invalid parameter number: parameter was not defined
My code for register user is:
<?php
session_start();
require_once('config.php');
if(isset($_POST['submit']))
{ if(isset($_POST['name'],$_POST['lastname'],$_POST['email'],$_POST['pass']) && !empty($_POST['name']) && !empty($_POST['lastname']) && !empty($_POST['email']) && !empty($_POST['pass']))
{
$name= trim($_POST['name']);
$lastname = trim($_POST['lastname']);
$email= trim($_POST['email']);
$pass= trim($_POST['pass']);
$options = array("cost"=>4);
$hashPassword = password_hash($pass,PASSWORD_BCRYPT,$options);
$date = date('Y-m-d H:i:s');
if(filter_var($email, FILTER_VALIDATE_EMAIL))
{
$sql = 'SELECT * FROM members WHERE email = :email';
$stmt = $pdo->prepare($sql);
$p = ['email'=>$email];
$stmt->execute($p);
if($stmt->rowCount() == 0)
{
$sql = "insert into members (name, lastname, email, `pass`, created_date,updated) values(:name,:lastname,:email,:pass,:created_date,:updated)";
try{
$handle = $pdo->prepare($sql);
$params = [
':name'=>$name,
':lastname'=>$lastname,
':email'=>$email,
':pass'=>$hashPassword,
':created_date'=>$date,
':updated'=>$date
];
$handle->execute($params);
$success = 'Successfull registration!';
}
catch(PDOException $e){
$errors[] = $e->getMessage();
}
}
else
{
$valName= $name;
$valLastname= $lastname;
$valEmail= '';
$valPass= $pass;
$errors[] = 'Email address already registered';
}
}
else
{
$errors[] = "Email address is not valid";
}
}
else
{
if(!isset($_POST['name']) || empty($_POST['name']))
{
$errors[] = 'Error 1!';
}
else
{
$valIme= $_POST['name'];
}
if(!isset($_POST['lastname']) || empty($_POST['lastname']))
{
$errors[] = 'Error 2!';
}
else
{
$valLastname= $_POST['lastname'];
}
if(!isset($_POST['email']) || empty($_POST['email']))
{
$errors[] = 'Error 4!';
}
else
{
$valEmail= $_POST['email'];
}
if(!isset($_POST['pass']) || empty($_POST['pass']))
{
$errors[] = 'Error 5!';
}
else
{
$valPass= $_POST['pass'];
}
}
}
?>
I don't get where the problem could be. I think is that I need to change the date value inserted to the database, and that could be a problem. Can someone test this code and tell me where is the problem?
i am trying to make a registration system but when i register the data isn't there.
i tried to search same questions but i couldn't find the issue, and the worst is that the script detect the database but wont get the data in.
The PHP script :
<?php
$bdd = new PDO('mysql:host=127.0.0.1;dbname=fireblock', 'root', '');
if(isset($_POST['submitform'])) {
$username = htmlspecialchars($_POST['username']);
$email = htmlspecialchars($_POST['email']);
$email2 = htmlspecialchars($_POST['email2']);
$pass = sha1($_POST['pass']);
$pass2 = sha1($_POST['pass2']);
if(!empty($_POST['username']) AND !empty($_POST['email']) AND !empty($_POST['email2']) AND !empty($_POST['pass']) AND !empty($_POST['pass2'])) {
$usernamelength = strlen($username);
if($usernamelength <= 255) {
if($email == $email2) {
if(filter_var($email, FILTER_VALIDATE_EMAIL)) {
$reqemail = $bdd->prepare("SELECT * FROM members WHERE email = ?");
$reqemail->execute(array($email));
$emailexist = $reqemail->rowCount();
if($emailexist == 0) {
if($pass == $pass) {
$insertmbr = $bdd->prepare("INSERT INTO members(username, email, pass) VALUES(?, ?, ?)");
$insertmbr->execute(array($username, $email, $pass));
$error = "Your account has been created! Connect";
} else {
$error = "Your passs are not the same!";
}
} else {
$error = "Email already used!";
}
} else {
$error = "Your email is invalid!";
}
} else {
$error = "Your emails are not the same!";
}
} else {
$error = "Your username can't get upper than 255 characters!";
}
} else {
$error = "Every fields should be filled!";
}
}
?>
So I have decided to put the prepared statement in my code and when I fill the information with all the valid details, a message pops up saying registration successful but no data actually goes in the Database
Here is the function code that I have;
//check if form is submitted
if (isset($_POST['signup'])) {
$name = $_POST['name'];
$email = $_POST['email'];
$password = $_POST['password'];
$cpassword = $_POST['cpassword'];
//name can contain only alpha characters and space
if (!preg_match("/^[a-zA-Z ]+$/",$name)) {
$error = true;
$name_error = "Name must contain only alphabets and space";
}
if(!filter_var($email,FILTER_VALIDATE_EMAIL)) {
$error = true;
$email_error = "Please Enter Valid Email ID";
}
if(strlen($password) < 6) {
$error = true;
$password_error = "Password must be minimum of 6 characters";
}
if($password != $cpassword) {
$error = true;
$cpassword_error = "Password and Confirm Password doesn't match";
}
if (!$error)
{
// prepare and bind
$stmt = $con->prepare("INSERT INTO users (name,email,password) VALUES (?, ?, ?)");
$stmt->bind_param("sss", $name, $email, $password);
if($stmt->execute = true) {
$successmsg = "Successfully Registered! <a href='login.php'>Click here to Login</a>";
} else {
$errormsg = "Error in registering...Please try again later!";
}
}
}
?>
The Db structure in my php my admin;
id(int 8)
name(varchar 30)
email(varchar 60)
password(varchar 40)
I would appreciate a help, and thanks in advance!
I plan to clean up the code, and make it more OOP friendly later, but for now I am struggling to get this to work. I have managed to get down for it to echo 'hi', but the execute doesn't seem to be putting anything into the database, and it is not giving me any errors. The code is
public function newAccount(array $data) {
$error = NULL;
//Check first name length, and make sure its over 2 characters
if (strlen($data['fname']) > 2) {
$fname = $data['fname'];
}
else {
$fname = FALSE;
$error .= "Please put in a valid First Name. <br />";
}
//Check if last name length is over 2 characters
if (strlen($data['lname']) > 2) {
$lname = $data['lname'];
}
else {
$lname = FALSE;
$error .= "Please enter a valid Last Name. <br />";
}
// Check username
if (strlen($data['user']) > 3) {
$user = $data['user'];
}
else {
$user = FALSE;
$error .= "Username must be longer than 3 characters.<br />";
}
// Mske sure password is atleast 6 characters, and retyped correctly
if (strlen($data['pass']) > 5) {
if ($data['pass'] == $data['repass']) {
$pass = $data['pass'];
}
else {
$pass = FALSE;
$error .= "Passwords do not match.<br />";
}
}
else {
$pass = FALSE;
$error .= "Password must be longer than 6 characters.";
}
//make sure email looks correct, strpos makes sure there is an '#'
if (strlen($data['email']) > 5 && strpos($data['email'], '#')) {
$email = $data['email'];
}
else {
$email = FALSE;
$error .= "Please enter a valid email. <br />";
}
// Check if user is suppose to be admin
if (isset($data['admin'])) {
$admin = '1';
}
else {
$admin = '0';
}
if ($fname && $lname && $user && $pass && $email) {
echo 'hi';
try {
$sth = $this->dbc->prepare("INSERT INTO users(user, password first_name, last_name, email, admin) VALUES(:user, MD5(:pass), :fname, :lname, :email, :admin)");
$sth->execute(array(":user" => $user,
":pass" => $pass,
":fname" => $fname,
":lname" => $lname,
":email" => $email,
":admin" => $admin)
);
}
catch (PDOException $e) {
echo $e->getMessage();
}
}
else {
echo "Error" . $error;
}
}
Thanks in advance!
In your insert query, you are missing a comma after password field.
It should be
$sth = $this->dbc->prepare("INSERT INTO
users(user, password, first_name, last_name, email, admin)
VALUES(:user, MD5(:pass), :fname, :lname, :email, :admin)");
Also, when testing is entered string is email address or not, use filter_var(). Like this:
if( filter_var($data['email'], FILTER_VALIDATE_EMAIL) {
//do this...
I certainly must be missing something here. For some reason filter_var is not working. I'm trying to validate an email from $_POST, and it returns false even with valid emails. But, when I hardcode an email, it works fine. What's wrong?
Here's my php code:
function redirect() { //redirecting to home page function. Used in one of the lectures.
$host = $_SERVER["HTTP_HOST"];
$path = rtrim(dirname($_SERVER["PHP_SELF"]), "/\\");
header("Location: http://$host$path/index.php");
exit;
}
try
{
$dbh = new PDO($db, $dbuser, $dbpassword);
}
catch (PDOException $e)
{
echo "Connection failure: " . $e->getmessage();
}
if (!isset($_POST['email']) || !isset($_POST['password1']) || !isset($_POST['password2'])) {
redirect();
}
$password1 = htmlspecialchars($_POST['password1']);
$email = htmlspecialchars($_POST['email']);
$password2 = htmlspecialchars($_POST['password2']);
//preg_match('/.+#.+\./', $email) == FALSE
if ($email = "") {
print "email not there";
} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
print "not real email";
} elseif (strlen($password1) < 6) {
print("password too small");
} elseif (!(preg_match('/[A-Za-z].*[0-9]|[0-9].*[A-Za-z]/', $password1))) {
print "numbers and letters plz";
} elseif ($password1 != $password2) {
print "passwords not same";
//redirect();
}
Change the first email check:
if ($email == "") {
print "email not there";
}
It is getting the value " instead of checking for it.