Im using the following code to insert users into a table called 'accounts'
session_start();
include("include/connect.php");
//Posted information from the form put into variables
$username = mysqli_escape_string($conn, $_POST["username"]);
$email = mysqli_escape_string($conn,$_POST["email"]);
$password = mysqli_escape_string($conn,$_POST["password_1"]);
//check if user already exists
$usernameCheck="SELECT * FROM accounts WHERE username='$username'";
//query the db
$usernameResult = mysqli_query($conn, $usernameCheck) or die(mysqli_error($conn));
//if no users exits then add data
if(mysqli_num_rows($usernameResult) == 0){
$AddUser = "INSERT INTO `accounts` (`username`, `email`, `password`) VALUES ('$username', '$email', '$password')";
$newUserSend = mysqli_query($conn, $AddUser) or die(mysqli_error($conn));
mysqli_close($conn);
$_SESSION["user_session"]= $username;
}
However every time it runs it inserts a row with the correct data and then a blank row below. For example
ID Name email password
1 test test#test.com test
2
This is the form where the data is posted from:
<form method="POST" class="signup-form" action="RegisterProcess.php">
<h2 class="form-title">Create account</h2>
<div class="form-group">
<input type="text" value="<?php echo $username; ?>" class="form-input" name="username" placeholder="Your Name" required/>
</div>
<div class="form-group">
<input type="email" value="<?php echo $email; ?>" class="form-input" name="email" placeholder="Your Email Address" required/>
</div>
<div class="form-group">
<input type="password" class="form-input" name="password_1" placeholder="Your Password" required/>
<span toggle="#password" class="zmdi zmdi-eye field-icon toggle-password"></span>
</div>
<div class="form-group">
<input type="password" class="form-input" name="password_2" placeholder="Confirm your password" required/>
<span toggle="#password" class="zmdi zmdi-eye field-icon toggle-password"></span>
</div>
<div class="form-group">
<input type="submit" class="form-submit" value="Sign up"/>
</div>
</form>
Related
My login table has Username and Password fields. I want to display the user's full name rather than their username when they logĀ in with their username and password. Instead of saying Welcome USERNAME on the next page, I want to say Welcome FULLNAME.
Here is the index.php or the login page in html:
<form action="" method="POST">
<div class="rows grid">
<div class="row">
<label for="username">User Name</label>
<input type="text" id="username" name="userName" placeholder="Enter Username" required>
</div>
<!--Password-->
<div class="row">
<label for="password">Password</label>
<input type="password" id="password" name="passWord" placeholder="Enter Password" required>
</div>
<!--Submit Button-->
<div class="row">
<input type="submit" id="submitBtn" name="submit" value="Login" required>
<!--Register Link-->
<span class="registerLink">Don't have an account? Register</span>
</div>
</div>
</form>
</div>
</div>
Here is the php:
<?php
// Submit
if(isset($_POST['submit'])){
// Store the names, password, email, number
$userName = $_POST['userName'];
$passWord = $_POST['passWord'];
// Selecting from database
$sql = "SELECT * FROM admin WHERE
usernames = '$userName' AND
passwords = '$passWord'";
// Exceute the query
$result = mysqli_query($conn, $sql);
// Count the number of the account of the same username and password
$count = mysqli_num_rows($result);
// Counts the results into arrys
$row = mysqli_fetch_assoc($result);
// Check if theres account in database
if ($count == 1){
$_SESSION['loginMessage'] = '<span class = "success">Welcome '.$userName.'</span>';
header('location:' .SITEURL. 'dashboard.php');
exit();
}
else{
$_SESSION['noAdmin'] = '<span class = "fail">Please check your username and password and try again.</span>';
header('location:' .SITEURL. 'index.php');
exit();
}
}
?>
Here is the register.php or register link:
<form action="" method="POST">
<div class="rows grid">
<!--Full Name-->
<div class="row">
<label for="fullname">Full Name</label>
<input type="text" id="fullname" name="fullName" placeholder="Enter Full Name" required>
</div>
<!--Username-->
<div class="row">
<label for="username">User Name</label>
<input type="text" id="username" name="userName" placeholder="Enter Username" required>
</div>
<!--Email-->
<div class="row">
<label for="email">Email</label>
<input type="email" id="email" name="emaiL" placeholder="Enter Email" required>
</div>
<!--Mobile Number-->
<div class="row">
<label for="number">Mobile Number</label>
<input type="number" id="number" name="numbeR" placeholder="Enter Mobile Number" required>
</div>
<!--Password-->
<div class="row">
<label for="password">Password</label>
<input type="password" id="password" name="passWord" placeholder="Enter Password" required>
</div>
<!--Submit Button-->
<div class="row">
<input type="submit" id="submitBtn" name="submit" value="Register" required>
<!--Try ko aban aban uni idelete-->
<span class="registerLink">Have an account already? Login</span>
</div>
</div>
</form>
Note: I want to display the input fullname in the welcome dashboard.
Please change your select query to parameterized prepared statement to avoid SQL injection attacks
To display the "fullname", just fetch the db record say into an associative array say $row and use $row["fullname"] (or $row["fullName"] if the field name is actually fullName)
Hence, change the block:
/// other code
$sql = "SELECT * FROM admin WHERE
usernames = '$userName' AND
passwords = '$passWord'";
// Exceute the query
$result = mysqli_query($conn, $sql);
// Count the number of the account of the same username and password
$count = mysqli_num_rows($result);
// Counts the results into arrys
$row = mysqli_fetch_assoc($result);
// Check if theres account in database
if ($count == 1){
$_SESSION['loginMessage'] = '<span class = "success">Welcome '.$userName.'</span>';
header('location:' .SITEURL. 'dashboard.php');
exit();
}
/// other code
to
<?php
/// other code
$sql = "SELECT * FROM admin WHERE usernames = ? AND passwords = ?";
$query = $conn->prepare($sql);
$query->bind_param("ss", $userName,$passWord );
$query->execute();
$result = $query->get_result();
$num = $result->num_rows;
if ($num == 1){
$row = $result->fetch_assoc();
$_SESSION['loginMessage'] = '<span class = "success">Welcome '.$row["fullname"].'</span>';
header('location:' .SITEURL. 'dashboard.php');
exit();
}
/// other code
?>
please i'm kinda new to website development. i tried to create a registration page to work with my database but my registration form page is not responding to the php coding page.
please i need your assistance. thank
This is my registration.html page
i don't know if the error is from my registration form page
<form action="student.php" name="register" id="register" method="POST" data-aos="fade">
<div class="form-group row">
<div class="col-md-6 mb-3 mb-lg-0">
<input type="text" name="firstname" id="firstname" class="form-control" placeholder="First name" required>
</div>
<div class="col-md-6">
<input type="text" name="lastname" id="lastname" class="form-control" placeholder="Last name" required>
</div>
</div>
<div class="form-group row">
<div class="col-md-12">
<input type="text" name="studentid" id="studentid" class="form-control" placeholder="Student ID" value="" required>
</div>
</div>
<div class="form-group row">
<div class="col-md-12">
<input type="text" name="level" class="form-control" placeholder="Level" required>
</div>
</div>
<div class="form-group row">
<div class="col-md-12">
<p class="mb-0">Gender</p>
<input name="gender" type="radio" value="m" required> Male
<input name="gender" type="radio" value="f" required> Female
</div>
</div>
<div class="form-group row">
<div id="date-picker" class="col-md-12 md-form md-outline input-with-post-icon datepicker" inline="true">
<input type="text" name="dob" class="form-control" id="date9" placeholder="DD/MM/YYYY" required>
<i class="fas fa-calendar input-prefix"></i>
</div>
</div>
<script>
$('.datepicker').datepicker({
inline: true;
});
</script>
<div class="form-group row">
<div class="col-md-12">
<input type="email" name="email" class="form-control" placeholder="Email" value="" required>
</div>
</div>
<div class="form-group row">
<div class="col-md-12">
<input type="phone" name="phonenumber" id="phonenumber" class="form-control" placeholder="+234 8179 5523 71" required>
</div>
</div>
<div class="form-group row">
<div class="col-md-12">
<input type="department" name="department" class="form-control" placeholder="Department" required>
</div>
</div>
<div class="form-group row">
<div class="col-md-12">
<input type="password" name="password" value="" id="password" class="form-control" placeholder="Password" required>
</div>
</div>
<div class="form-group row">
<div class="col-md-12">
<input type="password" name="confirmpassword" id="confirmpassword" value="" class="form-control" placeholder="Confirm Password" required>
</div>
</div>
<div class="form-group row">
<div class="col-md-6">
<input type="submit" name="submit" class="btn btn-primary py-3 px-5 btn-block btn-pill" value="SUBMIT">
</div>
</div>
</form>
This is my Php page for the form
or maybe the error is from my php code. please help detect the problem guys. Thanks.
<?php
session_start();
// initializing variables
$studentid = "";
$email = "";
$errors = array();
// connect to the database
$db = mysqli_connect('localhost', 'root', '', 'oneschool');
// REGISTER USER
if (isset($_POST['submit'])) {
// receive all input values from the form
$firstname = mysqli_real_escape_string($db, $_POST['firstname']);
$lastname = mysqli_real_escape_string($db, $_POST['lastname']);
$studentid = mysqli_real_escape_string($db, $_POST['studentid']);
$level = mysqli_real_escape_string($db, $_POST['level']);
$gender = mysqli_real_escape_string($db, $_POST['gender']);
$dob = mysqli_real_escape_string($db, $_POST['dob']);
$email = mysqli_real_escape_string($db, $_POST['email']);
$phonenumber = mysqli_real_escape_string($db, $_POST['phonenumber']);
$department = mysqli_real_escape_string($db, $_POST['department']);
$password_1 = mysqli_real_escape_string($db, $_POST['password']);
$password_2 = mysqli_real_escape_string($db, $_POST['confirmpassword']);
// form validation: ensure that the form is correctly filled ...
// by adding (array_push()) corresponding error unto $errors array
if (empty($studentid)) { array_push($errors, "Student ID is required"); }
if (empty($email)) { array_push($errors, "Email is required"); }
if (empty($password_1)) { array_push($errors, "Password is required"); }
if ($password_1 != $password_2) {
array_push($errors, "The two passwords do not match");
}
// first check the database to make sure
// a user does not already exist with the same username and/or email
$user_check_query = "SELECT * FROM student_registra WHERE studentid='$studentid' OR email='$email' LIMIT 1";
$result = mysqli_query($db, $user_check_query) or die(mysqli_error($db));
$user = mysqli_fetch_assoc($result);
if ($user) { // if user exists
if ($user['studentid'] === $studentid & $user['email'] === $email) {
array_push($errors, "Student Id already taken");
}
if ($user['email'] === $email) {
array_push($errors, "email already exists");
}
}
// Finally, register user if there are no errors in the form
if (count($errors) == 0) {
$password = md5($password_1);//encrypt the password before saving in the database
$query = "INSERT INTO student_registra (firstname, lastname, studentid, level, gender, dob, email, phonenumber, department, password)
VALUES('$firstname', '$lastname', '$studentid', '$level', '$gender', '$dob', '$email', '$phonenumber', '$department', '$password')";
mysqli_query($db, $query);
$_SESSION['studentid'] = $studentid;
$_SESSION['success'] = "Registration Sucessful";
header('location: index.html');
}
}
i don't know what seems to be the problem, because i run it the first time it worked, but when i shutdown my laptop and turn it on back again after my lunch, it stop working.
Instead of it to read the .php code it's rather displaying the whole .php code and i've checked the code, i can't find what seems to be the problem.
please guys, i'll need your help in fixing this or detecting the problem.
thanks
EDIT, You have a lot of useless codes that make your code so slow, Like $_SESSION['success']; This is not neccessary, Change your index.html to index.php and delete it because it do nothing, You can check session by student id You have two gender Inputs, how comes you assign one of them? This is first mistake
Secondly, Use Prepared Statements to avoid SQLI Attacks
Thirdly How comes you header a html page when you're in php page? change index.html to index.php
And Use this code instead:
if (count($errors) == 0) {
$password = md5($password_1);//encrypt the password before saving in the database
$prepared = "INSERT INTO student_registra (firstname, lastname, studentid, level, gender, dob, email, phonenumber, department, password)
VALUES('$firstname', '$lastname', '$studentid', '$level', '$gender', '$dob', '$email', '$phonenumber', '$department', '$password')";
$query = $prepared;
mysqli_query($db, $query);
$_SESSION['studentid'] = $studentid;
# Change your files index.html To index.php
header('location: index.php');
}
Im using the following code to insert users into a table called 'accounts'
session_start();
include("include/connect.php");
//Posted information from the form put into variables
$username = mysqli_escape_string($conn, $_POST["username"]);
$email = mysqli_escape_string($conn,$_POST["email"]);
$password = mysqli_escape_string($conn,$_POST["password_1"]);
//check if user already exists
$usernameCheck="SELECT * FROM accounts WHERE username='$username'";
//query the db
$usernameResult = mysqli_query($conn, $usernameCheck) or die(mysqli_error($conn));
//if no users exits then add data
if(mysqli_num_rows($usernameResult) == 0){
$AddUser = "INSERT INTO `accounts` (`username`, `email`, `password`) VALUES ('$username', '$email', '$password')";
$newUserSend = mysqli_query($conn, $AddUser) or die(mysqli_error($conn));
mysqli_close($conn);
$_SESSION["user_session"]= $username;
}
However every time it runs it inserts a row with the correct data and then a blank row below. For example
ID Name email password
1 test test#test.com test
2
This is the form where the data is posted from:
<form method="POST" class="signup-form" action="RegisterProcess.php">
<h2 class="form-title">Create account</h2>
<div class="form-group">
<input type="text" value="<?php echo $username; ?>" class="form-input" name="username" placeholder="Your Name" required/>
</div>
<div class="form-group">
<input type="email" value="<?php echo $email; ?>" class="form-input" name="email" placeholder="Your Email Address" required/>
</div>
<div class="form-group">
<input type="password" class="form-input" name="password_1" placeholder="Your Password" required/>
<span toggle="#password" class="zmdi zmdi-eye field-icon toggle-password"></span>
</div>
<div class="form-group">
<input type="password" class="form-input" name="password_2" placeholder="Confirm your password" required/>
<span toggle="#password" class="zmdi zmdi-eye field-icon toggle-password"></span>
</div>
<div class="form-group">
<input type="submit" class="form-submit" value="Sign up"/>
</div>
</form>
I'm currently trying to complete this project for school and I would really appreciate some help.
I have been trying to learn PHP so I could extract data from my HTML and put it into my MySQL (which I'm accessing through XAMP). I have a problem that says:
The requested URL was not found on this server.
The link on the referring page seems to be wrong or outdated. Please inform the author of that page about the error.
If you think this is a server error, please contact the webmaster.' when I press the register button. I don't know what this means? I have a table called usertable in the database Login so I feel like it should work.
This is my PHP code:
<?php
session_start();
$con = mysqli_connect('localhost', 'root', 'ocr2020');
mysqli_select_db($con, 'login');
$name = $_POST['user'];
$pass = $_POST['pass'];
$fname= $_POST['forename'];
$sname = $_POST['surname'];
$mobile = $_POST['mobile'];
$email = $_POST['email'];
$dateofB= $_POST['dateB'];
$s= "select * from usertable where name='$name'";
$s2= "select * from usertable";
$result= mysqli_query($con,$s);
$num= mysqli_num_rows($result);
$num2= mysqli_num_rows($s2);
$id= $num2+1;
if($num==1){
echo" Username Is No Longer Available";
}else{
$reg= " insert into usertable(patientID, Forename, Surname, Username, Password, Email, Mobile,
DateOfBirth) values ('$id', '$fname', '$sname', '$name', '$pass', '$email', '$mobile', '$dateOfB')";
mysqli_query($con, $reg);
echo" Registration Successful";
}
?>
As I said, I would really appreciate any help or advice. Thanks!
Edit:
Here is the updated code having taken on everyone's comments:
<?php
ini_set('display_errors', 1);
ini_set('log_errors',1);
error_reporting(E_ALL);
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);.
session_start();
$con = mysqli_connect('localhost', 'root', 'ocr2020');
mysqli_select_db($con, 'login');
$name = $_POST['user'];
$pass = $_POST['pass'];
$fname= $_POST['forename'];
$sname = $_POST['surname'];
$mobile = $_POST['mobile'];
$email = $_POST['email'];
$dateofB= $_POST['dateB'];
$s= "select * from usertable where name='$name'";
$result= mysqli_query($con,$s);
$num= mysqli_num_rows($result);
if($num>0){
echo" Username Is No Longer Available";
}else{
$reg= " insert into usertable(patientID, Forename, Surname, Username, Password, Email, Mobile, DateOfBirth) values ('$id', '$fname', '$sname', '$name', '$pass', '$email', '$mobile', '$dateOfB')";
mysqli_query($con, $reg);
echo" Registration Successful";
}
?>
Here is the code from the login.php page which is where I press the 'register button' and it creates the problem:
<html>
<section id="loginBox">
<div class="container">
<div class="login-box">
<div class="row">
<div class="col-md-6 login-left">
<h3> Login Here </h3>
<form action="registration.php" method="POST">
<div class="form-group">
<label> Username </label>
<input type="text" name="user" placeholder="Enter your username" class="form-control" required>
</div>
<div class="form-group">
<label> Password </label>
<input type="password" name="password" placeholder="Enter your password" class="form-control" required>
</div>
<button type="submit" class="btn btn-primary"> Login </button>
</form>
</div>
<div class="col-md-6 login-right">
<h3> Register Here </h3>
<form action="validation.php" method="POST">
<div class="form-group">
<label> Username </label>
<input type="text" name="user" placeholder="Enter your username" class="form-control" required>
</div>
<div class="form-group">
<label> Password </label>
<input type="password" name="password" placeholder="Enter your password" class="form-control" required>
</div>
<div class="form-group">
<label> Forename </label>
<input type="text" name="forename" placeholder="Enter your forename" class="form-control" required>
</div>
<div class="form-group">
<label> Surname </label>
<input type="text" name="surname" placeholder="Enter your surname" class="form-control" required>
</div>
<div class="form-group">
<label> Mobile</label>
<input type="text" name="mobile" placeholder="Enter your mobile" class="form-control" required>
</div>
<div class="form-group">
<label> Email </label>
<input type="text" name="email" placeholder="Enter your email" class="form-control" required>
</div>
<div class="form-group">
<label> Date of Birth</label>
<input type="date" name="dateB" placeholder="Enter your date of birth" class="form-control" required>
</div>
<button type="submit" class="btn btn-primary"> Register </button>
</form>
</div>
</div>
</div>
</div>
</section>
</body>
</html>
I am writing a basic PHP login/Registration script and for some reason as soon as I add a PHP command the HTML isn't loaded. I had a look at the source but there is nothing loaded at all. I am hoping I have missed something very basic, but I am also having a couple of teething issues with the version of PHP installed on the web server.
<?php
require_once('connect.php');
if(isset($_POST) & !empty($_POST)){
$username = mysql_real_escape_string($_POST['username']);
$email = mysql_real_escape_string($_POST['email']);
$password =md5($_POST['password']);
$sql = "INSERT INTO 'login' (username, email, password) VALUES ('$username, $email, $password)";
$result = mysql_query($connection, $sql);
if($result){
echo "User Rego Secusseflllgk";
}else{
echo "User rego faile";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>USer Reg in PHP & MySQL</title>
</head>
<center>
<body>
<div class="container">
<form class="form-signin" method="POST">
<h2 class="form-sigin-heading">Please register</h2>
<div class="input-group">
<span class="input-group-addon" id="basic-addon1">#</span>
<input type="test" name="username" class="form-control" placeholder="Username" required>
</div>
<label for="inputEmail" class="sr-only">Password</label>
<input type="email" name="email" id="inputEmail" class="form-control" placeholder="Email address" required autofocus>
<label for="inputPassword" class="sr-only">Password</label>
<input type="password" name="password" id="inputPassword" class="form-control" placeholder="Password" required>
<button class="btn btn-lg btn-primary btn-block" type="submit">Register</button>
<a class="btn btn-lg btn-primary btn-block" href="login.php">Login</a>
</form>
</div>
</body>
</html>
I tried to print the POST request but this didnt shed any light on the issue
print_r($_POST);
You are using deprecated functions and your if-statement is incorrect.
Use if(isset($_POST) && !empty($_POST)){
The mysql_query should be mysqli_query, the function you use:
http://php.net/manual/en/function.mysql-query.php
mixed mysql_query ( string $query [, resource $link_identifier = NULL ] )
VS the new one:
http://php.net/manual/en/mysqli.query.php
mixed mysqli_query ( mysqli $link , string $query [, int $resultmode = MYSQLI_STORE_RESULT ] )
You are placing the connection first, and than the Query, which doesn't work for mysql_query. In mysqli_query that mark-up does work.
Check and review below code,
<?php
require_once('connect.php');
if(isset($_POST) & !empty($_POST)){
$username = mysql_real_escape_string($_POST['username']);
$email = mysql_real_escape_string($_POST['email']);
$password =md5($_POST['password']);
$sql = "INSERT INTO login (username, email, password) VALUES ('".$username."', '".$email."', '".$password."')";
$result = mysql_query($sql);
if($result){
echo "User Rego Secusseflllgk";
}else{
echo "User rego faile";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>USer Reg in PHP & MySQL</title>
</head>
<center>
<body>
<div class="container">
<form class="form-signin" method="POST">
<h2 class="form-sigin-heading">Please register</h2>
<div class="input-group">
<span class="input-group-addon" id="basic-addon1">#</span>
<input type="test" name="username" class="form-control" placeholder="Username" required>
</div>
<label for="inputEmail" class="sr-only">Email</label>
<input type="email" name="email" id="inputEmail" class="form-control" placeholder="Email address" required autofocus>
<label for="inputPassword" class="sr-only">Password</label>
<input type="password" name="password" id="inputPassword" class="form-control" placeholder="Password" required>
<button class="btn btn-lg btn-primary btn-block" type="submit">Register</button>
<a class="btn btn-lg btn-primary btn-block" href="login.php">Login</a>
</form>
</div>
</body>
</html>
use this
if(isset($_POST['email']) && !empty($_POST['email'])){