This question already has answers here:
Why shouldn't I use mysql_* functions in PHP?
(14 answers)
How to check if a row exists in MySQL? (i.e. check if username or email exists in MySQL)
(4 answers)
Closed 2 years ago.
I wrote a new form of signup. But it's done vice versa what I need. I show code exists if it's in DB and bypass sing-up if there is any. But I need that it shows: "Wrong code" if "sec_code" not found in my DB (created already a list of these codes) and bypass if it exists in DB. Thx. Stuck on this.
if($_GET['action'] == "save")
{
$sec_code = htmlspecialchars($_POST['sec_code'], ENT_QUOTES, '');
$yes = intval($_POST['yes']);
if(!$sec_code) {
$error = "<p class=\"er\"></p>";
}
elseif(mysql_num_rows(mysql_query("SELECT skey FROM users WHERE sec_code = '".$sec_code."'"))) {
$error = "<p class=\"er\">Security code exist!</p>";
Related
This question already has answers here:
How to check if a row exists in MySQL? (i.e. check if username or email exists in MySQL)
(4 answers)
Reference - What does this error mean in PHP?
(38 answers)
What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
(1 answer)
Closed 4 years ago.
I have a form and fields are Name, Email, Password. Client-side validation is working perfectly. I am working on server-side validation.
I am getting the issue on else part. For testing, I added echo $email and I am getting the email id. Now that email id will check in the database is exists or not. If exist the display the error if not existing the display the not exist.
if(condition){}
elseif(condition){}
elseif(condition){}
elseif(condition){}
else{
echo $email; // here I am able to display the email id
$sql_check_email="SELECT email FROM register WHERE email =?";
$stmt = $conn->prepare($sql_check_email);
$stmt->bind_param("s", $email);
$stmt->execute();
$stmt->bind_result($email);
$rows = $stmt->fetch();
$total_rows = count($rows);
if( $total_rows > 0 ){
$_SESSION['email_error']= 'This email is alredy register with us';
header('location:register');
}else{
echo $email;// why my email id not displaying here?
echo $name;
echo $password;
echo $date_of_added;
echo"Not exist";
}
Your issue is:
$stmt->bind_result($email);
That line replaces variable with query result.
Just use another variable for results.
You also use fetch result wrong, it returns just true/false/null value of fetch state. Use bind_result binded variable to get your results.
This question already has answers here:
Reference - What does this error mean in PHP?
(38 answers)
What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
(1 answer)
Closed 5 years ago.
I am writing a login form with PHP and Mysql.
I did everything its just the forgot password that is not working.
It sends me email confirmation but it does not update the password in the database.
First is the forgot page, then sends an email and redirect me to the confirm_pass.html page where is the form for the two passwords and on this page executes the confirm_pass.php where is doing everything, except updating the password in the database.
Please help.
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// Make sure the two passwords match
if ( $_POST['newpassword'] == $_POST['confirmpass'] ) {
$new_password = password_hash($_POST['newpassword'], PASSWORD_BCRYPT);
$email = $mysqli->escape_string($_POST['email']);
$confirm_code = md5(rand().$password);
$result = "UPDATE `mv_db`.`users` SET `password`='$new_password', `confirm`='$confirm_code' WHERE `email`='$email'";
if ( $mysqli->query($result) ) {
header("location: login.html");
}
}
else {
$_SESSION['message'] = " The two passwords you entered don't match, try again!";
header("location: error.php");
}
}
?>
Your $_POST['email'] is not defined, because there is no "email" field in your HTML form.
So nothing is updated in database, because there is no matching record.
This question already has answers here:
Can I mix MySQL APIs in PHP?
(4 answers)
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
(1 answer)
Reference - What does this error mean in PHP?
(38 answers)
Closed 5 years ago.
I have a project that requires creating a system for a given scenario using php and mySQL. Another requirement is that it has to have logins for different users.
In my implementation it fails to authenticate even with the right credentials. I am using mysqli for this implementation. There are no syntactical errors and the field names and entered credentials are all correct.
The code in question (login.php):
<?php
session_start(); // Starting Session
$error=''; // Variable To Store Error Message
if (isset($_POST['submit'])) {
if (empty($_POST['username']) || empty($_POST['password'])) {
$error = "Please enter a username and password";
} else {
// Define $username and $password
$username=$_POST['username'];
$password=$_POST['password'];
// Calls the 'connect.php' to connect to the database and select the database
require 'db/connect.php';
// To protect MySQL injection for Security purpose
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
// SQL query to fetch information of registerd users and finds user match.
$result = $db->query("SELECT * FROM `users` WHERE 'usr_pwd'='$password' AND 'usr_name'='$username'");
if ($result->num_rows == 1) {
$_SESSION['login_user']=$username; // Initializing Session
header("location: test.php"); // Redirecting To Other Page
} else {
$error = "Username or Password is invalid";
}
mysqli_close($db); // Closing Connection
}
}
?>
I've also linked the github repo to my code as is: https://github.com/gussippi/furniture-store
This question already has answers here:
Why does this PDO statement silently fail?
(2 answers)
Closed 6 years ago.
Im trying to update my data using php but it doesnt work, any ideas?
This is the code, this isnt the full code (its not done) but even the username cant be updated.
<?php
session_start();
include "dbconfig.php";
require "check.php";
if(!empty($_POST['user_name']) || !empty($_POST['user_email'])){
$user_name = trim($_POST['user_name']);
$user_email = trim($_POST['user_email']);
$count=$db_con->prepare("SELECT * FROM users WHERE user_id=:userid");
$count->bindParam(":userid",$_SESSION['user_session'],PDO::PARAM_STR,15);
$count->execute();
$row = $count->fetch(PDO::FETCH_OBJ);
$sql=$db_con->prepare("update users set user_name=:username where user_id='$row->user_id'");
$sql->bindParam(':username',$user_name,PDO::PARAM_STR, 32);
if($sql->execute()){
echo "Successfully updated Profile";
}
else{
print_r($sql->errorInfo());
}
else {
echo "No data inserted!"
}
include "home.php";
?>
I guess a syntax error in this Line
$sql=$db_con->prepare("update users set user_name=:username where user_id='$row->user_id'");
Corrected
$sql=$db_con->prepare("update users set user_name=:username where user_id="$row->user_id);
This question already has answers here:
The 3 different equals
(5 answers)
Closed 7 years ago.
i am trying to make a website using php with mysql database..
here is my code
<?php
$con=mysql_connect("localhost", "root", "");
mysql_select_db("mydatabase", $con);
$query = "INSERT INTO tblSecurity Values('".$_POST['txtUser']."','".$_POST['txtPass']."')";
$password = $_POST['txtPass'];
$confirm = $_POST['txtPassConfrm'];
mysql_query($query, $con);
if($password = $confirm)
{
Header("Location: Login.php");
}
else
{
echo"Verify your Answer";
}
?>
the problem is, how can i verify if the confirm password is same with the password inputted, this code works but it wont move to ELSE even the passwords are not the same. can anyone help me correct this please.. thanks
better practice is check two passwords are same in inputting stage.
here also code is correct , only mistake is php needs == instead of =.