Mysql query fails on remote server but works on xampp - php

i have a php script that works well on xampp server, but when I upload to my online server it fails to execute the mysql_query always. weird part is that it works well offline. the registration script always returns 'failure!' on my online server.
i have downgraded the php version on my server to 5.4 but still no luck.
this is the part of the script that returns the error string:
$test = mysql_query("INSERT INTO users(fname,lname,email,city,gender,password) VALUES('$fname','$lname','$email','$city','$gender','$passwordhash')");
if($test) {
echo "Registration successful";
$last_id = mysql_insert_id();
Registration_WelcomeMessage($fname,$email);
}else{echo "failure!";}
and this is the full code:
<?php
require_once 'db.php';
require_once 'utilities/cleaner.php';
require_once 'reg_welcome_message.php';
if(isset($_POST)){
$broom = new cleaner();
$fname = $broom->clean($_POST['fname']);
$lname = $broom->clean($_POST['lname']);
$email = $broom->clean($_POST['email']);
$city = $broom->clean($_POST['city']);
$gender = $broom->clean($_POST['gender']);
$password = $broom->clean($_POST['password']);
$cpassword = $broom->clean($_POST['cpassword']);
$count = 2;
if ($fname && $lname && $email && $city && $gender && $password && $cpassword) {
if (preg_match("/^[_\.0-9a-zA-Z-]+#([0-9a-zA-Z][0-9a-zA-Z-]+\.)+[a-zA-Z]{2,6}$/i", $email)) {
if (strlen($password) > 5) {
if ($password == $cpassword) {
$remail = mysql_query("SELECT email FROM users WHERE email='$email'");
$checkemail = mysql_num_rows($remail);
if ($checkemail > 0) {
echo "This email is already registered! Please type another email...";
} else {
$passwordhash = hash('sha1',$password);
$test = mysql_query("INSERT INTO users(fname,lname,email,city,gender,password) VALUES('$fname','$lname','$email','$city','$gender','$passwordhash')");
if($test) {
echo "Registration successful";
$last_id = mysql_insert_id();
Registration_WelcomeMessage($fname,$email);
}else{echo "failure!";}
}
} else {
echo "Your passwords don't match!";
}
} else {
echo "Your password is too short! A password between 6 and 15 charachters is required!";
}
}else{
echo "Please use a valid email!";
}
} else {
echo "You have to complete the form!";
}
}else{echo "NO data sent";}
?>

Related

I wonder a php 7.4 giving me trouble on login script

Problem is occurring when no user exists because PHP 7.4 returns false here on $fetched = $check->fetch();
so how to handle this situation
$name = $_POST['name'];
$pass = $_POST['pass'];
$check = $db->prepare("SELECT id, name, pass FROM users WHERE name = ?");
$check->execute([$name]);
$fetched = $check->fetch();
if (password_verify($pass, $fetched['pass']) && ($name === $fetched['name']){
header('Location: home');
} else {
echo 'This account not exists';
}
but I don't know why this work without password_verify(), look
if ($check->rowCount() > 0 ) {
} else {
}

Add a check for $fetched:
if ($fetched && password_verify($pass, $fetched['pass'])) {
header('Location: home');
} else {
echo "Invalid username or password";
}
There's no need to test $fetch['name']. It's guaranteed to be equal to $name because of WHERE name = ?

PHP getting error message when i try to register with php page in android

PFB code. DB connection is success but when try to register with register.php script in my android phone getting error page or getting please fill all values. I am not getting success. Kindly help. I am also using the URL register url in my java code as well http://xxxx/Userregistration/register.php.
register.php
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$name = $_POST['name'];
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
if ($name == '' || $username == '' || $password == '' || $email == '') {
echo 'please fill all values';
} else {
require_once('dbConnect.php');
$sql = "SELECT * FROM KumbhaApp WHERE username='$username' OR email='$email'";
$check = mysqli_fetch_array(mysqli_query($con, $sql));
if (isset($check)) {
echo 'username or email already exist';
} else {
require_once('dbConnect.php');
$sql = "INSERT INTO KumbhaApp (name,username,password,email) VALUES('$name','$username','$password','$email')";
}
}
if (!preg_match("/^[a-zA-Z ]*$/", $name)) {
$nameErr = "Only letters and white space allowed";
} else {
if (!preg_match("/([\w\-]+\#[\w\-]+\.[\w\-]+)/", $email)) {
$emailErr = "Invalid email format";
}
}
if (mysqli_query($con, $sql)) {
echo 'successfully registered';
header('Location: securedpage.php');
} else {
echo 'oops! Please try again!';
}
mysqli_close($con);
}
?>

It is not required, it is require. Your code
required ("http://localhost:8080/UserRegistration/dbConnect.php");
^
is wrong.

Check mysqli Insert Query excuted ok and display message and send email

I am creating a registration form for a project, nothing secure or advanced, i am still fairly new to php etc.
I insert the data needed to into a login table and a customer tbl, the data inserts fine. But i cant get the code to check that its worked and fire off a an email and display a message to the user.
I have tried using a value retrieved from the database which would only be there is the user registered successfuly.
if($userID != null)
{
$msg1 = "Thank You! you are now registered, please check your email for a verification link to verify your new account! ";
$col1 = "green";
//require_once "Mail.php";
require_once "inc/email.php";
}
I have also tried this
if($query)
{
$msg1 = "Thank You! you are now registered, please check your email for a verification link to verify your new account! ";
$col1 = "green";
//require_once "Mail.php";
require_once "inc/email.php";
}
Thanks,
Edit - Here is all the code,
<?php
include ("inc/mysql.php");
error_reporting(0);
$msg = "";
$col = 'green';
function test_input($data){
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
// define variables and set to empty values
$name = $email = $chkemail = $password = $chkpassword =$address = $towncity = $postcode = "";
//Required field validation
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["name"])) {
$msg = "Name is required";
$col = 'red';
} else {
$name = test_input($_POST["name"]);
}
if (empty($_POST["email"])) {
$msg = "Email is required";
$col = 'red';
} else {
$email = test_input($_POST["email"]);
}
if (empty($_POST["chkemail"])) {
$msg = "Please confirm your email address";
$col = 'red';
} else {
$chkemail = test_input($_POST["chkemail"]);
}
if (empty($_POST["password"])){
$msg = "Please enter a password";
$col = 'red';
}
if (empty($_POST["chkpassword"])){
$msg = "Please confirm your password ";
$col = 'red';
} else{
$chkpassword = test_input($_POST["chkpassword"]);
if(($_POST["password"]) != $chkpassword) {
$msg = "Please check your password is correct";
$col = 'red';
} else{
$password = test_input($_POST["password"]);
}
}
if (empty($_POST["address"])) {
$msg = "Please enter the first line of your address";
$col = 'red';
} else {
$address = test_input($_POST["address"]);
}
if (empty($_POST["towncity"])) {
$msg = "Please enter the first line of your Town or City";
$col = 'red';
} else {
$towncity= test_input($_POST["towncity"]);
}
if (empty($_POST["postcode"])) {
$msg = "Please enter your postcode";
$col = 'red';
} else {
$postcode = test_input($_POST["postcode"]);
$customerVeri = "N";
if($customerVeri == "N"){
$name = mysqli_real_escape_string($db, $name);
$email = mysqli_real_escape_string($db, $email);
$password = mysqli_real_escape_string($db, $password);
$password = md5($password.substr($email,0,3));
$chkpassword = md5($password.substr($email,0,3));
$verifyLink = md5(substr($name,0,3).substr($email,0,3));
$sql="SELECT customerEmail FROM customer_tbl WHERE customerEmail='$email'";
$result=mysqli_query($db,$sql);
$row=mysqli_fetch_array($result,MYSQLI_ASSOC);
if(mysqli_num_rows($result) == 1)
{
$msg1 = "Sorry...This email already exists, please enter another or login...";
$col1 = "red";
}
else
{
$query = mysqli_query($db, "INSERT INTO login_tbl (customerEmail, customerPassword)VALUES ('$email', '$password')");
$sql="SELECT userID FROM login_tbl WHERE customerEmail='$email'";
$result=mysqli_query($db,$sql);
$row=mysqli_fetch_array($result,MYSQLI_ASSOC);
$userID = $row['userID'];
$query2 = mysqli_query($db, "INSERT INTO customer_tbl (customerName, userID, customerEmail, customerPassword, customerAddress, customerTowncity, customerPostcode, customerVerified, customerVerifiedlink)VALUES ('$name', '$userID', '$email', '$password','$address','$towncity','$postcode','$customerVeri','$verifyLink')");
echo("Error description: " . mysqli_error($db));
}
}
}
}
if($userID != null)
{
$msg1 = "Thank You! you are now registered, please check your email for a verification link to verify your new account! ";
$col1 = "green";
//require_once "Mail.php";
require_once "inc/email.php";
}
echo '<div style="color:'.$col.'">';
echo $msg;
echo '</div>';
echo '<div style="color:'.$col1.'">';
echo $msg1;
echo '</div>';
?>

Seems there was no issue, but instead an issue with the email.php that stopped the rest of the statement being executed. Now to pick that to bits. Sometimes a few hours away from the screen is all it needs!
Thanks all that answered..

You shouldn't check every statement for the success
The modern programming doesn't work this way. Any statement can report an error in case one occurs. While if there was no error, then everything went all right.
So, just get rid of all conditions and send your email.

Catchable fatal error: Object of class mysqli could not be converted to string

I was trying to create a Registration form for my project but unfortunately i got this error while i could not find any error in the code!Please help me to get ride from this Issue !
my code
<?php
// this file is connected with regform.php
$firstname= $_POST['firstname'];
$lastname =$_POST['lastname'];
$email =$_POST['email'];
$password =$_POST['password'];
$confirmpassword =$_POST['confirmpassword'];
$address =$_POST['address'];
$balance =$_POST['balance'];
$password_hash = md5($password);
$bookConn = mysqli_connect("localhost", "root","", "bookstore") OR die("wrong execution");
$queryS = "SELECT Email FROM customer";
$resultSQ = mysqli_query($bookConn , $queryS);
$flag=0;
while($row=mysqli_fetch_array($resultSQ))
{
if($email == $row['Email'])
{
$flag=1;
}
}
if($flag==0)
{
if($password == $confirmpassword)
{
$query = "INSERT INTO user (firstName , LastName ,Email , Password , Address , Balance )values('".$firstname."', '".$lastname."' ,'".$email."' , '".$password_hash."', '".$address."' , '".$balance."')";
$result = mysqli_query($bookConn , $query) OR die($bookConn);
if ($result)
{
echo "successfuly Registered";
}
else {
echo "something went wrong!";
}
}
else{
echo "Passowrd does not match!";
}
}
else{
echo "Email is already existed in the Database!";
}
mysqli_close($dbc);
?>

There are two error seems in your code:-
mysqli_close($dbc). You never created $dbc in your code. It must be mysqli_close($bookConn).
You need to modified your last mysqli_query like this:-
$result = mysqli_query($bookConn , $query) OR die(mysqli_error($bookConn));
Note:- I hope by doing these changes you will get rid of your proble. Thanks.

Why do I keep getting a 500 error with my PHP?

I am trying to create an account registration page and when I add a system to check the database and make sure that there are not multiple rows with the same username, I get a 500 error.
Here's the code that works:
<?php
if(isset ($_POST['submit']))
{
include( 'connection.php' );
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
if(empty($username) || empty($email) || empty($password))
{
echo 'Please check the required fields.';
}
elseif(!filter_var($email,FILTER_VALIDATE_EMAIL))
{
echo 'Please enter a correct email address.';
}
else
{
$password = md5($password);
$sql = mysql_query("INSERT INTO users (email,username,password) VALUES ('$email','$username','$password')") or die(mysql_error());
if($sql)
{
echo 'Successfully submitted.';
}
}
}
?>
Here's the code that gives me a 500 error:
<?php
error_reporting(E_ALL)
if(isset ($_POST['submit'])) {
include( 'connection.php' );
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
$fetch = mysql_query("SELECT * FROM users WHERE username = '$email'") or die(mysql_error();
$num_rows = mysql_num_rows($fetch);
if(empty($username) || empty($email) || empty($password)) {
echo 'Please check the required fields.';
}
elseif(!filter_var($email,FILTER_VALIDATE_EMAIL)) {
echo 'Please enter a correct email address.';
}
elseif($num_rows >= 1);
{
echo 'This username is taken.';
else
}
$password = md5($password);
$sql = mysql_query("INSERT INTO users (email,username,password) VALUES ('$email','$username','$password')") or die(mysql_error());
if($sql)
{
echo 'Successfully submitted.';
}
}
}
?>

Maybe add a semi colon:
error_reporting(E_ALL);
EDIT:
You are also missing a ) on die(mysql_error();
Remove the ; from elseif($num_rows >= 1);
And then fix your else block to be } else {

You missed a semi-colon off your first statement

you have
else }
in your code. That's a syntax error. You're looking for
}
else {
instead.

Categories