I have followed this tutorial https://www.youtube.com/watch?v=xb8aad4MRx8&t=225s on creating a login system and signup form on a website. I created it on my localhost and it worked perfectly. I have since tried to upload it to my website I have created a database on my server and changed the php code however no data is being entered into the database. My hosting service is 1and1 and below is the code for the code to link the database in php. Password has been changed
<?php
$host_name = 'db706265806.db.1and1.com';
$database = 'db706265806';
$user_name = 'dbo706265806';
$password = 'PASSWORD';
$conn = mysqli_connect($host_name, $user_name, $password, $database);
And this is the code for the signup form
<?php
if (isset($_POST['submit'])) {
include_once 'dbh-inc.php';
$first = mysqli_real_escape_string($conn, $_POST['first']);
$last = mysqli_real_escape_string($conn, $_POST['last']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$uid = mysqli_real_escape_string($conn, $_POST['uid']);
$pwd = mysqli_real_escape_string($conn, $_POST['pwd']);
//error handers
//check for empty fields
if (empty($first) || empty($last) || empty($email) || empty($uid) || empty($pwd)) {
header("Location: ../signup.php?signup=empty");
exit();
} else{
//check if input char are valid
if (!preg_match("/^[a-zA-Z]*$/", $first) || !preg_match("/^[a-zA-Z]*$/", $last)) {
header("Location: ../signup.php?signup=invalid");
exit();
}
else {
//check if email is valid
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header("Location: ../signup.php?signup=email");
exit();
} else{
$sql = "SELECT * FROM users WHERE user_uid='$uid'";
$result = mysqli_query($conn, $sql);
$resultCheck = mysqli_num_rows($result);
if ($resultCheck > 0) {
header("Location: ../signup.php?signup=usernametaken");
exit();
} else{
//hashing the password
$hashedPwd = password_hash($pwd, PASSWORD_DEFAULT);
//insert the user into db
$sql = "INSERT INTO users (user_first, user_last, user_email, user_uid, user_pwd) VALUES ('$first', '$last', '$email', '$uid', '$hashedPwd');";
$result = mysqli_query($conn, $sql);
header("Location: ../signup.php?signup=success");
exit();
}
}
}
}
} else{
header("Location: ../signup.php");
exit();
}
Any help for why the data isnt being entered would be appreciated
Related
i have a problem with my website. it should get a Login/Sign Up website. If i type in my First and Last name, password and so, i click on submit and 404 Object not Found Appears. The Files are in the correct directory... btw, im not using a htaccess file yet so u dont need to ask for it.
sry for my basic english :)
`
if (isset($POST_['submit']))
include_once 'dbh.inc.php';
$first = mysqli_real_escape_string($conn, $_POST['first']);
$last = mysqli_real_escape_string($conn, $_POST['last']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$uid = mysqli_real_escape_string($conn, $_POST['uid']);
$pwd = mysqli_real_escape_string($conn, $_POST['pwd']);
//error handler
//Check for empty fields
if (empty($first) || empty($last) || empty($email) || empty($uid) || empty($pwd)) {
header("Location: ../signup.php?signup=empty")
exit();
} else {
//Check if inputs are valid
if (!preg_match("/^[a-zA-Z]*$/", $first) || !preg_match("/^[a-zA-Z]*$/", $first) ) {
header("Location: ../signup.php?signup=invalid")
exit();
} else {
//check if email is valid
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header("Location: ../signup.php?signup=email")
exit();
} else {
$sql = "SELECT * FROM users WHERE user_id='$uid'";
$result = mysqli_query($conn, $sql);
$resultCheck = mysqli_num_rows($results);
if ($resultCheck > 0) {
header("Location: ../signup.php?signup=usernametaken")
exit();
} else {
//hashing passwords
$hashedPwd = password_hash($pwd, PASSWORD_DEFAULT);
//Insert the user into DB
$sql = "INSER INTO users (user_first, user_last, user_email, user_uid, user_pwd) VALUES ('$first', '$
last', '$email', '$uid', '$hashedPwd');";
$result = mysqli_query($conn, $sql);
header("Location: ../signup.php?signup=succes")
exit();
}
}
}
} else {
header("Location: ../signup.php")
exit();
}`
As far as I know you can't use '..' notation in header('location:'). Browsers don't understand '..' notation.
You should use either a fully qualified URL or a relative URL:
header('Location: http://example.com/your-subdirectories/signup.php') ;
header('Location: /your-subdirectories/signup.php') ;
This question has already been answered on Stack Overflow
Hope someone with fresh eyes can help.Thanks-R
CHECKS IF SUBMIT BUTTOM IS CLICKED---SECURITY(Button type in signup.php file)--/
if (isset($_POST['submit'])) {
/*INCLUDE DATABASE FILE--*/
include_once 'dbh.inc.php';
/CREATE A VARIABLE--(CALLED FIRST)--(IS THE FIRST INPUT INSIDE THE SIGNUP FORM) (allows for code to be converted to text) [[Cannot input code into box}}--/
$first = mysqli_real_escape_string($conn, $_POST['first']);
$last = mysqli_real_escape_string($conn, $_POST['last']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$uid = mysqli_real_escape_string($conn, $_POST['uid']);
$pwd = mysqli_real_escape_string($conn, $_POST['pwd']);
//ERROR HANDLERS
//CHECK FOR EMPTY FIELDS---(double pipes means or in php)
if (empty($first) || empty($last) || empty($email) || empty($uid) || empty($pwd)) {
header("Location: ../signup.php?signup=empty");
exit();
} else {
//CHECK IF INPUT CHARACTERS ARE VALID
if (!preg_match("/^[a-zA-Z]*$/", $first) || !preg_match("/^[a-zA-Z]*$/", $last)) {
header("Location: ../signup.php?signup=invalid");
exit();
} else {
//CHECK IF EMAIL IS VALID
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header("Location: ../signup.php?signup=email");
exit();
} else {
$sql = "SELECT * FROM users WHERE user_uid='$uid'";
$result = mysqli_query($conn, $sql);
$resultCheck = mysqli_num_rows($result);
if ($resultCheck > 0){
header("Location: ../signup.php?signup=usertaken");
exit();
} else {
//HASHING PASSWORD---
$hashedPwd = password_hash($pwd, PASSWORD_DEFAULT);
//INSERT USER INTO DATABASE
$sql= "INSERT INTO users (user_first, user_last, user_email, user_uid, user_pwd) VALUES ('$first','$last', '$email', '$uid','$hashedPwd' );";
mysqli_query($conn, $sql);
header("Location: ../signup.php?signup=success");
exit();
}
}
}
} else{
/*COLON MUST NOT HAVE SPACE BETWEEN LOCATION---SPACE BETWEEN ../---(TAKES BACK A DIRECTORY)--PREVENTS GOING TO URL TO ACCESS FILE PAGE.--TAKES USER
BACK TO SIGNUP PAGE*/
header("Location: ../signup.php");
/*exit--closes off script from running--(IF ANYTHING AFTER EXIT FUNCTION)*/
exit();
}
Please format your code properly next time so that you can avoid this type of errors in the future:
<?php
if (isset($_POST['submit'])) {
include_once 'dbh.inc.php';
$first = mysqli_real_escape_string($conn, $_POST['first']);
$last = mysqli_real_escape_string($conn, $_POST['last']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$uid = mysqli_real_escape_string($conn, $_POST['uid']);
$pwd = mysqli_real_escape_string($conn, $_POST['pwd']);
if(empty($first) || empty($last) || empty($email) || empty($uid) || empty($pwd)) {
header("Location: ../signup.php?signup=empty");
exit();
}else{
if (!preg_match("/^[a-zA-Z]*$/", $first) || !preg_match("/^[a-zA-Z]*$/", $last)) {
header("Location: ../signup.php?signup=invalid");
exit();
}elseif(!filter_var($email, FILTER_VALIDATE_EMAIL)){
header("Location: ../signup.php?signup=email");
exit();
}else{
$sql = "SELECT user_uid FROM users WHERE user_uid='$uid'";
$result = mysqli_query($conn, $sql);
$resultCheck = mysqli_num_rows($result);
if($resultCheck > 0){
header("Location: ../signup.php?signup=usertaken");
exit();
}else{
$hashedPwd = password_hash($pwd, PASSWORD_DEFAULT);
$sql= "INSERT INTO users (user_first, user_last, user_email, user_uid, user_pwd) VALUES ('$first','$last', '$email', '$uid','$hashedPwd' );";
mysqli_query($conn, $sql);
header("Location: ../signup.php?signup=success");
exit();
}
}
}
}else{
header("Location: ../signup.php");
exit();
}
I changed this part of your code:
if (!preg_match("/^[a-zA-Z]*$/", $first) || !preg_match("/^[a-zA-Z]*$/", $last)) {
header("Location: ../signup.php?signup=invalid");
exit();
} else {
//CHECK IF EMAIL IS VALID
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header("Location: ../signup.php?signup=email");
exit();
} else {
Since you can just check the email after checking the first and last name of the user using else if.
P.S I would not want to be the user of this kind of site as it redirects you everytime there is an error in your inputs. Ideally it would be best if you could tell them the errors in their input when they are still in the form that way they don't have to retype everything after a redirect and figure out eachtime what they did wrong.
HTML5 email input will already check if the email is of valid format so you can use that as well.
you can also give this a read. this as well.
The problem in your code was the missing } before the final else statement
<?php
require_once("db_credentials.php");
$conn = mysqli_connect("localhost", "root", "isdc3333", "collab_schema");
if (isset($_POST["submit"])) {
$first = mysqli_real_escape_string($conn, $_POST["first"]);
$last = mysqli_real_escape_string($conn, $_POST["last"]);
$email = mysqli_real_escape_string($conn, $_POST["email"]);
$uid = mysqli_real_escape_string($conn, $_POST["uid"]);
$pwd = mysqli_real_escape_string($conn, $_POST["pwd"]);
if (empty($first) or empty($last) or empty($email) or empty($uid) or
empty($pwd)) {
header("Location: signup.php?signup=empty");
exit();
} else {
if (!preg_match("/^[a-zA-Z]*$/", $first) or !preg_match("/^[a-zA-
Z]*$/", $last)) {
header("Location: signup.php?signup=invalid");
exit();
} else {
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header("Location: signup.php");
exit();
} else {
$sql = "SELECT * FROM users WHERE uid='$uid'";
$result = mysqli_query($conn, $sql);
$queryResults = mysqli_num_rows($result);
if ($queryResults > 0) {
header("Location: signup.php?signup=usertaken");
exit();
} else {
$hashedPwd = password_hash($pwd, PASSWORD_DEFAULT);
$sql = "INSERT INTO collab_schema.users (first, last, email, uid,
pwd) VALUES ('$first', '$last', '$email', '$uid',
'$hashedPwd');";
$result = mysqli_query($conn, $sql);
header("Location: signup.php?signup=success");
exit();
}
}
}
}
} else {
header("Location: signup.php");
exit();
echo "Redirecting...";
}
?>
The last sql query won't work, can you list the errors?
Doesn't look like the code is working, but everyone says it fine.
I'm just putting more text because stack overflow says to put more details even when I don't want too :^)
I know there are questions similar to this but their answers doesn't solve my problem.
My php is running without errors (at least not from the navigator), it even returns me the custom url I set at the end of my script ?register=success but it doesn't send the data to my database(local).
I really don't know what section of my code I should let here because, as I said at the begining, there are not errors from php in the navigator, so I just put all my main php (register.php).
<?php
if (isset($_POST["submit"])){
include_once "dbh_inc.php";
$first = mysqli_real_escape_string($conn, $_POST["first"]);
$last = mysqli_real_escape_string($conn, $_POST["last"]);
$nickname = mysqli_real_escape_string($conn, $_POST["nickname"]);
$password = mysqli_real_escape_string($conn, $_POST["password"]);
$email = mysqli_real_escape_string($conn, $_POST["email"]);
//Birthdate
$birthDay = mysqli_real_escape_string($conn, $_POST["birth-day"]);
$birthMonth = mysqli_real_escape_string($conn, $_POST["birth-month"]);
$birthAge = mysqli_real_escape_string($conn, $_POST["birth-age"]);
$birthDate = $birthDay."-".$birthMonth."-".$birthAge;
$speciality = mysqli_real_escape_string($conn, $_POST["speciality"]);
$gender = mysqli_real_escape_string($conn, $_POST["gender"]);
//Error handlers
//Check for empty fields
if (empty($first) || empty($last) || empty($email) || empty($last) || empty($last) || empty($last)) {
header("Location: ../register.php?register=empty");
exit();
}else{
//Check if input characters are valid
if(!preg_match("/^[a-zA-Z]*$/", $first) || !preg_match("/^[a-zA-Z]*$/", $last)){
header("Location: ../register.php?register=invalid");
exit();
}else{
//Check if email is valid
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header("Location: ../register.php?register=email");
exit();
}else{
//Check if birthdate is valid
if (!checkdate ($birthMonth , $birthDay, $birthAge)) {
header("Location: ../register.php?register=date");
exit();
}else{
//Check if user exists
$sql = "SELECT * FROM users WHERE user_nickname='$nickname'";
$result = mysqli_query($conn, $sql);
$resultCheck = mysqli_num_rows($result);
//Entering to the database to check if username exists
if ($resultCheck > 0) {
header("Location: ../register.php?register=usertaked");
exit();
}else{
//Hashing the password
$hashedPwd = password_hash($password, PASSWORD_DEFAULT);
//Insert user registration data into the database
$sql = "INSERT INTO users (user_first, user_last, user_nickname, user_password, user_email, user_birth_date, user_speciality, user_gender) VALUES ('$first', '$last', '$nickname', '$password', '$email', '$birthDate', '$speciality', '$gender')";
mysqli_query($conn, $sql);
header("Location: ../register.php?register=success");
exit();
}
}
}
}
}
}else{
header("Location: ../register.php");
exit();
}
And this is the php where I do the connection with the database (dbh_inc.php):
<?php
$dbServername = "localhost";//because there's running a local server
$dbUsername = "root";
$dbPassword = "";
$dbName = "login_system";
$conn = mysqli_connect($dbServername, $dbUsername, $dbPassword, $dbName) or die ("Conexion fallida");
I am trying to send data to my database but nothing is sent. nor it is showing any connectivity error. nor any error in PHP code.
I have made two files one common connectivity file for db dbh.inc.php
which I have called in the main php file.
DATABASE CONNECTIVITY :
<?php
$dbServername = "localhost";
$dbUsername = "root";
$dbPassword = "admin";
$dbName = "musicianshub";
$conn = mysqli_connect ($dbServername, $dbUsername, $dbPassword,$dbName);
PHP code:
<?php
if (isset($_POST['submit'])) {
include 'dbh.inc.php';
$first = mysqli_real_escape_string($conn, $_POST['first']);
$last = mysqli_real_escape_string($conn, $_POST['last']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$phone = mysqli_real_escape_string($conn, $_POST['phone']);
$pwd = mysqli_real_escape_string($conn, $_POST['pwd']);
if (empty($first) || empty($last) || empty($email) || empty($phone) ||
empty($pwd)) {
header("Location: ../signup.php?signup=empty");
exit();
}
else {
if (!preg_match("/^[a-zA-Z]*$/", $fist) || !preg_match("/^[a-zA-
Z]*$/", $last)) {
header("Location: ../signup.php?signup=invalid");
exit();
}
else {
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header("Location: ../signup.php?signup=email");
exit();
}
else {
$sql = "SELECT * FROM users WHERE user_phone='$user_phone'";
$result = mysqli_query($conn, $sql);
$resultCheck = mysqli_num_rows($result);
if ($resultCheck > 0) {
header("Location: ../signup.php?signup=phonetaken");
exit();
}
else {
$hashedPwd = password_hash($pwd, PASSWORD_DEFAULT);
$sql = "INSERT INTO users (user_first, user_last,
user_email, user_phone, user_pwd) VALUES ('$first',
'$last', '$email', '$phone', '$hashedPwd');";
mysqli_query($conn, $sql);
header("Location: ../signup.php?signup=success");
exit();
}
}
}
}
}
else {
header("Location: ../signup.php");
exit();
}
can anyone have any idea about it.
Thank you.