Hey guys :) So I have a register page, but my query returns boolean false, and I can't find any solution to fix it.
<?php
session_start();
if(isset($_SESSION['username'])!=""){
header("Location: index.php");
}
require_once 'dbconnect.php';
$username = strip_tags($_POST['username']);
$email = strip_tags($_POST['email']);
$upassword = strip_tags($_POST['password']);
$medic = strip_tags($_POST['medic_input']);
$username = $dbcon->real_escape_string($username);
$email = $dbcon->real_escape_string($email);
$upassword = $dbcon->real_escape_string($upassword);
$check_email = $dbcon -> query("SELECT username from tbl_users WHERE username='$username'");
$count=$check_email->num_rows;
var_dump($count);
if($count==0){
$query = "INSERT INTO tbl_users(username,password,email,medic) VALUES ('$username','$upassword','$email,'$medic')";
var_dump($query);
if($dbcon->query($query) === TRUE){
header('Location: login.php');
}
else {
echo "Error while registering. Please try again!";
var_dump($dbcon->query($query));
}
}
else {
echo "Your username already exists!";
}
$dbcon->close();
?>
The count dump is giving 0 but for the query it's giving boolean false. I tried to change the table, didn't help.
When I try to register it gives me "Error while registering. Please try again!";
You have syntax error in your INSERT query and it's missing a single quote as below
VALUES ('$username','$upassword','$email,'$medic')
^... Here
Related
<?php
require 'includes/common.php';
$email=$_POST['email'];
$password=$_POST['password'];
$email= mysqli_real_escape_string($con, $email);
$password= mysqli_real_escape_string($con, $password);
//md5($password);
$select_user_query="select id , email from users where email='$email' and password= $password";
//removed 'email' to email//
$select_user_result= mysqli_query($con, $select_user_query) or die (mysqli_error($con));
if (mysqli_num_rows($select_user_result==0))
{
echo 'There no such user ';
}
else
{
$row=mysqli_fetch_array($select_user_result);
$_SESSION['email']=$email;
$_SESSION['id']= $row[0];
header('location:products.php');
}
?>
here is the code
**
here i am geting
email and password from post method
From my login page
i think most of the code is right
If i login with a user it logs in with any password
**
Your error is not in the query. it is on your condition
if(mysqli_num_rows($select_user_result) == 0){
echo 'No User found';
}else{
echo 'oK';
}
You ca try this way. I think your error is you inserted the ==0 inside the mysqli_num_rows() it must be outside.
I'm assuming password is a string..
$select_user_query="select id , email from users where email='$email' and password= $password";
is what you wrote,
you've maybe forgotten to put single quotes around $password here.
Please verify this code:
I use this code for login:
if user provides the Correct Credentials-- If part will work,
if not then else part will be work
<?php
// Grab User submitted information
$user = $_POST["username"];
$pass = $_POST["password"];
//$uc_id=$_GET["user_check_id"];
// Connect to the database
$con = mysqli_connect("localhost","root","pass123");
// Make sure we connected successfully
if(! $con)
{
die('Connection Failed'.mysql_error());
}
// Select the database to use
mysqli_select_db($con, "login");
//$query ="SELECT user_check_id from loginpage where username='$user' and password='$pass'";
$query ="SELECT * from loginpage where username='$user' and password='$pass'";
//echo $query;
if ($query)
{
$result = mysqli_query($con,$query);
$row = mysqli_fetch_array($result);
if($row["username"]==$user && $row["password"]==$pass)
{
echo "Welcome Admin";
}
else
{
echo"Please Enter the Correct Username/Password...!!";
}
}
?>
Put single quotes around $password in your query and then try.
I tried to create a register login feature in Android app. I tried to send data from my app to database by using this Php file. However, I received br/ error when I clicked register button on my app. Look like mysqli_fetch_array is not working. Anyone know how to solve this problem? Thanks!
<?php
if($_SERVER['REQUEST_METHOD']=='POST'){
$name = $_POST['name'];
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
if($name == '' || $username == '' || $password == '' || $email == ''){
echo 'please fill all values';
}else{
require_once('dbConnect.php');
$sql = "SELECT * FROM users WHERE username='$username' OR email='$email'";
$result=mysqli_query($con,$sql);
$check = mysqli_fetch_array($result,MYSQLI_BOTH);
if(isset($check)){
echo 'username or email already exist';
}else{
$sql = "INSERT INTO users (name,username,password,email) VALUES('$name','$username','$password','$email')";
if(mysqli_query($con,$sql)){
echo 'successfully registered';
}else{
echo 'oops! Please try again!';
}
}
mysqli_close($con);
}
} else{
echo 'error';
}
dbConnect.php
<?php
define('HOST','localhost');
define('USER','username');
define('PASS','password');
define('DB','database');
$con = mysqli_connect(HOST,USER,PASS,DB) or die('Unable to Connect');
I think you should remove isset check. It'll always return true no matter what. Do count check instead.
if(count($check)){
echo 'username or email already exist';
}else{
$sql = "INSERT INTO users (name,username,password,email) VALUES('$name','$username','$password','$email')";
if(mysqli_query($con,$sql)){
echo 'successfully registered';
}else{
echo 'oops! Please try again!';
}
}
I was trying to create a Registration form for my project but unfortunately i got this error while i could not find any error in the code!Please help me to get ride from this Issue !
my code
<?php
// this file is connected with regform.php
$firstname= $_POST['firstname'];
$lastname =$_POST['lastname'];
$email =$_POST['email'];
$password =$_POST['password'];
$confirmpassword =$_POST['confirmpassword'];
$address =$_POST['address'];
$balance =$_POST['balance'];
$password_hash = md5($password);
$bookConn = mysqli_connect("localhost", "root","", "bookstore") OR die("wrong execution");
$queryS = "SELECT Email FROM customer";
$resultSQ = mysqli_query($bookConn , $queryS);
$flag=0;
while($row=mysqli_fetch_array($resultSQ))
{
if($email == $row['Email'])
{
$flag=1;
}
}
if($flag==0)
{
if($password == $confirmpassword)
{
$query = "INSERT INTO user (firstName , LastName ,Email , Password , Address , Balance )values('".$firstname."', '".$lastname."' ,'".$email."' , '".$password_hash."', '".$address."' , '".$balance."')";
$result = mysqli_query($bookConn , $query) OR die($bookConn);
if ($result)
{
echo "successfuly Registered";
}
else {
echo "something went wrong!";
}
}
else{
echo "Passowrd does not match!";
}
}
else{
echo "Email is already existed in the Database!";
}
mysqli_close($dbc);
?>
There are two error seems in your code:-
mysqli_close($dbc). You never created $dbc in your code. It must be mysqli_close($bookConn).
You need to modified your last mysqli_query like this:-
$result = mysqli_query($bookConn , $query) OR die(mysqli_error($bookConn));
Note:- I hope by doing these changes you will get rid of your proble. Thanks.
I am learning PHP and able to create a Registration form. But the code doesn't working properly. It always goes to else statement of Username exists Try Again. Any help appreciated and any explanation greatly welcomed :)
function session() {
$usn = $_POST['username'];
$pwd = $_POST['password'];
$email = $_POST['Email'];
$con=mysqli_connect("********","***********","**********","*********");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$result = mysqli_query($con,"SELECT * FROM Accounts
WHERE username = '$usn'");
If($result == Null) {
mysqli_query($con,"INSERT INTO Accounts (username, password, Email)
VALUES ('$usn', '$pwd','$email')");
$result = mysqli_query($con,"SELECT * FROM Accounts WHERE username = '$usn'");
while($row = mysqli_fetch_array($result)) {
if (($row['password']==$pwd) and ($row['Email']==$email)) {
echo "Registration Success";
}
else {
echo "Registration Failed";
}
}
}
else {
echo "Username Exists Try Again";
}
mysqli_close($con);
}
$result will never be null. You need to check for something like number of rows -
$row_cnt = mysqli_num_rows($result);
If that is greater than 0, then go to your else.
i am unable to get the last 2 echos to work, even if the update query fails it still displays success. If anyone has any suggestions on this code to be improved on any line, please do!
<?php
if(!empty($_POST['username']) && !empty($_POST['answer'])) {
$username = $_POST['username'];
$idfetch = mysql_query("SELECT id FROM users WHERE username ='$username'") //check it
or die(mysql_error());
$fetched = mysql_fetch_array($idfetch);
$id = $fetched['id']; //get users id for checking
$answer = $_POST['answer'];
$password = (mysql_real_escape_string($_POST['password']));
$confpass = (mysql_real_escape_string($_POST['confpass']));
if ($password != $confpass) {
echo ("Passwords do not match, please try again.");
exit;
}
$updatequery = mysql_query("UPDATE users SET PASSWORD='$password' WHERE id='$id' AND username='$username' AND answer='$answer'");
if($updatequery) {
echo "<h1>Success</h1>";
echo "<p>Your account password was successfully changed. Please click here to login.</p>";
}
else {
echo "<h1>Error</h1>";
echo "<p>Sorry, but a field was incorrect.</p>";
}
}
?>
Thanks in advance!
mysql_query("UPDATE users SET PASSWORD='$password' WHERE id='$id' AND username='$username' AND answer='$answer'") or die(mysql_error()."update failed");
and use
mysql_affected_rows()
Returns the number of affected rows on success, and -1 if the last query failed.
use try catch and try to get the error enable error reporting in php also
<?php
error_reporting(E_ALL);
ini_set('display_errors','On');
if(!empty($_POST['username']) && !empty($_POST['answer'])) {
$username = $_POST['username'];
$idfetch = mysql_query("SELECT id FROM users WHERE username ='$username'") //check it
or die(mysql_error());
$fetched = mysql_fetch_array($idfetch);
$id = $fetched['id']; //get users id for checking
$answer = $_POST['answer'];
$password = (mysql_real_escape_string($_POST['password']));
$confpass = (mysql_real_escape_string($_POST['confpass']));
if ($password != $confpass) {
echo ("Passwords do not match, please try again.");
exit;}
try{
$updatequery = mysql_query("UPDATE users SET PASSWORD='$password' WHERE id='$id' AND username='$username' AND answer='$answer'");
if($updatequery) {
echo "<h1>Success</h1>";
echo "<p>Your account password was successfully changed. Please click here to login.</p>"; }
else {
echo "<h1>Error</h1>";
echo "<p>Sorry, but a field was incorrect.</p>";
}
}catch(Exception $e){
print_R($e);
}
}
use or die(mysql_error()) as it will display mysql error if there is an error with your query.
$updatequery = mysql_query("UPDATE users SET PASSWORD='$password' WHERE id='$id' AND username='$username' AND answer='$answer'") or die(mysql_error());
Try this:
$idfetch = mysql_query("SELECT id FROM users WHERE username ='$username'");
if(!idfetch){
die(mysql_error());
}
Do the same for all other queries too.
try this, first count the row count value its great 1 then proceed the login process.
<?php
if(!empty($_POST['username']) && !empty($_POST['answer'])) {
$username = $_POST['username'];
$idfetch = mysql_query("SELECT id FROM users WHERE username ='$username'") //check it
or die(mysql_error());
$fetched = mysql_fetch_array($idfetch);
$count= mysql_num_rows($idfetch);
if($count>0){
$id = $fetched['id']; //get users id for checking
$answer = $_POST['answer'];
$password = (mysql_real_escape_string($_POST['password']));
$confpass = (mysql_real_escape_string($_POST['confpass']));
if ($password != $confpass) {
echo ("Passwords do not match, please try again.");
exit;
}
$updatequery = mysql_query("UPDATE users SET PASSWORD='$password' WHERE id='$id' AND username='$username' AND answer='$answer'");
if($updatequery) {
echo "<h1>Success</h1>";
echo "<p>Your account password was successfully changed. Please click here to login.</p>";
}
else {
echo "<h1>Error</h1>";
echo "<p>Sorry, but a field was incorrect.</p>";
}
} } ?>
Use
if(mysql_num_rows($updatequery) > 0) {
// success
} else {
// error
}
$updatequery will always be true (not NULL), until there is an error in your query