I think I am successfully connecting to my database by:
<?php
$user = 'root';
$pass = '9KSroMDjEqNmEYY4';
$db = 'chatservice';
$host = '127.0.0.1';
$conn = new mysqli($host, $user, $pass, $db, 3306) or die("Unable to connect");
if ($conn->connect_error){
die("Connection failed: " . $conn->connect_error);
}
?>
My question is how I would use the registration code to successfully add a user to the database. When entering the form I press register I do not get any error messages stating that the registration didn't succeed. It seems that the php code is not being reached after the initial connection. I am new to php and mySQL so any tips on formatting would be nice too!
<?php
require('connect.php');
if(isset($_POST['user']) && isset($_POST['password'])){
$user = $_POST['user'];
$id = $_POST['IDNUM'];
$password = $_POST['password'];
$query = "INSERT INTO 'users' (user ,IDNUM ,password) VALUES('$user', '$id', '$password')";
$result = mysqli_query($query);
if($result){
$msg = "Registered Sussecfully";
echo $msg;
}
else
$msg = "Error Registering";
echo $msg;
}
?>
<div class="register-form">
<title>Chat Page Start</title>
<form action="" methods="POST">
<p>
<label>Username: </label>
<input id="user" type="text" name="user" placeholder="user" />
</p>
<p>
<label>ID: </label>
<input id="IDNUM" type="text" name="IDNUM" placeholder="ID number" />
</p>
<p>
<label>Password: </label>
<input id="password" type="password" name="password" placeholder="password" />
</p>
<a class="btn" href="login.php">Login</a>
<input class="btn register" type="submit" value="Register" />
</form>
</div>
Another thing is how would I check the status of my database connection and where I should be checking this status?
your database connection is mysqli_connect and you execute the query in mysql_query is not proper.
<?php
require('connect.php');
if(isset($_POST['user']) && isset($_POST['password'])){
$user = $_POST['user'];
$id = $_POST['IDNUM'];
$password = $_POST['password'];
$query = "INSERT INTO 'users' (user ,IDNUM ,password) VALUES('$user', ' $id ', '$password')";
$result = mysqli_query($query,$conn);
if($result){
$msg = "Registered Sussecfully";
}
else
$msg = "Error Registering";
}
?>
You are connecting database using mysqli:
$conn = new mysqli('localhost', $user, $pass, $db, 3306) or die("Unable to connect");
And executing query using mysql:
$query = "INSERT INTO 'users' (user ,IDNUM ,password) VALUES('$user', '$IDNUM', '$password')";
$result = mysql_query($query);
Related
I need to сheck if username is already taken or not. And if it is ok, to redirect to another page but if not (here I am stuck) to make the "username is already taken" appear under the input line.
there is my php code:
<?php
$host = "localhost";
$dbusername = "postgres";
$dbpassword = "admroot";
$db = "local_db_server_test";
$con = pg_connect("host=$host dbname=$db user=$dbusername password=$dbpassword") or die ("Could not connect to Server\n");
if(!$con){ die('Error: Unable to open database'); }
else {
$username = $_POST['username'];
$password = $_POST['password'];
if(strlen($password) < 6) {
pg_close($con); // also can use die() but without header and redirection
header("Location:sign_up_pass_err.html");
}
$query = "INSERT INTO register(username, password) VALUES ('$username',crypt('$password',gen_salt('md5')))";
$result = pg_query($con, $query);
header("Location: login.html");
}
pg_close($con);
?>
And this is my html code:
<!DOCTYPE html>
<html>
<head></head>
<body>
<form action="sign_up.php" method="post">
<input type="text" name="username" placeholder="Username" required><br><br>
<input type="password" name="password" placeholder="Password" required><br><br>
<input type="submit" value="Sign up">
</form>
</body>
</html>
so i am working on the simple project and i dont know why, but i can't insert data into the database
Here is my connection to database
<?php
$servername = "localhost";
$username = "root";
$password = "root";
$database = "register";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $register);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
echo "Connected successfully";
?>
And in this part of code i am trying to insert data:
<?php
if (isset($_POST['submitreg'])){
$username = mysqli_real_escape_string($conn, $_POST['username']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$password = mysqli_real_escape_string($conn, $_POST['password']);
$sql = "INSERT INTO users (email, username, password) VALUES ('$email', '$username', '$password')";
if (mysqli_query($conn, $sql)) {
echo "New record created successfully";
header("Location: signin.php");
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
}
mysqli_close($conn);
?>
And then i am inserting the code, i am getting this error:
Error: INSERT INTO users (email, username, password) VALUES ('gerulisjonas#gmail.com', 'jonas2422', 'password')
Thank you in advance :)
extra:
Form
<form id="register" class="signinform" action="includes/registerinc.php" method="post">
<div class="formcenter">
<input type="text" name="username" value="" placeholder="user name"><br>
<input type="email" name="email" value="" placeholder="email"><br>
<input type="password" id="passwordid" name="password" value="" placeholder="password"><br>
<input type="password" name="passwordtwo" value="" placeholder="repeat password"><br>
<input type="submit" name="submitreg" class="btn btn-success" value="Register"></input>
</div>
</form>
When creating your connection you named the variable that holds the database name $database, but when you pass it along to mysqli_connect you are using $register.
Try this instead:
$database = "register";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $database);
Hey guys sorry I did bother you, i just run trough my code and i found that i did not included connection.php file in my register.php file
I have a error with my login script. The connection is successful but it does not display a success message when the login is successful. Still displays my dbconn file message.
Any ideas on how to make this work?
dbconn code
<?php
$user = 'root';
$password = 'root';
$db = 'peerwise';
$host = 'localhost';
$port = 8889;
$link = mysqli_init();
$dbconn = mysqli_real_connect($link, $host, $user, $password, $db, $port);
if (!$dbconn){
echo "Not connected to database";
}else{
echo "Successfully connected";
}
?>
login code
<?php
include_once("includes/dbconn.php");
$username = $_POST['username'];
$password = $_POST['password'];
$sql = "SELECT * FROM Users WHERE username = '$username' AND password = '$password'";
$query = mysqli_query($dbconn, $sql) or die(mysqli_error());
$data = mysqli_fetch_array($query);
if ($data['username'] == $username && $data['password'] == $password) {
echo "success";
} else {
echo "errr";
}
?>
Your using the wrong connection object. Rather than variable $dbconn use $link instead in your query calls, so no mysql error will halt execution of your script, from or die(mysqli_error());
Replace with this:
$query = mysqli_query($link, $sql) or die(mysqli_error());
<div class="login-form-1">
<form id="login" class="text-left" method="POST" action="loginprocess.php">
<div class="main-login-form">
<div class="login-group" id="login">
<div class="form-group">
<input type="text" class="form-control" id="lg_username" name="username" placeholder="Username">
</div>
<div class="form-group">
<input type="password" class="form-control" id="lg_password" name="password" placeholder="Password">
</div>
</div>
<button type="submit" class="login-button" onclick="loginFieldCheck()">Login</button>
</div>
<p id="emptyMessage">Username or Password is incorrect</p>
<p class="create-account"><a class="create-account" onclick="register()">Create a account</a></p>
</form>
</div>
Use mysqli_connect for connection:
<?php
$user = 'root';
$password = 'root';
$db = 'test';
$host = 'localhost';
$port = 3306;
$dbconn = mysqli_connect($host, $user, $password, $db,$port);
if (!$dbconn){
echo "Not connected to database";
}else{
echo "Successfully connected";
}
?>
hi guys please l need some help. lm setting up a user registration sign up form. but l was NOT ABLE TO INSERT THE USER INFO IN TO THE DATABASE. And the code did not display any error message, meaning that everything is fine.
But when l tried to sign up it gives the form's error message "Failed to Register User".
this is the code: (and check at the bottom the connect.php code)
<?php
require_once('connect.php');
//print_r($_POST);
if(isset($_POST) & !empty($_POST)) {
$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
// storing the sign up info in to the database
$sql = "INSERT INTO usermanagement (username, email, password) VALUES ('$username', '$email', '$password')";
//executing the query
$result = mysqli_query($connection, $sql);
if($result){
echo "User Registered Successfully";
}
else{
echo "Failed to Register User";
}
}
?>
<div id="form-signup">
<form id="signup-form" name="sign-up" action="sign.php" method="POST">
<h1>Create your profile</h1>
<p>
<input type="text" name="username" id="username" class="signup-input" required="required" placeholder="Full name*" >
</p>
<p>
<input type="email" name="email" class="signup-input" required="required" placeholder="Email*" >
</p>
<p>
<input type="password" name="password" class="signup-input" required="required" placeholder="Mot de passe*">
</p>
<!-- <p>
<input type="password" name="confirmpassword" class="signup-input" required="required" placeholder="Confirmez mot de passe*">
</p> -->
<p class="agree"> By signing up, you agree to Tout-Passe's <br> Terms of use<br> and Privacy Policy.
</p>
<p>
<input type="submit" class="signup-btn" name="btn-signup" value="Create Account">
</p>
<p class="already">Already on Tout-Passe? Log in</p>
</div><!--END OF PHASE-1-->
</form> <!--END OF SIGN-UP-->
</div><!--END FO ALLFORM-->
CONNECT CODE
<?php
$connection = mysqli_connect('localhost', 'root', '');
if(!$connection){
die("Database Connection Failed" . mysqli_error($connection));
}
$select_db = mysqli_select_db($connection, 'listing');//listing = database
if(!$select_db){
die("Failed to select database" . mysqli_error($connection));
}
?>
You did a mistake line 4, if(isset($_POST) & !empty($_POST)) { you have only one & you should have two like this: if(isset($_POST) && !empty($_POST)) {
Beside this, when your message tell you that it failed to register the user, it does not explain why, to solve this you have to add a mysqli_error() like this:
require_once('connect.php');
//print_r($_POST);
if(isset($_POST) && !empty($_POST)) {
$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
// storing the sign up info in to the database
$sql = "INSERT INTO usermanagement (username, email, password) VALUES ('$username', '$email', '$password')";
//executing the query
$result = mysqli_query($connection, $sql);
if($result){
echo "User Registered Successfully";
}
else{
echo "Failed to Register User, reason: " . mysqli_error($connection);
}
}
Also there is two problems with your code:
It is faillibe to SQL injection. What is SQL injection?
You should test each of your global variables are set individually like this: if(isset($_POST['username']) && !empty($_POST['username'])) and not like this: if(isset($_POST) && !empty($_POST))
I tried changing the code to this so it connects to the DB before anything else but now it just lingers on verify.php, no redirect, no data being sent to DB.
<?php
if(isset($_POST['submit'])){
# connect to the database here
$host="XXXXXXX"; // Host name
$username="XXXX"; // Mysql username
$password="XXXX"; // Mysql password
$db_name="XXXX"; // Database name
mysql_connect("$host", "$username", "$password")or die("cannot connect for insert");
mysql_select_db("$db_name")or die("cannot select DB to insert data");
$user_name = mysql_real_escape_string($_POST['user_name']);
$fname = mysql_real_escape_string($_POST['fname']);
$lname = mysql_real_escape_string($_POST['lname']);
$email = mysql_real_escape_string($_POST['email']);
$user_password = mysql_real_escape_string($_POST['password']);
$insert_query = "INSERT INTO teachers(`user_name`,`fname`,`lname`,`email`,`password`)
VALUES('".$user_name."$','".$fname."','".$lname."','".$email."','".$user_password."');";
mysql_query($insert_query) or die(mysql_error());
mysql_close();
};
?>
You should put or die(mysql_error()); in following line:
$sql = mysql_query($query) or die(mysql_error());
Instead of:
mysql_real_escape_string($_POST['password']))or die(mysql_error());
Another thing is that you have wrong if-else statements.
You code to check which field is empty should be in following if statement:
if($row||empty($_POST['user_name'])|| empty($_POST['fname'])||empty($_POST['lname'])|| empty($_POST['email'])||empty($_POST['password'])|| empty($_POST['re_password'])||$_POST['password']!=$_POST['re_password']){
# if a field is empty, or the passwords don't match make a message
# YOU SHOULD PUT YOUR CODE TO CHECK EMPTY FIELDS SEPARATELY HERE
}
else {
# If all fields are not empty, and the passwords match,
}
You should change your check if the user already exists to something like this:
if(count($row) > 0)
instead of just
if($row)
If you only want to test if data gets inserted limit you the code to this:
<?php
if(isset($_POST['submit'])){
$host=""; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name="lurnn"; // Database name
/* sanitize post variables */
$user_name = mysql_real_escape_string($_POST['user_name']);
$fname = mysql_real_escape_string($_POST['fname']);
$lname = mysql_real_escape_string($_POST['lname']);
$email = mysql_real_escape_string($_POST['email']);
$user_password = mysql_real_escape_string($_POST['password']);
/* Database insert query */
mysql_connect($host, $username, $password)or die("cannot connect for insert");
mysql_select_db($db_name)or die("cannot select DB to insert data");
$insert_query = "INSERT INTO teachers(`user_name`,`f_name`,`l_name`,`email`,`password`)
VALUES('".$user_name."','".$fname."','".$lname."','".$email."','".$user_password."')";
mysql_query($insert_query) or die(mysql_error());
mysql_close();
};
?>
MYSQLI_ version:
<?php
if(isset($_POST['submit'])){
$host = "host";
$user = "user";
$password = "password";
$database = "database";
/* sanitize post variables */
$user_name = mysql_real_escape_string($_POST['user_name']);
$fname = mysql_real_escape_string($_POST['fname']);
$lname = mysql_real_escape_string($_POST['lname']);
$email = mysql_real_escape_string($_POST['email']);
$user_password = mysql_real_escape_string($_POST['password']);
// open connection to database
$link = mysqli_connect($host, $user, $password, $database);
IF (!$link){
echo ("Unable to connect to database!");
}
ELSE {
//INSERT VALUES INTO DATABASE
$query = "INSERT INTO teachers(`user_name`,`f_name`,`l_name`,`email`,`password`)
VALUES('".$user_name."','".$fname."','".$lname."','".$email."','".$user_password."')";
mysqli_query($link,$query) or die(mysql_error());
echo var_dump($query);
}
//close connection to database
mysqli_close($link);
};
?>
If this all fails try the following:
<?php
function submit_form(){
$host = "";
$user = "";
$password = "";
$database = "";
/* sanitize post variables */
$user_name = mysql_real_escape_string($_POST['user_name']);
$fname = mysql_real_escape_string($_POST['fname']);
$lname = mysql_real_escape_string($_POST['lname']);
$email = mysql_real_escape_string($_POST['email']);
$user_password = mysql_real_escape_string($_POST['password']);
// open connection to database
$link = mysqli_connect($host, $user, $password, $database);
IF (!$link){
echo ("Unable to connect to database!");
}
ELSE {
//INSERT VALUES INTO DATABASE
$query = "INSERT INTO teachers(`user_name`,`f_name`,`l_name`,`email`,`password`)
VALUES('".$user_name."','".$fname."','".$lname."','".$email."','".$user_password."')";
mysqli_query($link,$query) or die("Insert query failed");
echo var_dump($query);
}
//close connection to database
mysqli_close($link);
}
$form = <<<EODuserform
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Form</title>
</head>
<form action="{$_SERVER['PHP_SELF']}" method="POST" name="userform">
<label for='user_name'>Username:</label></br>
<input type="text" name="user_name" id="first" maxlength="25" tabindex='1' VALUE="user_name" /></br>
<label for='fname'>First Name:</label></br>
<input type="text" name="fname" id="first" maxlength="25" tabindex='2' VALUE="firstname" /></br>
<label for='lname'>Last Name:</label></br>
<input type="text" name="lname" id='lastname' maxlength="25" tabindex='3' VALUE="lastname" /></br>
<label for='email'>E-mail:</label></br>
<input type="text" name="email" id='email' maxlength="100" tabindex='4' VALUE="email" /></br>
<label for='password'>Password:</label></br>
<input type="password" name="password" id='password' maxlength="25" tabindex='5' VALUE="password" /></br>
<label for='re-password'>Re-type password:</label></br>
<input type="password" name="re-password" id='re-password' maxlength="25" tabindex='6' VALUE="re-password" /></br>
<input type="submit" name="submit" value="Sign Up" tabindex='6' />
</form>
</body>
</html>
EODuserform;
IF(!IsSet($_POST['submit'])){ // Check if form is not send, if not display empty form.
echo $form;
}
ELSE{
// in the case you want to send something to the database use
submit_form();
echo ('Thanks for submitting your form');
}
?>