It's my first time using some OOP in PHP.
I have made this simple login system, but for some reason it doesn't seems to be working.
Whenever I enter some details on the page admin_login.php it again redirects me to admin_login.php without saying anything.
I'm not sure what's wrong.
class.admin.php
<?php
include 'inc/inc.functions.php';
include '..dbconnector.php';
class admin
{
public function logged_in()
{
if(isset($_SESSION['adminLogged'])==1)
{
return true;
}
else
{
return false;
}
} //function
public function login_correct($username,$password)
{
global $conn;
try
{
$statement = $conn->prepare("SELECT * from admins where username = ? and password = ?");
$statement->execute(
array(
$username,
$password));
$row=$statement->rowCount();
if($rows > 0)
{
return true;
}
else
{
return false;
}
}
catch(PDOException $e)
{
echo $e->getMessage();
}
}//funcion
}
?>
admin_login.php
<?php
{
?>
<table>
<form method="post" action="admin_process.php?process=login">
<tr>
<td>Username : </td>
<td><input type="text" name="username" id="username" /></td>
</tr>
<tr>
<td>Password : </td>
<td><input type="password" name="password" id="password" /></td>
</tr>
<tr>
<td><input type="submit" name="submit" value="Login"></td>
</tr>
</form>
</table>
<?php
}
?>
admin_process.php
<?php
session_start();
include 'class/class.admin.php';
include 'dbconnector.php';
$admin = new admin();
if(isset($_REQUEST['process']))
{
switch($_REQUEST['process'])
{
case 'login':
$username = $_POST['username'];
$password = $_POST['password'];
if($admin->login_correct($username, $password))
{
header('refresh:2;URL=admin_home.php');
$_SESSION['adminLogged']=1;
$_SESSION['adminUsername']=$username;
}
else
{
echo "Wrong username or password";
}
break;
default:
header('Location:admin_home.php');
}
}
else
{
header('Location:admin_home.php');
}
?>
All suggestions are welcome.
Change the $_REQUEST['process'] to $_REQUEST['submit'] and then try.
Related
I am new to PHP. I have some doubts regarding PHP constructor. I have used 2 classes. One class contains constructor, Another class has insertion function. So I want to use the variable declared under constructor in order to write the insert query using mysqli. But I don't know how to access it. Can anyone pls help me with this one.
OOPDB.php
<?php
class Connection
{
//public $conn;
public function __construct()
{
$conn=mysqli_connect("localhost","root","Hatheem06","Emp");
if(!$conn)
{
echo "DB not connected";
}
else
{
echo "DB connected Successfully"."<br>";
}
}
?>
FormDB.php
<?php
include ("OOPDB.php");
$obj=new Connection();
class User
{
public function insertion($name,$Uname,$Pswrd,$Age,$Email)
{
/*$sql=$conn->query("INSERT INTO Employee(Name,Username,Password,Age,Email)VALUES('$name','$Uname','$Pswrd','$Age','$Email')");
return $sql;*/
$ret=mysqli_query($conn,"insert into Employee(Name,Username,Password,Age,Email) values('$name','$Uname','$Pswrd','$Age','Email')");
return $ret;
}
}
$Object=new User();
if (isset($_POST['submit']))
{
$name=$_POST['Name'];
$Uname=$_POST['UName'];
$Pswrd=$_POST['pswd'];
$Age=$_POST['Age'];
$Email=$_POST['Email'];
$result=$Object->insertion($name,$Uname,$Pswrd,$Age,$Email);
if($result)
{
echo "Registration Successful";
}
else
{
echo "Not registered";
}
}
?>
<html>
<head><h1 align="center">Employee Details</h1>
<title> Employee </title>
<link rel="stylesheet" type="text/css" href="Style.css">
</head>
<body>
<div class="dtabb">
<form name="name" method="POST">
<table class="Etab">
<tr><td>Enter Your Name</td>
<td><input type="text" name="Name" ></td>
</tr>
<tr>
<td>Enter User Name</td>
<td><input type="text" name="UName" ></td>
</tr>
<tr>
<td>Enter password</td>
<td><input type="password" name="pswd"></td>
</tr>
<tr>
<td>Enter Your Age</td>
<td><input type="text" name="Age" ></td>
</tr>
<tr>
<td>Enter Mail ID of the Employee</td>
<td><input type="text" name="Email" ></td>
</tr>
<tr>
<td colspan="2"><center><input type="submit" name="submit" value="submit"/></center>
</td>
</tr>
</table>
</form>
</div>
</body>
</html>
I would suggest a static method in the Connection class that returns the connection handle. And thats all that need to be in that class
The in classes that need to connect call the getCOnn() method and store the connection returned as a property of themselves.
You also shoudl start using parameterised and bound queries, to protect yourself from SQL Injection.
OOPDB.php
<?php
class Connection
{
private $conn = NULL;
public static function getConn {
if (self::conn !== NULL) {
return self::conn;
}
$conn=mysqli_connect("localhost","root","Hatheem06","Emp");
if (!$conn) {
echo "Error: Unable to connect to MySQL." . PHP_EOL;
echo "Debugging errno: " . mysqli_connect_errno() . PHP_EOL;
echo "Debugging error: " . mysqli_connect_error() . PHP_EOL;
exit;
} else {
self::conn = $conn;
return $conn;
}
}
}
?>
FormDB.php
<?php
include ("OOPDB.php");
class User
{
private $conn;
public function __construct() {
$this->conn = Connection::getConn();
}
public function insertion($name,$Uname,$Pswrd,$Age,$Email) {
$sql = "insert into Employee
(Name,Username,Password,Age,Email)
values(?,?,?,?,?)");
$stmt = $this->conn->prepare($sql);
if ( ! $stmt ) {
echo $stmt->error;
return false;
}
$stmt->bind_param('sssis', $name,
$Uname,
$Pswrd,
$Age,
$Email
);
$result = $stmt->execute();
if ( ! $result ) {
echo $stmt->error;
return false;
}
return true;
}
}
$Object=new User();
if (isset($_POST['submit'])) {
$name=$_POST['Name'];
$Uname=$_POST['UName'];
$Pswrd=$_POST['pswd'];
$Age=$_POST['Age'];
$Email=$_POST['Email'];
$result=$Object->insertion($name,$Uname,$Pswrd,$Age,$Email);
if($result) {
echo "Registration Successful";
} else {
echo "Not registered";
}
}
?>
I having 2 problem in my programming.
1)cant update password in mysql db.
change_password.php
<?php
session_start();
require_once 'class.user.php';
$user_home = new USER();
?>
<!doctype html public "-//w3c//dtd html 3.2//en">
<html>
<head>
<title>(Type a title for your page here)</title>
</head>
<body>
<?Php
///////Collect the form data /////
if(isset($_POST['btn-signup']))
{
$password=$_POST['password'];
$password2=$_POST['password2'];
$old_password=$_POST['old_password'];
/////////////////////////
$stmt = $user_home->runQuery("SELECT * FROM registered_users WHERE userID=:uid");
$stmt->execute(array(":uid"=>$_SESSION['userSession']));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if($row['password']<>md5($old_password)){
echo"Your old password is not matching as per our record.<BR>";
echo"no same pass";
}
if ( $password <> $password2 ){
$msg=$msg."Both passwords are not matching<BR>";
echo "new pass not same";
$password=md5($password);
$stmt = $this->conn->prepare("UPDATE registered_users SET password=:password where email:email");
$stmt->bindparam(":password",$password);
if($stmt->execute()){
echo "<font face='Verdana' size='2' ><center>Thanks <br> Your password changed successfully. Please keep changing your password for better security</font></center>";
}else{echo "<center>Sorry <br> Failed to change password Contact Site Admin</font></center>";
} // end of if else if updation of password is successful
} // end of if else todo
}
?>
</body>
<form method="post">
<input type="password" name="old_password" placeholder="old pass" />
<input type="password" name="password" placeholder="opassword" />
<input type="password" name="password2" placeholder="password2" />
<button class="btn btn-large btn-primary" type="submit" name="btn-signup">Sign Up</button>
</form>
</html>
output
Your old password is not matching as per our record.
no same pass
old pass <Text fill>
password <Text fill>
password2 <Text fill>
Sign Up <button>
2)how to insert confirm password fill in register page.
user will enter same password again can check it is same
SignUP.php
<?php
session_start();
require_once 'class.user.php';
$reg_user = new USER();
if($reg_user->is_logged_in()!="")
{
$reg_user->redirect('index.php');
}
if(isset($_POST['btn-signup']))
{
$salutation = $_POST['salutation'];
$fullName = $_POST['fullName'];
$nric = $_POST['nric'];
$gender = $_POST['gender'];
$dateOfBirth = $_POST['dateOfBirth'];
$mobileNumber = $_POST['mobileNumber'];
$email = $_POST['email'];
$password = $_POST['password'];
$address = $_POST['address'];
$postalCode = $_POST['postalCode'];
$serialNumber = md5(uniqid(rand()));
$stmt = $reg_user->runQuery("SELECT * FROM registered_users WHERE email=:email_id");
$stmt->execute(array(":email_id"=>$email));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if($stmt->rowCount() > 0)
{
$msg = "
<div class='alert alert-error'>
<button class='close' data-dismiss='alert'>×</button>
<strong>Sorry !</strong> email allready exists , Please Try another one
</div>
";
}
else
{
if($reg_user->register($salutation,$fullName,$nric,$gender,$dateOfBirth,$mobileNumber,$email,$password,$address,$postalCode,$serialNumber))
{
$id = $reg_user->lasdID();
$key = base64_encode($id);
$id = $key;
$message = "
Dear $salutation $fullName,
<br /><br />
Thank You for registering with us!<br/>
To complete your registration please , just click following link<br/>
<br /><br />
<a href='http://localhost:8080/xampp/bicycleTheft/test5/php/verify.php?id=$id&serialNumber=$serialNumber'>Click HERE to Activate :)</a>
<br /><br />
Thanks,<br/>
<br />
Site Admin";
$subject = "Confirm Registration";
$reg_user->send_mail($email,$message,$subject);
$msg = "
<div class='alert alert-success'>
<button class='close' data-dismiss='alert'>×</button>
<strong>Success!</strong> We've sent an email to $email.
Please click on the confirmation link in the email to create your account.
</div>
";
}
else
{
echo "sorry , query could no execute. Pleae go to nearest NPC to register.";
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Signup</title>
<!-- Bootstrap CSS -->
<link href="../css/bootstrap.min.css" rel="stylesheet">
<link href="../css/bootstrap-theme.min.css" rel="stylesheet">
<link rel="stylesheet" href="../css/NewFile.css" type="text/css">
</head>
<body>
<script src="../js/jquery-1.12.3.min.js"></script>
<script src="../js/bootstrap.min.js"></script>
<?php include 'navBar.php'; ?>
<?php if(isset($msg)) echo $msg; ?>
<div class="padding">
<form class="form-signin" method="post">
<h2 class="form-signin-heading">Sign Up</h2><hr />
<table>
<tr>
<td>Salutation</td>
<td><select name="salutation">
<option value="Dr">Dr</option>
<option value="Mr">Mr</option>
<option value="Mrs">Mrs</option>
<option value="Ms">Ms</option>
<option value="Madam">Madam</option>
</select>
</td>
</tr>
<tr>
<td>Full Name (as in NRIC):</td>
<td><input type="text" class="input-block-level" placeholder="Full Name" name="fullName" required /></td>
</tr>
<tr>
<td>NRIC:</td>
<td><input type="text" class="input-block-level" placeholder="S1234567A" name="nric" required /></td>
</tr>
<tr>
<td>Gender:</td>
<td><input type="radio" name="gender" value="Male">Male
<input type="radio" name="gender" value="Female">Female</td>
</tr>
<tr>
<td>Date Of Birth:</td>
<td><input type="date" class="input-block-level" name="dateOfBirth" required /></td>
</tr>
<tr>
<td>Mobile Nume:</td>
<td><input type="text" class="input-block-level" placeholder="91234567" name="mobileNumber" required /></td>
</tr>
<tr>
<td>Email Address:</td>
<td><input type="email" class="input-block-level" placeholder="ABC#example.com" name="email" required /></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" class="input-block-level" placeholder="password" name="password" required /></td>
</tr>
<tr>
<td>Address:</td>
<td><input type="text" class="input-block-level" placeholder="address" name="address" required /></td>
</tr>
<tr>
<td>Postal Code:</td>
<td><input type="text" class="input-block-level" placeholder="postalcode" name="postalCode" required /></td>
</tr>
</table>
<button class="btn btn-large btn-primary" type="submit" name="btn-signup">Sign Up</button>
</form>
</div>
</body>
</html>
class.user.php
<?php
require_once 'dbconfig.php';
class USER
{
private $conn;
public function __construct()
{
$database = new Database();
$db = $database->dbConnection();
$this->conn = $db;
}
public function runQuery($sql)
{
$stmt = $this->conn->prepare($sql);
return $stmt;
}
public function lasdID()
{
$stmt = $this->conn->lastInsertId();
return $stmt;
}
public function register($salutation,$fullName,$nric,$gender,$dateOfBirth,$mobileNumber,$email,$password,$address,$postalCode,$serialNumber)
{
try
{
$password = md5($password);
$stmt = $this->conn->prepare("INSERT INTO registered_users(salutation,fullName,nric,gender,dateOfBirth,mobileNumber,email,password,address,postalCode,serialNumber)
VALUES(:salutation,:fullName,:nric,:gender,:dateOfBirth,:mobileNumber,:email,:password,:address,:postalCode,:serialNumber)");
$stmt->bindparam(":salutation",$salutation);
$stmt->bindparam(":fullName",$fullName);
$stmt->bindparam(":nric",$nric);
$stmt->bindparam(":gender",$gender);
$stmt->bindparam(":dateOfBirth",$dateOfBirth);
$stmt->bindparam(":mobileNumber",$mobileNumber);
$stmt->bindparam(":email",$email);
$stmt->bindparam(":password",$password);
$stmt->bindparam(":address",$address);
$stmt->bindparam(":postalCode",$postalCode);
$stmt->bindparam(":serialNumber",$serialNumber);
$stmt->execute();
return $stmt;
}
catch(PDOException $ex)
{
echo $ex->getMessage();
}
}
public function registerBike($userID,$typeOfBike,$brand,$model,$colour,$remarks,$serialNumber,$final_file,$folder)
{
try
{
$stmt = $this->conn->prepare("INSERT INTO bike_tbl (userID,typeOfBike,brand,model,colour,remarks,serialNumber,file,location)
VALUES(:userID,:typeOfBike,:brand,:model,:colour,:remarks,:serialNumber,:file,:location)");
$stmt->bindparam(":userID",$userID);
$stmt->bindparam(":typeOfBike",$typeOfBike);
//$stmt->bindparam(":otherBike",$otherBike);
$stmt->bindparam(":brand",$brand);
$stmt->bindparam(":model",$model);
$stmt->bindparam(":colour",$colour);
//$stmt->bindparam(":usedBike",$usedBike);
$stmt->bindparam(":remarks",$remarks);
$stmt->bindparam(":serialNumber",$serialNumber);
$stmt->bindparam(":file",$final_file);
$stmt->bindparam(":location",$folder);
$stmt->execute();
return $stmt;
}
catch(PDOException $ex)
{
echo $ex->getMessage();
}
}
public function updateUser($fullName,$mobileNumber,$password,$address,$postalCode,$email)
{
try
{
$password = md5($password);
$stmt = $this->conn->prepare("UPDATE registered_users SET fullName=:fullName,mobileNumber=:mobileNumber,password=:password,address=:address,postalCode=:postalCode WHERE email=:email");
// $stmt->execute(array(":email"=>$email));
// $userRow=$stmt->fetch(PDO::FETCH_ASSOC);
$stmt->bindparam(":email",$email);
$stmt->bindparam(":fullName",$fullName);
$stmt->bindparam(":mobileNumber",$mobileNumber);
$stmt->bindparam(":password",$password);
$stmt->bindparam(":address",$address);
$stmt->bindparam(":postalCode",$postalCode);
$stmt->execute();
return $stmt;
}
catch(PDOException $ex)
{
echo $ex->getMessage();
}
}
public function login($email,$password)
{
try
{
$stmt = $this->conn->prepare("SELECT * FROM registered_users WHERE email=:email_id");
$stmt->execute(array(":email_id"=>$email));
$userRow=$stmt->fetch(PDO::FETCH_ASSOC);
if($stmt->rowCount() == 1)
{
if($userRow['userStatus']=="Y")
{
if($userRow['password']==md5($password))
{
$_SESSION['userSession'] = $userRow['userID'];
return true;
}
else
{
header("Location: index.php?error1");
exit;
}
}
else
{
header("Location: index.php?inactive");
exit;
}
}
else
{
header("Location: index.php?error2");
exit;
}
}
catch(PDOException $ex)
{
echo $ex->getMessage();
}
}
public function chgpass($currentPassword,$newPassword)
{
try
{
$stmt = $this->conn->prepare("SELECT * FROM registered_users WHERE email=:email_id");
$stmt->execute(array(":email_id"=>$email));
$userRow=$stmt->fetch(PDO::FETCH_ASSOC);
if($stmt->rowCount() == 1)
{
if($userRow['userStatus']=="Y")
{
if($userRow['password']==md5($currentPassword))
{
$_SESSION['userSession'] = $userRow['userID'];
$stmt = $this->conn->prepare("UPDATE registered_users SET password=:newPassword WHERE email=:email");
$stmt->bindparam(":newPassword",$newPassword);
return true;
}
else
{
header("Location: index.php?error1");
exit;
}
}
else
{
header("Location: index.php?inactive");
exit;
}
}
else
{
header("Location: index.php?error2");
exit;
}
}
catch(PDOException $ex)
{
echo $ex->getMessage();
}
}
public function is_logged_in()
{
if(isset($_SESSION['userSession']))
{
return true;
}
}
public function redirect($url)
{
header("Location: $url");
}
public function logout()
{
session_destroy();
$_SESSION['userSession'] = false;
}
function send_mail($email,$message,$subject)
{
require_once('../mailer/class.phpmailer.php');
$mail = new PHPMailer();
$mail->IsSMTP();
$mail->SMTPDebug = 0;
$mail->SMTPAuth = true;
$mail->SMTPSecure = "ssl";
$mail->Host = "smtp.gmail.com";
$mail->Port = 465;
$mail->AddAddress($email);
$mail->Username="ABTMP16#gmail.com";
$mail->Password="antibicycletheft16";
$mail->SetFrom('ABTMP16#gmail.com','Muahammed Ashik');
$mail->AddReplyTo("ABTMP16#gmail.com","Reply");
$mail->Subject = $subject;
$mail->MsgHTML($message);
$mail->Send();
}
}
?>
You are not binding second parameter :email.
Corrected Answer:
$stmt = $this->conn->prepare("UPDATE registered_users SET password=:password where email:email");
$stmt->bindparam(":password",$password);
$stmt->bindparam(":email",$email); // This line was missing.
I have the following login form :
<?php
include 'database/db_connect.php';
$link = mysqli_connect($host_name, $user_name, $password, $database);
// check connection
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
?><?php
session_start();
include 'database/websrvc.php';
$user = new Websrvc();
if (isset($_REQUEST['submit'])) {
extract($_REQUEST);
$login = $websrvc->check_login($emailusername, $password);
if ($login) {
// Registration Success
header("location:main.php");
} else {
// Registration Failed
echo 'Wrong username/email or password';
}
}
?>
<form action="" method="post" name="login">
<table class="table " width="400">
<tr>
<th> <label class="fieldstyle_with_label"> UserName or Email: </label> </th>
<td><input type="text" name="emailusername" required></td>
</tr>
<tr>
<th><label class="fieldstyle_with_label"> Password : </label></th>
<td><input type="password" name="password" required></td>
</tr>
<tr>
<td> </td>
<td><input class="large_button" type="submit" name="submit" value="Login" onclick="return(submitlogin());"></td>
</tr>
<tr>
<td> </td>
</tr>
</table>
</form>
When I try to log in using the folowing script, I get the following Fatal Error :
Fatal error: Call to a member function check_login() on a non-object in /homepages/23/d81301375/htdocs/emarps/login
Below is my class web_srvc.php that is supposed that handles the check_login :
public function check_login($emailusername, $password) {
$link = $this->db_connection();
$password = md5($password);
//checking if the username is available in the table
$result = mysqli_query($link, "SELECT user_id,user_name,role_id,status from users WHERE email='$emailusername' or user_name='$emailusername' and password='$password'");
$user_data = mysqli_fetch_array($result, MYSQLI_BOTH);
$count_row = mysqli_num_rows($result);
if ($count_row == 1) {
$_SESSION['login'] = true; // this login var will use for the session thing
$_SESSION['uid'] = $user_data['uid'];
return true;
} else {
return false;
}
}
$login = $websrvc->check_login($emailusername, $password);
change to
$login = $user->check_login($emailusername, $password);
I do have some code in OOP in PHP that's supposed to login/register a user, and a register function works great, but the login function doesn't work and I can't login. And I also have notices that in the array $_SESSION I have undefined indexes "login", "password".
Here is the main page:
<?php
require_once "libs/user_class.php";
$user = User::getObject();
$auth = $user->isAuth();
if(isset($_POST["reg"])){
$login = $_POST["login"];
$password = $_POST["password"];
$reg_success = $user->regUser($login,$password);
}
elseif (isset($_POST["auth"])){
$login = $_POST["login"];
$password = $_POST["password"];
$auth_success = $user->login($login,$password);
if($auth_success){
header("Location:index.php");
exit;
}
}
?>
<html>
<head>
<title>REGISTER</title>
</head>
<body>
<?php
if($auth){
echo "Welcome".$_SESSION["login"];
}
else{
echo '<h2>REGISTRATION</h2>
<form action="index.php" method = "post" name="reg">
<table>
<tr>
<td>Log in</td>
<td>
<input type="text" name = "login" />
</td>
</tr>
<tr>
<td>Password</td>
<td>
<input type="password" name = "password" />
</td>
</tr>
<tr>
<td colspan = "2">
<input type="submit" name="reg" value = "register" />
</td>
</tr>
</table>
</form>
<h2>LOGIN</h2>
<form action="index.php" method = "post" name="auth">
<table>
<tr>
<td>Log in</td>
<td>
<input type="text" name = "login" />
</td>
</tr>
<tr>
<td>Password</td>
<td>
<input type="password" name = "password" />
</td>
</tr>
<tr>
<td colspan = "2">
<input type="submit" name="auth" value = "authorize" />
</td>
</tr>
</table>
</form>';
}
?>
</body>
</html>
And the user_class.php:
<?php
class User{
private $db;
private static $user = null;
private function __construct(){
$this->db = new mysqli("localhost", "root", "root", "temp");
$this->db->query("SET NAMES 'utf8'");
}
public static function getObject(){
if(self::$user === null) self::$user = new User();
return self::$user;
}
public function regUser($login, $password){
if($login == "")return false;
if($password == "")return false;
$password = md5($password);
return $this->db->query("INSERT INTO `users` (`login`, `password`) VALUES ('$login','$password')");
}
private function checkUser($login, $password){
$result_set = $this->db->query("SELECT `password` FROM `users` WHERE `login` = '$login'");
$user = $result_set->fetch_assoc();
$result_set->close();
if(!$user) return false;
return $user["password"] === $password;
}
public function isAuth(){
session_start();
$login = $_SESSION["login"];
$password = $_SESSION["password"];
return $this->checkUser($login,$password);
}
public function login($login, $password){
if($this->checkUser($login, $password)){
session_start();
$_SESSION["login"] = $login;
$_SESSION["password"] = $password;
return true;
}
else return false;
}
public function __destruct(){
if ($this->db) $this->db->close();
}
}
?>
In your database, you are storing the password field with md5 encryption. So, while checking username and password in your login and checkuser function, you nee to check password as md5($password).
Also, I wonder why you have kept the form name and submit button name same.
I am trying to create a simple registration form. I have the following:
include('User.datatype.php');
class NewUser {
function inquireSubmit() {
if(isset($_POST['register'])) {
$username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
$password = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
}
else {
exit;
}
}
function registerUser() {
if ($username = '' or $password = '') {
$msg = 'Please enter the required information.';
header('Location: index.php?error=$msg');
}
else {
$user = new User;
$user->username = $username;
$user->password = $password;
$user->profile = $profile;
}
}
}
class UserManager {
public function storeData() {
$database = mysql_connect("localhost", "root", "");
mysql_select_db("test") or die(mysql_error());
$username_e = mysql_real_escape_string($NewUser->username);
$password_e = mysql_real_escape_string($NewUser->password);
$query = "INSERT INTO users (username, password) VALUES ($username_e, $password_e)";
mysql_query($query);
}
}
Here is the HTML form:
<form id="register" action="register.php">
<table cellpadding="2" cellspacing="2" border="0">
<tr valign="top">
<td>
Username: <input name="username" type="text" id="username" />
</td>
</tr>
<tr valign="top">
<td>
Password: <input name="password" type="password" id="password" />
</td>
<td>
<button id="register">Register</button>
</td>
</tr>
</table>
</form>
Whenever I test it, I just get a blank page as a result. What did I do wrong? Also, (and where) do I display a confirmation message upon success or failure? Many thanks in advance!
Add method="post" to your form tag, also type="submit" to the register button.