I am using this code for registering users, but it is not working. It always echos "Registration failed." I tried many times but nothing works
if(isset($_POST['sub']))
{
$uname = $_POST['uname'];
$email = $_POST['email'];
$pass_hash = PassHash::hash($_POST['pass']);
$sq="SELECT * FROM user WHERE username='$uname'";
//echo $sq;
$re=mysqli_query($link,$sq);
if(mysqli_num_rows($re)>0)
{
echo "Username already taken !";
}
else
{
$SQ = "SELECT * FROM user WHERE email='$email'";
//echo $SQ;
$res=mysqli_query($link,$SQ);
if(mysqli_num_rows($res)>0)
{
echo "Email already taken !";
}
else
{
$SQL = "INSERT INTO user(username,email,password) VALUES('$uname','$email','$pass_hash')";
//echo $SQL;
$result = mysqli_query($link,$SQL);
if(!$result)
{
echo "Registration failed !";
}
else
{
echo"register done";
}
}
}
}
below is table structure
CREATE TABLE `user` (
`id` int(11) NOT NULL auto_increment,
`username` varchar(20) NOT NULL,
`password` varchar(100) NOT NULL,
`email` varchar(20) NOT NULL,
`status` int(11) default '0',
`sdate` date NOT NULL,
`s_type` varchar(2) NOT NULL,
`amount` decimal(10,2) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
Does anyone know what the problem is?
You have a bunch of not null fields in your table, but you're not assigning them any values, so your insert query fails.
Related
I am trying to make a remember me option in my login form. Each time I try to update table with the token value, this value specifically does not update and always return empty after the update process, although the cookies and sessions are already created. Here is my php code.
<?php
$dbc=mysqli_connect('localhost','root','','store') or die('Can\'t connect.');
session_start();+
{
if(isset($_POST['submit_login'])) {
$login_username=$_POST['user_name_login'];
$login_password=$_POST['password_login'];
$statement=mysqli_stmt_init($dbc);
if (mysqli_stmt_prepare($statement, "SELECT * FROM customers_info WHERE user_name=?")) {
mysqli_stmt_bind_param($statement,"s",$login_username);
mysqli_stmt_execute($statement);
$result=mysqli_stmt_get_result($statement);
$num=mysqli_num_rows($result);
}
if($num==1) {
while ($row=mysqli_fetch_assoc($result)) {
$user_name=$row['user_name'];
$enc_user_name=password_hash($user_name,PASSWORD_DEFAULT);
$user_friend=bin2hex(random_bytes(32));
$token=password_hash($user_friend);
$user_signature="$enc_user_name"."___"."$user_friend";
//=====================================================================
if(password_verify($login_password,$row['password'])) {
$_SESSION['user_name']=$user_name;
if(isset($_POST['rememberme'])) {
mysqli_query($dbc,"UPDATE customers_info
SET myenc='$token'
WHERE user_name='$user_name'");
setcookie('cats_love_balls',$user_signature,(time()-3600));
}
header('Location: myfile.php');
}
//===================================================================
}
}
} else {
echo 'not found';
}
}
?>
and here is the mysql statement for creating mytable:
CREATE TABLE `customers_info` (
`user_name` varchar(50) NOT NULL,
`password` varchar(255) DEFAULT NULL,
`first_name` varchar(50) DEFAULT NULL,
`last_name` varchar(50) DEFAULT NULL,
`email` varchar(100) DEFAULT NULL,
`myenc` varchar(300) DEFAULT NULL,
PRIMARY KEY (`user_name`)
);
I do not know if this is important,but i am using Ubuntu 16.04
if you please, I need your help to solve my issue.
I am trying to build a friend system in php I have the tables, database and the logic in place. I am having trouble getting the friend request receiver's id.
I have registeredusers friends updates table. The registeredusers table looks like this,
CREATE TABLE `registeredusers` (
`id` int(11) NOT NULL,
`FirstName` varchar(50) NOT NULL,
`LastName` varchar(50) NOT NULL,
`UserName` varchar(50) NOT NULL,
`Email` varchar(50) NOT NULL,
`Password` varchar(255) NOT NULL,
`ResetPassword` int(7) DEFAULT NULL,
`friends` int(255) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
friends
CREATE TABLE `friends` (
`friend_one` int(11) NOT NULL,
`friend_two` int(11) NOT NULL,
`status` enum('0','1','2') DEFAULT '0'
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
The requester's ID would be INSERTED into friend_two and receiver's ID would get into friend_one. here's my code
<?php
include 'dbh.php';
$sql = "SELECT * FROM registeredusers";
$result = mysqli_query($connection,$sql);
$row = mysqli_fetch_assoc($result);
$username = $row['UserName'];
$requesterU = $_GET['user'];
echo "the requester is ".$requesterU;
while($row=mysqli_fetch_array($result)){
$id = $row[0];
$username = $row[1];
echo "
<form action='list of users.php'>
$id $username<input type='submit' value='send request' name='friendsbanalo'></input></form>";
}
$sql = "SELECT * FROM registeredusers WHERE UserName = '$requesterU'";
$result = mysqli_query($connection,$sql);
$row = mysqli_fetch_assoc($result);
$requester_id = $row['id'];
echo "requester's id ".$requester_id;
if(isset($_POST['friendsbanalo'])){
$sql = "INSERT INTO friends (friend_one,friend_two) VALUES('$requester_id','$reciver_userid')";
$result = mysqli_query($connection, $sql);
}else{
echo "error";
}
?>
I am not able to get the receiver's ID, can anyone tell me how can I get receiver's ID? I tried searching for the solution and the answers were too complicated for me to understand. I tried (on a separate file) INNER JOIN but I couldn't get it to work.
I am trying to add the direction, left and right member to direct but the problem now here is that I am only able to fetch one data (left_mem) instead of both left_mem and right_mem.
$query = $MySQLi_CON->query("select * from users where enroller_id='".$enroller_id_n."' ");
$direct = array();
if($query){
while ($row = $query->fetch_array()) {
$enroller_id3 = $row['enroller_id'];
$direct[] = $row['direction'];
}
}
if ($direct == "left_mem")
{
echo "success";
}
else {
echo "fail";
}
This is my database
CREATE TABLE `users` (
`user_id` int(11) NOT NULL,
`user_name` varchar(25) NOT NULL,
`user_email` varchar(255) NOT NULL,
`user_pass` varchar(255) NOT NULL,
`enroller_id` varchar(25) NOT NULL,
`enrolled_id` varchar(25) NOT NULL,
`direction` varchar(25) NOT NULL DEFAULT 'avail'
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
INSERT INTO `users` (`user_id`, `user_name`, `user_email`, `user_pass`, `enroller_id`, `enrolled_id`, `direction`);
ALTER TABLE `users`
ADD UNIQUE KEY `user_id` (`user_id`);
ALTER TABLE `users`
MODIFY `user_id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=1;
Use in_array to see if both values exist:
if (in_array('left_mem',$direct) && in_array('right_mem',$direct) )
I have created a forum where people can register/login to post topics and replies.
Now I added a Delete link next to each topic that if pressed will go to deletetopic.php and if the user has created this topic it will be deleted, if not, it will say You Didn't create this topic.
this is the deletetopic.php
<?php
session_start();
include("config.php");
if(!isset($_SESSION['uid'])){
echo "<p><b>ERROR: Please log in to delete a topic.";
}
if(isset($_SESSION['username']))
{
$uid = $_SESSION['uid'];
$id=$_GET['id'];
$query1=mysql_query("delete FROM topics WHERE id='$id' and uid='$uid'");
if($query1){
header('location:index.php');
}
else{
echo "<p><b>ERROR: You didnt make this topic.";
}
}
It doesnt work, it just gives me the else {error}
here are my tables:
CREATE TABLE `users` (
`id` INT(11) NOT NULL AUTO_INCREMENT,
`firstname` VARCHAR(255) NOT NULL,
`lastname` VARCHAR(255) NOT NULL,
`email` VARCHAR(255) NOT NULL,
`username` VARCHAR(255) NOT NULL,
`password` VARCHAR(100) NOT NULL,
PRIMARY KEY (`id`)
CREATE TABLE `topics` (
`id` INT(11) NOT NULL AUTO_INCREMENT,
`categoryID` TINYINT(4) NOT NULL,
`topicTitle` VARCHAR(150) NOT NULL,
`topicCreator` INT(11) NOT NULL,
`topicLastUser` INT(11) NOT NULL,
`topicDate` DATETIME NOT NULL,
`topicReplyDate` DATETIME NOT NULL,
`topicViews` INT(11) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`)
EDIT:
uid comes from here I think: login.php
if (isset($_POST['username'])){
$username = $_POST['username'];
$password = $_POST['password'];
$sql = "SELECT * FROM users WHERE username='".$username."' AND password='".$password."' LIMIT 1";
$result = mysql_query($sql) or die(mysql_error());
if (mysql_num_rows($result) == 1){
$row = mysql_fetch_assoc($result);
$_SESSION['uid'] = $row['id'];
$_SESSION['username'] = $row['username'];
header("Location: index.php");
exit();
}else{
echo "<p>Invalid information. Please return to the previous page.";
exit();
}
}
Update
if(isset($_SESSION['username']))
{
$uid = $_SESSION['uid'];
$id=$_GET['id'];
$check = mysql_query("SELECT * FROM topics WHERE id = '$id' AND topicCreator = '$uid'");
if($check){
$query1=mysql_query("delete FROM topics WHERE id='$id' AND topicCreator='$uid'");
header('location:index.php');
}
else{
echo "<p><b>ERROR: You didnt make this topic.";
}
}
Still doesnt work, just goes back to index
There is no uid column in table topics, it is probably topicCreator:
$query1=mysql_query("delete FROM topics WHERE id='$id' and topicCreator='$uid'");
You should consider the comments left here about changing from mysql to mysqli or PDO. And use of prepared statements to prevent SQL injections.
There is another problem. You need to check if the user is the topicCreator BEFORE deleting the topic.
$check = mysql_query("SELECT * FROM topics WHERE id = '$id' AND topicCreator = '$uid'");
if($check){
// Allow deletion
}
else{
// Don't allow deletion
}
I'm trying to build a booking system for hotels, and i can now insert a new booking, but i want it to check if the room is free on the dates of the booking!
Database Schema
CREATE TABLE IF NOT EXISTS `bookings` (
`booking_id` int(10) NOT NULL AUTO_INCREMENT,
`user_id` int(10) NOT NULL,
`room_no` int(10) NOT NULL,
`hotel_id` int(10) NOT NULL,
`from_time` date DEFAULT NULL,
`to_time` date DEFAULT NULL,
PRIMARY KEY (`booking_id`),
KEY `FK_Users_id` (`user_id`),
KEY `user_id` (`user_id`),
KEY `user_id_2` (`user_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=15 ;
Php
include_once 'DbConnection.php';
$room_no = $_POST['roomNo'];
$hotel_id = $_POST['hotel_id'];
$from_date = $_POST['from'];
$to_date = $_POST['to'];
$user_id = $_SESSION['id'];
$date_checker_sql ="SELECT * FROM bookings WHERE hotel_id = $hotel_id";
$result = $mysqli->query($date_checker_sql);
while($row = $result->fetch_object()){
echo $row->booking_id;
if($row->from_time <= $from_date && $row->to_date >= $to_date && $row->room_no = $room_no){
$message = "booking if works.";
echo "<script type='text/javascript'>alert('$message');</script>";
}else{ $message = "something wrong";
echo "<script type='text/javascript'>alert('$message');</script>";
}
}
$insert_post_sql = "INSERT INTO bookings
SET room_no='$room_no', hotel_id='$hotel_id', from_time='$from_date', to_time='$to_date', user_id='$user_id'
";
if ($mysqli->query($insert_post_sql)) {
$message = "hotel created - logging you out sir.";
echo "<script type='text/javascript'>alert('$message');</script>";
//header("location: index.php");
}else{
echo 'something went wrong';
Right now, it books the hotel, since the insert sql is not in the while loop.
But when it checks, it never alerts the message "booking if works" - I just can't figure out how to construct it properly.
All help is much appreciated!