We Keep Coding

My registeration page isn't checking the database to see if username has been taken

I'm trying to make a query that would check if username has been taken but it only stores the form data into the database even if the username already exists
<?php
$db= new mysqli('localhost', 'root', '', 'mytrackz');
$query= "SELECT * FROM users ";
$result2= mysqli_query($db, $query);
$user= mysqli_fetch_assoc($result2);
if (isset($_POST['regbutton']))
{
$username= $_POST['username'];
$email= $_POST['email'];
$password= $_POST['password'];
$sql= "INSERT INTO users (username, email, password) VALUES ('$username', '$email', '$password')";
$result= mysqli_query($db, $sql);
if ($user) {
if ($user == $username){
echo "Username already exists";
}elseif($result){
echo "Registeration Successful";
}else{
echo "Registeration unsuccessful";
}
}
}
?>

1:
when you do '$query= "SELECT * FROM users "' you are getting all records in your table without any filter by user.
2:
afeter check the post in 'if (isset($_POST['regbutton']))' you are inserting the value without check in database.
3: 'if ($user == $username){
echo "Username already exists";' you are checking a single value agains an array of objects from database;
To fix it:
<?php
$db= new mysqli('localhost', 'root', '', 'mytrackz');
if (isset($_POST['regbutton']))
{
$username= $_POST['username'];
$email= $_POST['email'];
$password= $_POST['password'];
$query= "SELECT * FROM users WHERE username = '$username'";
$result2= mysqli_query($db, $query);
$user= mysqli_fetch_assoc($result2);
if ($user['username'] == $username){
echo "Username already exists";
}else{
$sql= "INSERT INTO users (username, email, password) VALUES ('$username','$email', '$password')";
$result= mysqli_query($db, $sql);
}
}

Cannot see table content in phpmyadmin

I create a database to save my users information. But I can only see the content of password part, and I can't see other parts content like email, username, first name etc. I put here a screenshot and my php codes thank you all.
<?php
session_start();
$db = mysqli_connect("localhost", "", "", "register_user");
if (isset($_POST["submit"])) {
session_start();
$firstname = mysql_real_escape_string($_POST["firstname"]);
$lastname = mysql_real_escape_string($_POST["lastname"]);
$username = mysql_real_escape_string($_POST["username"]);
$password = mysql_real_escape_string($_POST["password"]);
$password_2 = mysql_real_escape_string($_POST["password_2"]);
$email = mysql_real_escape_string($_POST["email"]);
$email_2 = mysql_real_escape_string($_POST["email_2"]);
if ($password == $password_2) {
$password = md5($password);
$sql = "INSERT INTO user_data(firstname, lastname, username, password, email) VALUES('$firstname', '$lastname', '$username', '$password', '$email')";
mysqli_query($db, $sql);
$_SESSION['message'] = "You logged successfully";
$_SESSION['username'] = $username;
header("location: index.html");
}else {
$_SESSION['message'] = "Passwords don't match";
}
}
?>

If you are using mysqli please use
mysqli_real_escape_string(connection,escapestring);
Hope it helps.
Plus you need not to start the session twice you can use it once

Can't insert values into table

I'm trying to insert values from a register form to the database but I keep getting the message 'User Registration Failed', and I don't know why.
<?php
include("home.html");
require('connect.php');
if (isset($_POST['username']) && isset($_POST['password'])){
$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
$query = "INSERT INTO users (username, password, email) VALUES ('$username', '$password', '$email')";
$result = mysqli_query($connection, $query);
if($result)
{
$smsg = "User Created Successfully";
}
else
{
$fmsg ="User Registration Failed";
}
}

Data is retrieved from DB but wont insert?

So when I want to retrieve data and check it i.e. if the email already exist echo already registered. That part works fine, however inserting the same data does not work. Are my conditionals ordered improperly?
(intentionally left out values for the dbhostname id pw variables)
$dbname = "hw2";
$link = mysqli_connect($dbhostname, $dbuserid, $dbpassword, $dbname);
$firstname = $_POST["signup-firstname"];
$lastname = $_POST["signup-lastname"];
$email = $_POST["signup-email"];
$password = $_POST["signup-password"];
$repassword = $_POST["signup-repassword"];
if ($password != $repassword){
echo "<br><h3>Passwords did not match. <br>Please try again.</h3>";
}
else {
$ret_email = "SELECT * FROM hw2 WHERE email = '$email'";
$result = mysqli_query($link, $ret_email);
$num_rows = mysqli_num_rows($result);
if ($num_rows > 0){
echo "This email is already registered.";
}
else{
$insert_query = "INSERT INTO hw2 (firstname, lastname, email, password, repassword) VALUES ('$firstname', '$lastname', '$email', '$password', '$repassword')";
echo "$insert_query";
}
}
?>

You should perform the query not only echoing it
mysqli_query($con,"INSERT INTO Persons (FirstName,LastName,Age)
if ($num_rows > 0){
echo "This email is already registered.";
}
else{
$insert_query = "INSERT INTO hw2 (firstname, lastname, email, password, repassword) VALUES ('$firstname', '$lastname', '$email', '$password', '$repassword')";
echo "$insert_query";
mysqli_query($link,$insert_query)
}

Cannot Compare with md5 password from database

signup.php
$password_unencrypted = $_POST['passwd'];
$password=md5($password_unencrypted);
$query = "INSERT INTO Customers (firstname, lastname, username, password, " . "gender,mobile,email) " . "VALUES ('$first_name', '$last_name', '$user_name', '$password', " . " '$gender','$mobile','$email')";
Login.php
$username=$_POST['username'];
$password=md5($_POST['password']);
$sql = ("select * from Customers where username='".$username."' and password='".$password."'") or die('Error connecting to MySQL server.');
$query = mysqli_query($con,$sql);
$result=mysqli_fetch_row($query);
if($result)
{
$_SESSION['username']=$username;
header('location:home.html');
}
else
{
echo md5($_POST['password']);
echo 'Your entered username or password is incorrect';
}
In above signup and login codes I'm applying md5 for password storing
I checked in Database the md5 password is storing correctly but is not retreiving properly(i think)
trying to login into page it is failing
FYI : echo md5($_POST['password']); in Login.php is showing same password stored in database

here is it how to fix your login.php code
you were totally checking wrong you need to check first if the query succeeded running then check if returned rows are more than 0 that means the username is correct and we proceed to password checking if everything is fine we start the session assuming you have session_start() on top of your page if not add it before $_SESSION['username'] = $username;
check the manual for password_hash() and password_verify()
on register.php modify saving the password into the database
$password = md5($_POST['password']); to $password = password_hash($_POST['password'], PASSWORD_DEFAULT);
<?php
if isset($_POST['submit']) {
$username= mysqli_real_escape_string($con, trim($_POST['username']));
$password = trim($_POST['password']); // no need to sanitize the password
$sql = "select * from Customers where username = '" .$username."' "; // you don't need or Die() it's just a string
if ($result = mysqli_query($con,$sql)) //check if the Query succeeded running
{
$count = mysqli_num_rows($result);
if($count > 0 )
{ // if username exists we proceed to checking password
$fetch = mysqli_fetch_assoc($result);
$hashedpassword = $fetch["password"];
if ( password_verify($password, $hashedpassword) )
{ //checking password
$_SESSION['username']=$username;
header('location:home.html');
exit;
}else {
echo "incorrect username or password"; // you don't want to tell him that the username is fine but the password is not correct
}
} else {
echo "incorrect username or password";
}
} else {
echo 'Query failed to run';
}
}
?>