php form not inserting data to the mysql database , although there are no connection errors

Question

There is no error in the database connection and the data is not inserting in the database, as the post request is made, the page redirects to signup.php and no query is created. I have tried to echo the variables $email and $password, it does not show anything on the screen, it seems like the whole php script is not executing. It just redirects to a blank page.

<div class="modal-body">


                <form class="form" action="signup.php" method="post">
                  <input id="textboxid" type="email" placeholder="  Email"  name="email" required />
                  <br>
                  <br>
                  <input id="textboxid" type="password" placeholder="  Password" name="password" required />
                  <br>
                  <br>
                  <input id="textboxid" type="password" placeholder="  Confirm Password" name="cnfpassword" required />
                  <br><br>
                  <input id="signup" type="submit"  name="signup" value="sign up"/>

                </form>

              </div>

<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
session_start();
define('DB_NAME', 'myblog');
define('DB_USER', 'root');
define('DB_PASS', '');
define('DB_HOST', 'localhost');

$db = mysqli_connect(DB_HOST, DB_USER, DB_PASS,DB_NAME);
if ($db) {
    echo 'conected';
  } else {
    echo 'not conected';
  }
  if(!empty($_POST['email']) || !empty($_POST['password']))
  {
    $email = mysqli_real_escape_string($db, $_POST['email']);
    $password = md5($_POST['password']);
    $cnfpassword = md5($_POST['cnfpassword']);
    echo $email;
    $sql = "SELECT id FROM accounts 
         WHERE email= '" . $email . "' ";
    $result = mysqli_query($db, $sql);
    $count = mysqli_num_rows($result);

    if ($count == 0) {
        mysqli_query($db, "INSERT INTO accounts (`email`,`password`) 
                              VALUES('".$email."','".$password."')");
                              $SESSION['email'] = $email;

                            header("location:practice.html");

                            }
                        }


?>

Answer 1

I tested your code and it seems to be working out. Please check the following to ensure it works

1. Check if your Database credentials are correct, is the user root authorized?
2. Check if your table structure is correct, I used varchar(255) for both email and password.
3. Make sure the fields in your database are named exactly as email, password and that the table is named accounts.

After your code finishes executing it redirects you to practice.html, it could be the blank page you are being redirected to, if its not configured to echo out the insertion results you can check directly on phpmyAdmin.

Answer 2

Please keep in mind this code is bad practice, and very likely susceptible to SQL Injection please look into the PDO API for PHP or add function

function db_escape($connection, $string) {
    return mysqli_real_escape_string($connection, $string);
  }

function insert_accounts($accounts) {
global $db;
$sql = "INSERT INTO accounts ";
    $sql .= "(email, password) ";
    $sql .= "VALUES (";
    $sql .= "'" . db_escape($db, $accounts['email']) . "',";
    $sql .= "'" . db_escape($db, $accounts['password']) . "',";

    //echo $sql;
    $sql .= ")";