I'm very new to PHP and have to use it for school to make a prototype login/signup page. However I am having an issue inserting values from a sign up form into a MySQL database. I have created a customers
table in a UTTCv5
schema on phpmyadmin. I sourced the code from this website https://www.tutorialrepublic.com/php-tutorial/php-mysql-login-system.php and edited it to add the first name and credit card number. However, when I complete and submit the form, the data is not added to the customers
table.
config.php:
<?php
/* Database credentials */
define('DB_SERVER', 'localhost');
define('DB_USERNAME', 'root');
define('DB_PASSWORD', '');
define('DB_NAME', 'utccv5');
/* Attempt to connect to MySQL database */
$link = mysqli_connect(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME);
// Check connection
if($link === false){
die("ERROR: Could not connect. " . mysqli_connect_error());
}
?>
register.php:
<?php
// Include config file
require_once "config.php";
// Define variables and initialize with empty values
$username = $password = $first_name = $credit_card = "";
$username_err = $password_err = $first_name_err = $credit_card_err = "";
// Processing form data when form is submitted
if($_SERVER["REQUEST_METHOD"] == "POST"){
// Validate email
if(empty(trim($_POST["username"]))){
$username_err = "Please your email.";
} else{
Prepare a select statement
$sql = "SELECT email FROM customers WHERE email = ?";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "s", $param_username);
// Set parameters
$param_username = trim($_POST["username"]);
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
/* store result */
mysqli_stmt_store_result($stmt);
if(mysqli_stmt_num_rows($stmt) == 1){
$username_err = "This email is already taken.";
} else{
$username = trim($_POST["username"]);
}
} else{
echo "Oops! Something went wrong. Please try again later.";
}
// Close statement
mysqli_stmt_close($stmt);
}
}
// Validate password
if(empty(trim($_POST["password"]))){
$password_err = "Please enter a password.";
} elseif(strlen(trim($_POST["password"])) < 6){
$password_err = "Password must have atleast 6 characters.";
} else{
$password = trim($_POST["password"]);
}
// Validate first name
if(empty(trim($_POST["first_name"]))){
$first_name_err = "Please enter your first name.";
} elseif(strlen(trim($_POST["first_name"])) < 1){
$first_name_err = "Your first name must have atleast 1 character.";
} else{
$first_name = trim($_POST["first_name"]);
}
// Validate credit
if(empty(trim($_POST["credit_card"]))){
$credit_card_err = "Please enter your credit card number.";
} elseif(strlen(trim($_POST["credit_card"])) < 16){
$credit_card_err = "Your first name must have atleast 1 character.";
} else{
$credit_card = trim($_POST["credit_card"]);
}
// Check input errors before inserting in database
if(empty($username_err) && empty($password_err) && empty($first_name_err) && empty($credit_card_err)){
// Prepare an insert statement
$sql = "INSERT INTO customers (username, password, first_name, credit_card) VALUES (?, ?, ?, ?, ?, ?)";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "ssss", $param_username, $param_password, $param_first_name, $param_credit_card);
// Set parameters
$param_username = $username;
$param_password = password_hash($password, PASSWORD_DEFAULT); // Creates a password hash
$param_first_name = $first_name;
$param_credit_card = $credit_card;
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
// Redirect to login page
header("location: login.php");
} else{
echo "Something went wrong. Please try again later.";
}
// Close statement
mysqli_stmt_close($stmt);
}
}
// Close connection
mysqli_close($link);
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Sign Up</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.css">
<style type="text/css">
body{ font: 14px sans-serif; }
.wrapper{ width: 350px; padding: 20px; }
</style>
</head>
<body>
<div class="wrapper">
<h2>Sign Up</h2>
<p>Please fill this form to create an Under the Clock account.</p>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
<div class="form-group <?php echo (!empty($username_err)) ? 'has-error' : ''; ?>">
<label>Email</label>
<input type="text" name="username" class="form-control" value="<?php echo $username; ?>">
<span class="help-block"><?php echo $username_err; ?></span>
</div>
<div class="form-group <?php echo (!empty($password_err)) ? 'has-error' : ''; ?>">
<label>Password</label>
<input type="password" name="password" class="form-control" value="<?php echo $password; ?>">
<span class="help-block"><?php echo $password_err; ?></span>
</div>
<div class="form-group <?php echo (!empty($first_name_err)) ? 'has-error' : ''; ?>">
<label>First name</label>
<input type="text" name="first_name" class="form-control" value="<?php echo $first_name; ?>">
<span class="help-block"><?php echo $confirm_password_err; ?></span>
</div>
<div class="form-group <?php echo (!empty($credit_card_err)) ? 'has-error' : ''; ?>">
<label>Credit Card</label>
<input type="text" name="credit_card" class="form-control" value="<?php echo $credit_card; ?>">
<span class="help-block"><?php echo $credit_card_err; ?></span>
</div>
<div class="form-group">
<input type="submit" class="btn btn-primary" value="Submit">
<input type="reset" class="btn btn-default" value="Reset">
</div>
<p>Already have an account? <a href="login.php">Login here</a>.</p>
</form>
</div>
</body>
</html>
Try to make these changes
Prepare a select statement it should be commented //Prepare a select statement
Check if your mysql user has insert permission. use this command: SHOW GRANTS FOR CURRENT_USER
First of all regarding mysql, you should not be using the root account in your scripts for security purposes and that may also be the cause due to server security restrictions.
Here you go on creating a new account & granting permissions
As @Jameel said you also need to comment non-PHP code by adding double forward slashes. I see they're there in some lines but not here
Prepare a select statement
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.