You have functions such as “emptyInputSignup()” … You will need to see what those do. They are not PHP functions and therefore they are probably causing your problem. If they are not valid, they can throw a false value and therefore send you back to the sign up page. As Phdr said, we can not debug something we can not see…
This is the entire form page, the header.php is just a small bit of html and the footer.php is blank
<?php
include_once "header.php";
?>
<section class="signup-form">
<h2>Sign Up</h2>
<form action="includes/signup.inc.php" method="POST">
<input type="text" name="name" placeholder="Full name...">
<input type="text" name="email" placeholder="Email...">
<input type="text" name="uid" placeholder="username...">
<input type="password" name="pwd" placeholder="Password...">
<input type="password" name="pwdrepeat" placeholder="Repeat Password...">
<button type="submit" name="formsent">Sign Up</button>
</form>
</section>
<?php
include_once "footer.php"
?>
this is my entire functions.inc.php page, nothing on here says to redirect to that URL however, it’s only the else loop on the sigup.inc.php file that says to go to signup.php?testing
<?php
function emptyInputSignup($name, $email, $username, $pwd, $pwdRepeat) {
$result;
if (empty($name) || empty($email) || empty($username) || empty($pwd) || empty($pwdRepeat)){
$result = true;
}
else{
$result = false;
}
return $result;
}
function invalidUid($username) {
$result;
if (!preg_match("/^[a-zA-Z0-9]*$/", $username)){
$result = true;
}
else{
$result = false;
}
return $result;
}
function invalidEmail($email) {
$result;
if (!filter_var($email, FILTER_VALIDATE_EMAIL)){
$result = true;
}
else{
$result = false;
}
return $result;
}
function pwdMatch($pwd, $pwdRepeat) {
$result;
if ($pwd !== $pwdRepeat){
$result = true;
}
else{
$result = false;
}
return $result;
}
function uidExists($conn, $username, $email) {
$sql = "SELECT * FROM users WHERE usersUid = ? OR usersEmail = ?;";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt, $sql)) {
header("location: ../signup.php?error=stmtfailed");
exit();
}
mysqli_stmt_bind_param($stmt, "ss", $username, $email);
mysqli_stmt_execute($stmt);
$resultData = mysqli_stmt_get_result($stmt);
if ($row = mysqli_fetch_assoc($resultData)){
return $row;
}
else {
$result = false;
return $result;
}
mysqli_stmt_close($stmt);
}
function createUser($conn, $name, $email, $username, $pwd) {
$sql = "INSERT INTO users (usersName, usersEmail, usersUid, usersPwd) VALUES (?, ?, ?, ?);";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt, $sql)) {
header("location: ../signup.php?error=stmtfailed");
exit();
}
$hashedPwd = password_hash($pwd, PASSWORD_DEFAULT);
mysqli_stmt_bind_param($stmt, "ssss", $name, $email, $username, $hashedPwd);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
header("location: ../signup.php?error=none");
exit();
}
What is this? Remove the $result lines after the function lines!
It makes no sense at all! And, also in the second function.
Ok sure, I wasn’t too sure about that
So far there is nothing apparent that would account for the unexpected operation. Does header.php contain any redirects or another opening <form tag? Since signup.ini.php is expected to be included, based on the folder name it is in, are there more pages of code involved? Are you perhaps both including it and submitting the form to it and what you are reporting is the result of it being included? Are you posting the code for includes/signup.inc.php or is there possibly a signup.inc.php somewhere else that you are posting the code for and it’s not what is actually being executed when the form is submitted?
A another possibility is that some of this markup got copied from somewhere where it was PUBLISHED and the characters and quotes aren’t actually what is visible (and posting it on this forum further changed what is being seen.) It might take zipping all the files and folders and attaching it to a post.
For debugging purposes, what does adding the following line of code, immediately after the opening <?php tag in includes/signup.ini.php show -
echo '<pre>'; var_dump($_POST); echo '</pre>';With that extra line all I get is
array(0) {
}
Also header.php doesn’t contains any other redirects and is purely just some html links to get to pages.
That would explain why - if (isset($_POST["formsent"])) { is a false value.
What does changing to $_GET show -
echo '<pre>'; var_dump($_GET); echo '</pre>';Same thing
array(0) {
}
Should I change the form method as well to $_GET?
For reference of what happens when I change to $_GET
array(6) {
["name"]=>
string(6) "bnd1t"
["email"]=>
string(2) "da"
["uid"]=>
string(2) "da"
["pwd"]=>
string(2) "da"
["pwdrepeat"]=>
string(2) "da"
["formsent"]=>
string(0) ""
}
Well, first, if you are POSTing data, you can NOT print the GET data. You would need to use the $_POST array, not the $_GET array. They are two different things.
Next, how you process posted forms, you usually first check for the post’s. Then, you validate each item. If you have large number of calls to forms to check validation, then you use functions. But, if you only check them once, it is a waste of code to use functions at all.
Here is an example…
if($_SERVER[‘REQUEST_METHOD’] == ‘POST’) {
// the form was posted, now deal with the data itself… Best to use one message and validate each
$errormessage="";
if (!isset ($_POST[“name”]) {
// name is missing send message
$errormessage .= “Name is missing, please enter it!
”;
}
… handle each issue one after the other
}
This is just a quick example.
Now, if you need to check for names in many many different areas on your page, then the validations should be done in functions as you created.
Therefore, stick with the $_POST array not the $_GET array. And, fix your functions if needed or move them into your post checking area.
Hope that helps…
One more comment. If you use a form with " method="post " , then you must use the $_POST[] array.
The thing is even after changing the
if (isset($_POST["formsent"])) {
to
if($_SERVER[‘REQUEST_METHOD’] == ‘POST’) {
it still is returning false
If by that you mean you changed the form to use method='get', that indicates that the method=‘post’ markup wasn’t what it appeared to be. Delete and retype method='post'
Tried that and it’s not making any difference
So, something is apparently causing the $_POST array to be empty. The only thing I know of is if the post_max_size setting is set to a small value. Any chance you have changed this and due to a syntax problem in the value, it is not really what you think? What does a .php script file with a phpinfo() statement in it show for the post_max_size?
Unfortunately, you copied that from a non-code context, where the forum software ‘beautified it’ and it picked up smart-curly quotes that are meaningless to php.
Do this…
This will kill the page once you post it and display what is being posted.
Make sure the data you entered shows up in the $_POST[] array.
If the data is not correct, then, something is wrong in your form.
If the data is correct, then, the validation sections are incorrect.
The issue with this is
if($_SERVER[‘REQUEST_METHOD’] == ‘POST’) {
this line doesn’t work so this
die("< pre>".print_r($_POST)."< /pre>");
never gets run
Well, take out the quotes and put in real ones! Curly-q-quotes are for text editors and fancy displays not for coding! Phdr told you this already! That line will never work with fake quotes… Hope that helps…
post_max_size is 32M according to my phpinfo()
I did change the quotes, I just didn’t have my code editor open at the time I sent that message so I copied what was on this tread before