So I’m trying to make a registration page. I have gone as far as making it so that when a user inputs information it saves in it in a MySQL database.
I have it so it saves the username, password and email, when a user tries to have the same username as a another user it doesn’t save it in the database
but lets them pass through to the index.php page I have setup. So how do I make it so that it doesn’t let them pass?
heres the code;
https://hastebin.com/oluzujisex.php
What fo you do in other files to stop unauthenticated users?
And where did you learn to use mysql_real_escape_string and MD5 to hash passwords? Its extremely bad practice from 10+ years ago.
You desperately need to look into prepared and parameterized queries (preferably with PDO instead of Mysqli) and the password_hash functions
Jim’s good advice aside (you should follow his lead), the logic is twisted/convoluted. Start over using pdo and handle this like a BASIC language step. However, you should notice that you check for no errors but have no else clause: if (count($errors) == 0). Then what? let user pass....
This is not how one should implement a login system. Start here (outdated but better than what you currently use): https://www.wikihow.com/Create-a-Secure-Login-Script-in-PHP-and-MySQL