Sign up form connecting to php database

Bentutt94 · October 12, 2023, 12:56pm

Hey, I am new to PHP and I am currently creating a sign up page, I have set up Phpmyadmin and mysqli, and I have wrote the script to connect to my database, but everytime I am clicking the sign up button after submitting data, its not going into my database which is leaving very confused.
I would very much appreciate help with this issue!

This is my signup page code below.

<!DOCTYPE html>
<html lang="en">
<head>
  <link rel="stylesheet" href="signup.css">
  <meta charset="UTF-8">
  <meta http-equiv="X-UA-Compatible" content="IE=edge">
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <title> Human Needs Exposure Profiling Tool </title>
  <link rel="stylesheet" href="./signup.css">
  <script src="./index.js" defer></script>
</head>
<button onclick= "window.location.href = 'index.php';">Go Back</button> 
<body>
  <div class="container">
  <div class="h1">
    <h1>Human Needs Exposure Profiling Tool</h1>
<section class="signup.css">
<h2> Sign Up</h2>
<form action= "signup.inc.php" method="post">
<input type="text" name="name" placeholder="Full name...">
<input type="text" name="email" placeholder="Email...">
<input type="password" name="pwd" placeholder="Password...">
<input type="password" name="pwdrepeat" placeholder="Repeat Password...">
<button type="submit" name="submit">Sign Up</button>
</form>
<?php

 // Error messages
 if (isset($_GET["error"])) {
  if ($_GET["error"] == "emptyinput") {
    echo "<p>Fill in all fields!</p>";
  }
  else if ($_GET["error"] == "invalidemail") {
    echo "<p>Choose a proper email!</p>";
  }
  else if ($_GET["error"] == "passwordsdontmatch") {
    echo "<p>Passwords doesn't match!</p>";
  }
  else if ($_GET["error"] == "stmtfailed") {
    echo "<p>Something went wrong!</p>";
  }
  else if ($_GET["error"] == "usernametaken") {
    echo "<p>Username already taken!</p>";
  }
  else if ($_GET["error"] == "none") {
    echo "<p>You have signed up!</p>";
  }
}
include "db_conx.php"

?>
This is my database connect

<?php

$db_conx = mysqli_connect("localhost", "bentutt", "Grandad3040", "Signup_db");

// Evaluate the connection

if (mysqli_connect_errno()) {

    echo mysqli_connect_error();

    exit ();

}

?>
And these last two are my include files. 
<?php

// Check for empty input signup

function emptyInputSignup($name, $email, $username, $pwd, $pwdRepeat) {

    $result;

    if (empty($name) || empty($email) || empty($username) || empty($pwd) || empty($pwdRepeat)) {

        $result = true;

    }

    else {

        $result = false;

    }

    return $result;

}

// Check invalid username

function invalidUid($username) {

    $result;

    if (!preg_match("/^[a-zA-Z0-9]*$/", $username)) {

        $result = true;

    }

    else {

        $result = false;

    }

    return $result;

}

// Check invalid email

function invalidEmail($email) {

    $result;

    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {

        $result = true;

    }

    else {

        $result = false;

    }

    return $result;

}

// Check if passwords matches

function pwdMatch($pwd, $pwdrepeat) {

    $result;

    if ($pwd !== $pwdrepeat) {

        $result = true;

    }

    else {

        $result = false;

    }

    return $result;

}

// Check if username is in database, if so then return data

function uidExists($conn, $username) {

  $sql = "SELECT * FROM users WHERE usersUid = ? OR usersEmail = ?;";

    $stmt = mysqli_stmt_init($conn);

    if (!mysqli_stmt_prepare($stmt, $sql)) {

        header("location: ../Signup.php?error=stmtfailed");

        exit();

    }

    mysqli_stmt_bind_param($stmt, "ss", $username, $username);

    mysqli_stmt_execute($stmt);

    // "Get result" returns the results from a prepared statement

    $resultData = mysqli_stmt_get_result($stmt);

    if ($row = mysqli_fetch_assoc($resultData)) {

        return $row;

    }

    else {

        $result = false;

        return $result;

    }

    mysqli_stmt_close($stmt);

}

// Insert new user into database

function createUser($conn, $name, $email, $pwd) {

  $sql = "INSERT INTO users (usersName, usersEmail, usersPwd) VALUES (?, ?, ?);";

    $stmt = mysqli_stmt_init($conn);

    if (!mysqli_stmt_prepare($stmt, $sql)) {

        header("location: ../Signup.php?error=stmtfailed");

        exit();

    }

    $hashedPwd = password_hash($pwd, PASSWORD_DEFAULT);

    mysqli_stmt_bind_param($stmt, "sss", $name, $email, $hashedPwd);

    mysqli_stmt_execute($stmt);

    mysqli_stmt_close($stmt);

    mysqli_close($conn);

    header("location: ../Signup.php?error=none");

    exit();

}

// Check for empty input login

function emptyInputLogin($username, $pwd) {

    $result;

    if (empty($username) || empty($pwd)) {

        $result = true;

    }

    else {

        $result = false;

    }

    return $result;

}

// Log user into website

function loginUser($conn, $username, $pwd) {

    $uidExists = uidExists($conn, $username);

    if ($uidExists === false) {

        header("location: ../Login Page.php?error=wronglogin");

        exit();

    }

    $pwdHashed = $uidExists["usersPwd"];

    $checkPwd = password_verify($pwd, $pwdHashed);

    if ($checkPwd === false) {

        header("location: ../Login Page.php?error=wronglogin");

        exit();

    }

    elseif ($checkPwd === true) {

        session_start();

        $_SESSION["userid"] = $uidExists["usersId"];

        $_SESSION["useruid"] = $uidExists["usersUid"];

        header("location: ../index.php?error=none");

        exit();

    }

}

<?php

if (isset($_POST["signup"])) {

  // First we get the form data from the URL

  $name = $_POST["usersName"];

  $email = $_POST["usersEmail"];

  $pwd = $_POST["usersPwd"];

  $username = $_POST["usersId"];

  // Then we run a bunch of error handlers to catch any user mistakes we can (you can add more than I did)

  // These functions can be found in functions.inc.php

  include_once "db_conx.php";

  include_once 'functions.inc.php';

  // Left inputs empty

  // We set the functions "!== false" since "=== true" has a risk of giving us the wrong outcome

  if (emptyInputSignup($name, $email, $username, $pwd, $pwdRepeat) !== false) {

    header("location: ../Signup.php?error=emptyinput");

    exit();

  }

  // Proper username chosen

  if (invalidUid($uid) !== false) {

    header("location: ../Signup.php?error=invaliduid");

    exit();

  }

  // Proper email chosen

  if (invalidEmail($email) !== false) {

    header("location: ../Signup.php?error=invalidemail");

    exit();

  }

  // Do the two passwords match?

  if (pwdMatch($pwd, $pwdRepeat) !== false) {

    header("location: ../Signup.php?error=passwordsdontmatch");

    exit();

  }

  // Is the username taken already

  if (uidExists($conn, $username) !== false) {

    header("location: ../Signup.php?error=usernametaken");

    exit();

  }

  // If we get to here, it means there are no user errors

  // Now we insert the user into the database

  createUser($conn, $name, $email, $username, $pwd);

} else {

  header("location: ../Signup.php");

    exit();

}

phdr · October 12, 2023, 1:43pm

Before you waste any more time on this, do what was already written in your previous thread -

You have a variable naming problem that php would produce an error for, although with all the redirecting, it may get hidden if php’s output_buffing is on the php.ini (while you are making changes to the php.ini, turn this setting off.)

katsry · October 16, 2023, 10:00am

I’ve identified several issues that could be causing the problem.

Form Element Name Mismatch:
In your form HTML, you have:

<input type="text" name="name" placeholder="Full name...">
<input type="text" name="email" placeholder="Email...">
<input type="password" name="pwd" placeholder="Password...">
<input type="password" name="pwdrepeat" placeholder="Repeat Password...">

But in your PHP processing code, you have:

$name = $_POST["usersName"];
$email = $_POST["usersEmail"];
$pwd = $_POST["usersPwd"];

The names should match. Change your PHP code to:

$name = $_POST["name"];
$email = $_POST["email"];
$pwd = $_POST["pwd"];
$pwdRepeat = $_POST["pwdrepeat"];

Submit Button Name Mismatch:
Your form submit button is named “submit”:

<button type="submit" name="submit">Sign Up</button>

But in your PHP code, you’re checking for:

if (isset($_POST["signup"])) {

Change it to:

if (isset($_POST["submit"])) {

Also;

Undefined $username and $pwdRepeat:In the error-handling functions you reference variables $username and $pwdRepeat, but they are not defined or fetched from $_POST.
Missing Username in Form:Your form does not have an input for “username”, but your error-handling code assumes it’s present. Decide if you want a username field. If you do, add it to the form. If not, adjust your error-handling code accordingly.
Incorrect Database Columns:Make sure the column names in your database table match what you’re using in your SQL queries (usersName, usersEmail, usersPwd, etc.). If they don’t match, adjust your SQL or your database schema.

Also, add a semicolon to include "db_conx.php";
Please make all these changes and see if your data will be inserted into the database as expected.
Good luck