Website Registeration

General PHP Help
#1

The code below returned with something went wrong error instead of saving data into the database
I will appreciate help to make it more lighter, secure and functional. I am even needing to upload profile picture, but the issue at hand now is stopping to further.

<?php require (‘includes/config.php’);
include (‘includes/header.php’);
?>

<?php // Define variables and initialize with empty values $username = $password = $mobile = $email = $confirm_password = ""; $username_err = $password_err = $mobile_err = $email_err = $confirm_password_err = ""; // Processing form data when form is submitted if($_SERVER["REQUEST_METHOD"] == "POST"){ // Validate username if(empty(trim($_POST["username"]))){ $username_err = "Please enter a username."; } elseif(!preg_match('/^[a-zA-Z0-9_]+$/', trim($_POST["username"]))){ $username_err = "Username can only contain letters, numbers, and underscores."; } else{ // Prepare a select statement $sql = "SELECT id FROM users WHERE uname = ?"; if($stmt = mysqli_prepare($con, $sql)){ // Bind variables to the prepared statement as parameters mysqli_stmt_bind_param($stmt, "s", $param_username); // Set parameters $param_username = trim($_POST["username"]); // Attempt to execute the prepared statement if(mysqli_stmt_execute($stmt)){ /* store result */ mysqli_stmt_store_result($stmt); if(mysqli_stmt_num_rows($stmt) == 1){ $username_err = "This username is already taken."; } else{ $username = trim($_POST["username"]); } } else{ echo "Oops! Something went wrong. Please try again later."; } // Close statement mysqli_stmt_close($stmt); } } // Validate password if(empty(trim($_POST["password"]))){ $password_err = "Please enter a password."; } elseif(strlen(trim($_POST["password"])) < 6){ $password_err = "Password must have atleast 6 characters."; } else{ $password = trim($_POST["password"]); } // Validate confirm password if(empty(trim($_POST["confirm_password"]))){ $confirm_password_err = "Please confirm password."; } else{ $confirm_password = trim($_POST["confirm_password"]); if(empty($password_err) && ($password != $confirm_password)){ $confirm_password_err = "Password did not match."; } if(empty(trim($_POST["mobile"]))){ $mobile_err = "Please enter your mobile number."; } if(strlen(trim($_POST["mobile"])) < 11){ $mobile_err = "Mobile Number must be 11 digit."; } if(strlen(trim($_POST["mobile"])) > 11){ $mobile_err = "Mobile Number must be 11 digit."; } elseif(!preg_match('/^[0-9]+$/', trim($_POST["mobile"]))){ $mobile_err = "Mobile number not valid."; } else{ $mobile = trim($_POST["mobile"]); } if(empty(trim($_POST["email"]))){ $email_err = "Kindly provide your email Address."; } elseif(!preg_match('/^[a-zA-Z0-9@._]+$/', trim($_POST["username"]))){ $email_err = "Email formatinput error."; } else{ $email = trim($_POST["email"]); } // Check input errors before inserting in database } if(empty($username_err) && empty($password_err) && empty($email_err) && empty($mobile_err) && empty($confirm_password_err)){ // Prepare an insert statement $sql = "INSERT INTO users (uname, email, contactno, password) VALUES (?, ?, ?, ?)"; if($stmt = mysqli_prepare($con, $sql)){ // Bind variables to the prepared statement as parameters mysqli_stmt_bind_param($stmt, "ssss", $param_username, $param_password, $param_mobile, $param_email); // Set parameters $param_username = $username; $param_mobile = $mobile; $param_email = $email; $param_password = password_hash($password, PASSWORD_DEFAULT); // Creates a password hash // Attempt to execute the prepared statement if(mysqli_stmt_execute($stmt)){ // Redirect to login page header("location: login.php"); } else{ echo "Oops! Something went wrong. Please try again later."; } // Close statement mysqli_stmt_close($stmt); } } // Close connection mysqli_close($conn); } ?>

sign in

Hello, Welcome to your account.

" >
Username * <?php echo $username_err; ?> 
	<div class="form-group">
    	<label class="info-title" for="exampleInputEmail2">Email Address <span>*</span></label>
		<input type="email" name="email" class="form-control <?php echo (!empty($email_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $email; ?>">
            <span class="invalid-feedback"><?php echo $email_err; ?></span>
       	</div>
Mobile No * <?php echo $mobile_err; ?> 
	  </div>
Password. * <?php echo $password_err; ?>
Confirm Password. * <?php echo $confirm_password_err; ?> 
	  <div class="modal-footer">
  	<button type="submit" name="register" class="btn-upper btn btn-primary checkout-page-button" id="submit">Sign Up</button>
	  <a href="#" class="btn btn-secondary" data-dismiss="modal">Close</a>
<?php include('includes/footer.php');?>
#2

Some part of the html were not captured earlier.
Below is the full html code, meanwhile, the usertype will be made visible with roles option for admin, user, merchant. This will only be visible to the admin and only after his successful logon

sign in

Hello, Welcome to your account.

" >
Username * <?php echo $username_err; ?> 
	<div class="form-group">
    	<label class="info-title" for="exampleInputEmail2">Email Address <span>*</span></label>
		<input type="email" name="email" class="form-control <?php echo (!empty($email_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $email; ?>">
            <span class="invalid-feedback"><?php echo $email_err; ?></span>
       	</div>
Mobile No * <?php echo $mobile_err; ?> 
	  </div>
Password. * <?php echo $password_err; ?>
Confirm Password. * <?php echo $confirm_password_err; ?> 
	  <div class="modal-footer">
  	<button type="submit" name="register" class="btn-upper btn btn-primary checkout-page-button" id="submit">Sign Up</button>
	  <a href="#" class="btn btn-secondary" data-dismiss="modal">Close</a>
#3

HUH? ??? So, first, we can not read your PHP code all jumbled together like that.
Please repost it within the code tags or use three back-quotes (tick-marks) at the beginning and end to format it so we can read it.

Now, there are millions of examples of this process all over the world. Here are two that you can read up on. They will give you ideas on how to handle all of these items and once you have your code ready to show, repost it here within tags so we can read it. Hope these tutorials help you.
Login-System-Tutorial
Tutsplus-Login-Form ( This one has templates at the bottom for fancier displays and forms )

#4

if you want help,… please wrap your code in

[ code ] [ /code ] tags (no spaces obviously)

Otherwise…its un-readable. :slight_smile:

#5

Thanks for the response

See code below as you asked to be formated

[code] <?php require (‘includes/config.php’);
include (‘includes/header.php’);
?>

<?php // Define variables and initialize with empty values $username = $password = $mobile = $email = $confirm_password = ""; $username_err = $password_err = $mobile_err = $email_err = $confirm_password_err = ""; // Processing form data when form is submitted if($_SERVER["REQUEST_METHOD"] == "POST"){ // Validate username if(empty(trim($_POST["username"]))){ $username_err = "Please enter a username."; } elseif(!preg_match('/^[a-zA-Z0-9_]+$/', trim($_POST["username"]))){ $username_err = "Username can only contain letters, numbers, and underscores."; } else{ // Prepare a select statement $sql = "SELECT id FROM users WHERE uname = ?"; if($stmt = mysqli_prepare($con, $sql)){ // Bind variables to the prepared statement as parameters mysqli_stmt_bind_param($stmt, "s", $param_username); // Set parameters $param_username = trim($_POST["username"]); // Attempt to execute the prepared statement if(mysqli_stmt_execute($stmt)){ /* store result */ mysqli_stmt_store_result($stmt); if(mysqli_stmt_num_rows($stmt) == 1){ $username_err = "This username is already taken."; } else{ $username = trim($_POST["username"]); } } else{ echo "Oops! Something went wrong. Please try again later."; } // Close statement mysqli_stmt_close($stmt); } } // Validate password if(empty(trim($_POST["password"]))){ $password_err = "Please enter a password."; } elseif(strlen(trim($_POST["password"])) < 6){ $password_err = "Password must have atleast 6 characters."; } else{ $password = trim($_POST["password"]); } // Validate confirm password if(empty(trim($_POST["confirm_password"]))){ $confirm_password_err = "Please confirm password."; } else{ $confirm_password = trim($_POST["confirm_password"]); if(empty($password_err) && ($password != $confirm_password)){ $confirm_password_err = "Password did not match."; } if(empty(trim($_POST["mobile"]))){ $mobile_err = "Please enter your mobile number."; } if(strlen(trim($_POST["mobile"])) < 11){ $mobile_err = "Mobile Number must be 11 digit."; } if(strlen(trim($_POST["mobile"])) > 11){ $mobile_err = "Mobile Number must be 11 digit."; } elseif(!preg_match('/^[0-9]+$/', trim($_POST["mobile"]))){ $mobile_err = "Mobile number not valid."; } else{ $mobile = trim($_POST["mobile"]); } if(empty(trim($_POST["email"]))){ $email_err = "Kindly provide your email Address."; } elseif(!preg_match('/^[a-zA-Z0-9@._]+$/', trim($_POST["username"]))){ $email_err = "Email formatinput error."; } else{ $email = trim($_POST["email"]); } // Check input errors before inserting in database } if(empty($username_err) && empty($password_err) && empty($email_err) && empty($mobile_err) && empty($confirm_password_err)){ // Prepare an insert statement $sql = "INSERT INTO users (uname, email, contactno, password) VALUES (?, ?, ?, ?)"; if($stmt = mysqli_prepare($con, $sql)){ // Bind variables to the prepared statement as parameters mysqli_stmt_bind_param($stmt, "ssss", $param_username, $param_password, $param_mobile, $param_email); // Set parameters $param_username = $username; $param_mobile = $mobile; $param_email = $email; $param_password = password_hash($password, PASSWORD_DEFAULT); // Creates a password hash // Attempt to execute the prepared statement if(mysqli_stmt_execute($stmt)){ // Redirect to login page header("location: login.php"); } else{ echo "Oops! Something went wrong. Please try again later."; } // Close statement mysqli_stmt_close($stmt); } } // Close connection mysqli_close($conn); } ?> 
<form class="register-form outer-top-xs" role="form" method="post" name="register" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" >
Username * <?php echo $username_err; ?> 
	<div class="form-group">
    	<label class="info-title" for="exampleInputEmail2">Email Address <span>*</span></label>
		<input type="email" name="email" class="form-control <?php echo (!empty($email_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $email; ?>">
            <span class="invalid-feedback"><?php echo $email_err; ?></span>
       	</div>
Mobile No * <?php echo $mobile_err; ?> 
	  </div>
Password. * <?php echo $password_err; ?>
Confirm Password. * <?php echo $confirm_password_err; ?> 
	  <div class="modal-footer">
  	<button type="submit" name="register" class="btn-upper btn btn-primary checkout-page-button" id="submit">Sign Up</button>
	  <a href="#" class="btn btn-secondary" data-dismiss="modal">Close</a>
[/code]
#6 
<?php
// Define variables and initialize with empty values 
$username = $password = $mobile = $email = $confirm_password = ""; 
$username_err = $password_err = $mobile_err = $email_err = $confirm_password_err = ""; 

// Processing form data when form is submitted 
if($_SERVER["REQUEST_METHOD"] == "POST") { 
    // Validate username 
    if(empty(trim($_POST["username"]))) {
        $username_err = "Please enter a username.";
    }
}

THIS is readable. YOURS is NOT ! ! !

Sponsor our Newsletter | Privacy Policy | Terms of Service