I have seen a few other questions about this problem but I believe mine to be unique. I am processing a form and am relatively new to PHP and PDO so do not have the best debugging skills. I believe that my query's are wrong, as when I press the submit button on my form it just throws up a blank page with no error messages (even though I have error reporting on).
I started writing this in MySqli but then had to scrap it as it was not working and I needed to easily have variables inside my Insert statements. Here is my code
error_reporting(-1);
require 'scripts/PasswordHash.php';
$username = $name = $email = $password = $gender = $age = '';
$query = FALSE;
$dbh = new PDO('mysql:host=localhost;dbname=some_database;charset=utf8', 'some_user', 'some_password');
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
//Logic
if (empty($_POST['age'])) {
$errors[] = 'Please enter your age';
}
if (empty($_POST['gender'])) {
$errors[] = 'Please select your gender';
}
if ($_POST['password'] != $_POST['passwordRep']) {
$errors[] = 'You did not repeat your password properly';
}
if (empty($_POST['password'])) {
$errors[] = 'Please enter a password';
}
if (empty($_POST['email'])) {
$errors[] = 'Please enter your email in this format : xxxxx@xxx.xxx or xxxxx@xxx.xx.xx';
}
if (empty($_POST['name'])) {
$errors[] = 'Please enter your name';
}
if (check("username", $_POST['username']) == TRUE) {
$errors[] = 'That username already exists';
}
if (check("email", $_POST['email']) == TRUE) {
$errors[] = 'That username already exists';
}
if (empty($_POST['username'])) {
$errors[] = 'Please enter a username';
}
if (empty($errors)) {
$username = trim($_POST['username']);
$name = trim($_POST['name']);
$email = trim($_POST['email']);
$password = PassHash::hash($_POST['password']);
$gender = trim($_POST['gender']);
$age = trim($_POST['age']);
$date = date("Y-m-d H:i:s");
$hash = md5( rand(0,1000) );
insert();
}
}
function insert() {
try {
//connect as appropriate as above
$sql= "INSERT INTO users VALUES(:username, :password, :name, :email, :date, :age, :gender, :hash)";
$stmt = $dbh->prepare($sql);
$stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->bindParam(':password', $password, PDO::PARAM_STR);
$stmt->bindParam(':name', $name, PDO::PARAM_STR);
$stmt->bindParam(':email', $email, PDO::PARAM_STR);
$stmt->bindParam(':date', $date, PDO::PARAM_STR);
$stmt->bindParam(':age', $age, PDO::PARAM_STR);
$stmt->bindParam(':gender', $gender, PDO::PARAM_STR);
$stmt->bindParam(':hash', $hash, PDO::PARAM_STR);
$stmt->execute();
$query = TRUE;
require 'scripts/sendEmailVerify.php';
} catch(PDOException $ex) {
echo "An Error occured!"; //user friendly message
echo ($ex->getMessage());
}
}
function check($field, $input) {
try {
$sql= "SELECT :field FROM users WHERE :field = :input";
$stmt = $dbh->prepare($sql);
$stmt->bindParam(':field', $field, PDO::PARAM_STR);
$stmt->bindParam(':input', $input, PDO::PARAM_STR);
$stmt->execute();
$row_count = $stmt->rowCount();
if ($row_count > 0) {
return TRUE;
} else {
return FALSE;
}
} catch(PDOException $ex) {
echo "An Error occured!"; //user friendly message
echo ($ex->getMessage());
}
}
I think it may be that I have the query's happening in functions (although I do not know). I have run this code through PHP code checker (http://phpcodechecker.com/) and it is fine so I don't think it is my syntax! Thanks,
Nick
EDIT: I have located the error thanks to the links about debugging!
