1

I have an app that lets users register and saves their data to a web server however I'm having trouble accessing the users saved data after they have registered. What I want to do is let them register and after that they can then update more information about themselves, here is my register class php file that is called from within the app.

<?php
$con = mysqli_connect("xxx", "xxx", "xxx", "xxx");


    $username = $_POST["username"];
$password = $_POST["password"];
$statement = mysqli_prepare($con, "INSERT INTO user (username, password) VALUES (?, ?)");
mysqli_stmt_bind_param($statement, "ss", $username, $password);
mysqli_stmt_execute($statement);

$response = array();
$response["success"] = true;  

print_r(json_encode($response));
?>

This works fine and saves the username and password into a new user on my webserver. Once they have logged in how would I go about inputting new data into their specific entry in the webserver. Any pointers?

shead
  • 45
  • 1
  • 6
  • 1
    Look at the SQL [`UPDATE`](http://dev.mysql.com/doc/refman/5.7/en/update.html) statement. – Chris Apr 24 '16 at 20:41
  • Quoting ` here is my register class php file that is called from within the app.` I don't see any class. – frz3993 Apr 24 '16 at 20:42
  • Passwords should be hashed, plained text passwords are bad practice. http://php.net/manual/en/function.password-hash.php http://stackoverflow.com/questions/401656/secure-hash-and-salt-for-php-passwords – chris85 Apr 24 '16 at 20:47
  • It's only temporary whilst I build up the app, those links have been invaluable. Thanks. – shead Apr 25 '16 at 00:45

1 Answers1

0

you must execute() the result and the result is your connection prepare.

edit your code to this

first create function :

function saveUser($username, $password) {
    $cp = $this->conn->prepare("INSERT INTO user(username, password) VALUES(?, ?)");
    $cp->bind_param("ss",  $username, $password);
    $result = $cp->execute();
    $cp->close();
    if ($result) {
        $cp= $this->conn->prepare("SELECT * FROM user WHERE username = ?");
        $cp->bind_param("s", $username);
        $cp->execute();
        $user = $cp->get_result()->fetch_assoc();
        $cp->close();

        return $user;
    } else {
        return false;
    }}

and one of your mistakes is returning your result or $user

Then you can call this class or function like this :

    $user = saveUser($name, $email, $password, $phone);
    if ($user) {
        $response["error"] = FALSE;
        $response["uid"] = $user["unique_id"];
        $response["user"]["name"] = $user["name"];
        $response["user"]["email"] = $user["email"];
        $response["user"]["phone"] = $user["phone"];
        $response["user"]["password"] = $user["password"];
        $response["user"]["created_at"] = $user["created_at"];
        $response["user"]["updated_at"] = $user["updated_at"];
        echo json_encode($response);
    }
Diyako
  • 651
  • 1
  • 9
  • 24