mysqli_query not adding user

Question

I'm trying to create a log in feature using PHP and MySQL.

I'm pretty new to back end coding so I'm having some issues. I've checked all other threads on here and nothing has worked.

I am using localhost and I've managed to connect the database I created.

I used this query to create the database and table:

CREATE DATABASE `dbtest` ;
CREATE TABLE `dbtest`.`users` (
`user_id` INT( 5 ) NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`username` VARCHAR( 25 ) NOT NULL ,
`email` VARCHAR( 35 ) NOT NULL ,
`password` VARCHAR( 50 ) NOT NULL ,
UNIQUE (`email`)
) ENGINE = MYISAM ;

Here is my file: dbconnect.php connecting to the database:

<?php
error_reporting(E_ALL); 
ini_set('display_errors', 1);
$servername = "localhost";
$username = "root";
$password = "root";



// Create connection
$conn = new mysqli($servername, $username, $password);
// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
} 

if(!mysqli_select_db($conn, "dbtest"))
{
 die('oops database selection problem ! --> '.mysqli_error());
}
?>

and my registration page:

<?php
session_start();
if(!empty($_SESSION['user']))
{
 header("Location: home.php");
}
include_once 'dbconnect.php';

if(isset($_POST['btn-signup']))
{
 $uname = mysqli_real_escape_string($conn, $_POST['uname']);
 $email = mysqli_real_escape_string($conn, $_POST['email']);
 $upass = md5(mysqli_real_escape_string($conn, $_POST['pass']));
 
 $uname = trim($uname);
 $email = trim($email);
 $upass = trim($upass);
 
 // email exist or not
 $query = "SELECT user_email FROM users WHERE user_email='$email'";
 $result = mysqli_query($conn, $query);
 
 $count = mysqli_num_rows($result); // if email not found then register
 
 if($count == 0){
  
  if(mysqli_query($conn, "INSERT INTO users(user_name,user_email,user_pass) VALUES('$uname','$email','$upass')"))
  {
   ?>
   
   <?php
            echo ("<p style='color:green; text-align:center; font-size:30px'>Successful!: </p>");
  }
  else
  {
   ?>
   
   <?php
            echo ("<p style='color:red; text-align:center; font-size:30px'>Error While Registering you : </p>");
  }  
 }
 else{
   ?>
   <script>alert(' ...');</script>
   <?php
        echo ("<p style='color:red; text-align:center; font-size:30px'>This Email address is already taken: </p>");
 }
 
}
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Registration System</title>
<link rel="stylesheet" href="css/style.css" type="text/css" />

</head>
<body>
<center>
<div id="login-form">
<form method="post">
<table align="center" width="30%" border="0">
<tr>
<td><input type="text" name="uname" placeholder="User Name" required /></td>
</tr>
<tr>
<td><input type="email" name="email" placeholder="Your Email" required /></td>
</tr>
<tr>
<td><input type="password" name="pass" placeholder="Your Password" required /></td>
</tr>
<tr>
<td><button type="submit" name="btn-signup">Sign Me Up</button></td>
</tr>
<tr>
<td><a href="index.php">Sign In Here</a></td>
</tr>
</table>
</form>
</div>
</center>
</body>
</html>

When I try to register a new user, the SQL query gives me the error "Error while registering you" on line 39 of register.php.

Can anyone see why this is? I've been stuck for days now.

I've tried adding $conn, as the first parameter of the queries (similar to line 13 of dbconnect.php as I read somewhere that it should fix it. It didn't so I've removed them for now.

[Ask mysqli what the problem was](http://php.net/manual/de/mysqli.error.php) — tkausl, Jun 25 '16 at 22:09
I know this'll be a really stupid question to you but ... how? — Eli Nathan, Jun 25 '16 at 22:13
Don't disable notices and deprecations. Use `error_reporting(E_ALL); ini_set('display_errors', 1);` always when developing and testing code. You are using `mysqli_query()` incorrectly, and PHP should be complaining about that, but you may not be seeing the error. It takes 2 params, the first of which is your connection object. But since earlier you use it in object style, you should be doing `$conn->query(....)` instead of `mysqli_query(....)` — Michael Berkowski, Jun 25 '16 at 22:13
Now, the problem is that you called `$conn->close()` in `dbconnect.php`, meaning you open the connection then immediately close it so it isn't available later. PHP is reporting an error about that, but you are not displaying errors. There is usually no need to explicitly `$conn->close()`. PHP will do that automatically when the object is no longer used. — Michael Berkowski, Jun 25 '16 at 22:14
I missed at the bottom _I've tried adding $conn, as the first parameter of the queries (similar to line 13 of dbconnect.php as I read somewhere that it should fix it. It didn't so I've removed them for now._ -- either add those back, or more preferably, use the object oriented style `$conn->query($query)` — Michael Berkowski, Jun 25 '16 at 22:22
Thanks for help Michael, appreciate it. I've removed the $conn->close part and added all the second parameters back in. I have error reporting on now and the only error being displayed is: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given. I also tried changing it to $conn->query(...) and no luck — Eli Nathan, Jun 25 '16 at 22:24
I'll come out of the woodworks just for this one; simple: you're not passing db connection to a few of the MySQLi_'s functions. Plus this `if(isset($_SESSION['user'])!="")` is a false positive and is incorrect for syntax. Don't bother pinging me, I won't be offering further help on this. Edit: That answer below, is totally wrong. I also don't know where you got that code, but it looks very familiar as far as syntax goes. — Funk Forty Niner, Jun 25 '16 at 22:44
Thanks Fred, I'll see if I can figure out what you mean by passing database connection to some of my MySQLi_ functions. — Eli Nathan, Jun 25 '16 at 22:49
I'll save you the trouble. Examples: `mysqli_query($connection, $query)` (for all queries) and `mysqli_real_escape_string($connection, $var)` and that `if(isset($_SESSION['user'])!="")` should read as `if(!empty($_SESSION['user']))` or `if(isset($_SESSION['user']) && !empty($_SESSION['user']))` - You have enough now to get your code going. However, I'd look for something more secure like http://stackoverflow.com/a/29778421/1415724 but increase the password length to 255 in order for it to work if you decide to use it. Good luck. — Funk Forty Niner, Jun 25 '16 at 22:57
@MichaelBerkowski In regards to error checking; I've been downvoted quite a few times in the past few weeks by the same guy and Stack won't do squat to help me out. However, they're helping that guy though for reversals/crying. So, I'd keep an eye out for it, should you decide to post an answer for this and that includes error checking/reporting. I've left the OP a comment on how to fix their code here, where I won't be posting one (an answer) It seems that I obviously know nothing about debugging. I've given up on giving answers. — Funk Forty Niner, Jun 25 '16 at 23:03
Thank you Fred! If you're sick of trying to guide me towards the answer then I totally understand! I'm still very confused. All my queries contain a link to the database connection. As do my real escape strings... as far as I can tell anyway. Thanks for the link! I'm just starting out with PHP so I'll learn some good security measures so as not to get into bad habits. Edit: I've added the parameter $conn into all my queries and real escape strings. Thats why you cant see it on the question. But it still doesn't work — Eli Nathan, Jun 25 '16 at 23:08
I'm not sick of "you", it's a long story that doesn't involve you. My comment to Michael up there explains it. and you're welcome. You need to edit your question also so that I can see what you have now. — Funk Forty Niner, Jun 25 '16 at 23:10
Code is updated in the question. Please note: When I manage to get my head around this issue I'll then move on to fix the security. Baby steps... — Eli Nathan, Jun 25 '16 at 23:15
Check for errors against the queries, you may not be doing that. I.e: `or die(mysqli_error($conn))` to all `mysqli_query()`. Your conditional statements may be off also. See one of my answers to see if a row exists http://stackoverflow.com/a/22253579/1415724 and then just pop in the related queries in their place, which is slightly different than what you're using now. Edit: seeing a new answer, checking for errors would have thrown you something about unknown columns. — Funk Forty Niner, Jun 25 '16 at 23:21
One more pending improvement ;), you error echo's produce ... ... because they are echoed before the html body. — lexx9999, Jun 25 '16 at 23:21
Guys thank you all so much! The issue was with the database field names not matching my queries. Alongwith all the other things you mentioned Fred. I've now run into different problems but that something I'll work on myself. — Eli Nathan, Jun 25 '16 at 23:26
@Fred-ii- fascinating. I've not seen anything like that, but haven't been answering in php much. — Michael Berkowski, Jun 25 '16 at 23:29
@MichaelBerkowski Someone's personal vendetta against me and a few others who downvoted one's answer, and were wrong and couldn't "man up" to admit it or take it with a grain of salt. Then he kept going downvoting some of my (very old questions) and answers and my friends' also and telling us that error reporting had no room in the matter (df?). Stack didn't do squat when we alerted them, so I gave up. I occasionally throw in a few comments to help out. Aside from that, I'm done with submitting answers. It's actually a blessing in disguise. — Funk Forty Niner, Jun 26 '16 at 13:47
http://stackoverflow.com/questions/36628418/cleansing-user-passwords — Jay Blanchard, Jun 26 '16 at 17:41
http://jayblanchard.net/proper_password_hashing_with_PHP.html — Jay Blanchard, Jun 26 '16 at 17:47

score 1 · Accepted Answer · answered Jun 25 '16 at 23:17

1

Another problem, database is created with:

`username` VARCHAR( 25 ) NOT NULL ,
`email` VARCHAR( 35 ) NOT NULL ,
`password` VARCHAR( 50 ) NOT NULL ,

But queries use user_email instead of email and user_name instead of username and user_pass instead of password:

SELECT user_email FROM users WHERE user_email=
INSERT INTO users(user_name,user_email,user_pass)

answered Jun 25 '16 at 23:17

lexx9999

736
3
9

Thank you soo much! I'd never have seen that! – Eli Nathan Jun 25 '16 at 23:24

mysqli_query not adding user

1 Answers1