Simple registration form using html, MySQL and php

Question

I am creating a simple registration form, I have created all files needed to make complete form registration and login. registration should have Firstname, Lastname, username and password, I have tested with two parameters meaning username and password my codes works perfectly but when I add more parameters eg Firstname and Lastname I get error: Fatal error: Cannot use isset() on the result of an expression

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Registration</title>
<link rel="stylesheet" href="css/style.css" />
</head>
<body>
<?php
#include database connection files
require('db.php');

//inserting data to our database
// If form submitted, insert values into the database.
if(!isset($_REQUEST['username'] || $_REQUEST['Firstname'] || $_REQUEST['Lastname'])){
        // removes backslashes
    $username = stripslashes($_REQUEST['username']);
        //escapes special characters in a string
    $username = mysqli_real_escape_string($con,$username); 

    $Firstname = stripslashes($_REQUEST['Firstname']);
    $Firstname = mysqli_real_escape_string($con,$Firstname);

    $Lastname = stripslashes($_REQUEST['Lastname']);
    $Lastname = mysqli_real_escape_string($con,$Lastname);

    $email = stripslashes($_REQUEST['email']);
    $email = mysqli_real_escape_string($con,$email);
    $password = stripslashes($_REQUEST['password']);
    $password = mysqli_real_escape_string($con,$password);
    $trn_date = date("Y-m-d H:i:s");

        $query = "INSERT into `users` (username, Firstname, Lastname, password, email, trn_date)
VALUES ('$username',Firstname,Lastname, '".md5($password)."', '$email', '$trn_date')";
        $result = mysqli_query($con,$query);
        if($result){
            echo "<div class='form'>
<h3>You are registered successfully.</h3>
<br/>Click here to <a href='login.php'>Login</a></div>";
        }
    }
    else{
?>
<div class="form">
<h1>Registration</h1>
<form name="registration" action="" method="post">
<input type="text" name="Firstname" placeholder="Firstname" required/>
<input type="text" name="Lastname" placeholder="Lastname" required/>
<input type="text" name="username" placeholder="Username" required />
<input type="email" name="email" placeholder="Email" required />
<input type="password" name="password" placeholder="Password" required />
<input type="submit" name="submit" value="Register" />
</form>
</div>
<?php } ?>
</body>
</html>

Unfortunately, I can't figure it out , what is wrong with my code?

Follow the answer submitted, but also submit a blank form and dump_var($_REQUEST) You should see that even on empty fields that they are "set" you will need to do more checks that the form was filled in before trying to process the form for entry into the database. — CodingInTheUK, Jan 14 '17 at 02:40
Further more having read the answer below again, || means that if any of them are set (which they will be if the field is in the form), then the process will go ahead, just comes back to checking, I would instead consider !empty() and make it && instead of || — CodingInTheUK, Jan 14 '17 at 02:44

score 2 · Answer 1 · answered Jan 14 '17 at 02:33

2

Haven't done PHP in a while, but my guess is that you need to change this:

if(!isset($_REQUEST['username'] || $_REQUEST['Firstname'] || $_REQUEST['Lastname'])){

with this:

if(!isset($_REQUEST['username']) || !isset($_REQUEST['Firstname']) || !isset($_REQUEST['Lastname'])){

actually you probably want the opposite of that, given that you want to only save if all the data is available right?

answered Jan 14 '17 at 02:33

Roger Cracel

151
7

Exactly That is what I was missing, thank you, works perfectly now. – Jefferson X Masonic Jan 14 '17 at 02:48
Glad I could be of help, please don't forget the accept the answer if it answers your question! – Roger Cracel Jan 14 '17 at 02:50

Simple registration form using html, MySQL and php

1 Answers1