-1

So I am creating a registration form and I am getting a "Undefined variable" error, the full error goes like this:

Notice: Undefined variable: username in C:\xampp\htdocs\phpacademy\cms\admin\signup.php on line 8

Notice: Undefined variable: password in C:\xampp\htdocs\phpacademy\cms\admin\signup.php on line 9

Now first of all my database for the register form goes like this:

Schema Name:cms

Tables:users,articles

Users table:user_id,user_name,user_password

Now for the code I have index.php, connection.php and signup.php Here is the code:

index.php:

        <?php

echo "<form action='signup.php' method='POST'>
      <input type='text' name='username' placeholder='Username'><br>
    <input type='password' name='password' placeholder='Password'><br>
    <button type='submit'>SIGN UP</button>
</form>";
?>

signup.php:

<?php

require 'connection.php';

$statement = $pdo->prepare("INSERT INTO users (username, password)
    VALUES(:username, :password)");
$result = $statement->execute(array(
    "username" => $username,
    "password" => $password
));
$statement = null;

?>

and connection.php:

 <?php

try{
$pdo = new PDO('mysql:host=localhost;dbname=cms', 'root', '');
} catch (PDOException $e) {
 exit('Database error.');
 
}
 if(empty($pdo)) die("pdo variable is empty!");
?>

Now just so you guys know this is index.php is a part of a larger code,also because this is a part of a much bigger file when i put the connection.php in a another folder I get an error of the connection.php couldn't be found, if you guys have any more questions I'll answer them,thank you!

Paul T.
  • 4,703
  • 11
  • 25
  • 29
Crepi
  • 1
  • 2
  • 4
    Possible duplicate of [PHP: "Notice: Undefined variable", "Notice: Undefined index", and "Notice: Undefined offset"](https://stackoverflow.com/questions/4261133/php-notice-undefined-variable-notice-undefined-index-and-notice-undef) – aynber Oct 05 '17 at 20:06
  • You're not showing the correct lines from signup.php so we can't point out the exact issue, but check the dup link. – aynber Oct 05 '17 at 20:07
  • Sorry I do not know what happend i edited the post hope it helps! – Crepi Oct 05 '17 at 20:13

2 Answers2

0

signup.php is doesn't have a value for $username or $password. You need to add $username = $_POST['username'] and the same thing for the password

CptMisery
  • 612
  • 4
  • 15
  • Hi edited my code thanks for help but now I dont get an error but nothing is put into my database:prepare("INSERT INTO users (username, password) VALUES(:username, :password)"); $result = $statement->execute(array( "username" => $username, "password" => $password )); $statement = null; ?> – Crepi Oct 05 '17 at 20:22
  • It looks like your table column names are incorrect. The query is trying to insert into `username`, but your question says the table has `user_name`. You should also turn on the PDO error reporting: https://stackoverflow.com/questions/8776344/how-to-view-query-error-in-pdo-php – CptMisery Oct 05 '17 at 20:34
  • 1
    Solved the issue,the issue was in the INSER INTO users(user_name, user_password) it my rows were not named username and password,thanks for help tho! – Crepi Oct 05 '17 at 20:36
0

Define your variables.

In signup.php

$username = $_POST['username'];

$password = $_POST['password'];

Place this modifications just below the

require('connection.php');

Also do not store passwords in plain text. It's highly unsafe. Use:

password_hash

And

password_verify

EDIT You did not properly bind the placeholders. Also you are accessing the wrong columns. The modified version is below 

$statement = $pdo->prepare("INSERT INTO users (user_name, user_password)
VALUES(:username, :password)");
$result = $statement->execute(array(
":username" => $username, //bind placeholders properly 
":password" => $password  // bind placeholders properly 
));

$statement = null;
Rotimi
  • 4,783
  • 4
  • 18
  • 27
  • I edited the code and now i do not get an error but nothing is entered inside my database :prepare("INSERT INTO users (username, password) VALUES(:username, :password)"); $result = $statement->execute(array( "username" => $username, "password" => $password )); $statement = null; ?> – Crepi Oct 05 '17 at 20:21
  • I'm sorry, what did you actually change in the query itself? I seem to be missing it. EDIT- Nevermind, I see the colons now. Keep in mind @Crepi you could just do `VALUES(?, ?)` and then bind with `execute([$username, $password])`. With PDO I believe this is the way the query is sent to the database either way, and it's easier to read for me. – GrumpyCrouton Oct 05 '17 at 20:25
  • Just the placeholder in the execute function. – Rotimi Oct 05 '17 at 20:25
  • Sorry I still do not get anything in my db @Akintunde prepare("INSERT INTO users (username, password) VALUES(:username, :password)"); $result = $statement->execute(array( ":username" => $username, //bind placeholders properly ":password" => $password )); $statement = null; ?> Maybe there is a problem with my form or connection,I do not know,sorry.... – Crepi Oct 05 '17 at 20:31
  • My bad. I've fixed it. You were accessing the wrong column names. Check out the updated query – Rotimi Oct 05 '17 at 20:36
  • Solved the issue,the issue was in the INSER INTO users(user_name, user_password) it my rows were not named username and password,thanks for help tho! – Crepi Oct 05 '17 at 20:36