500 Internal Server Error with Javascript AJAX POST on Cpanel

Question

I get the following errors when trying to register a user at my web page:

Failed to load resource: the server responded with a status of 500 (Internal Server Error)

^ Pointing towards PHP file with the registration script

And Internal Server Error pointing at the following script:

 $("#login-submit").on('click', function () {
    $.ajax({
      url: 'ext/login_process.php',
      type: "POST",
      data: $("#login-form").serialize(),
      success: function (result) {
        if (result === "done") {
          window.location.href = "index.php";
        } else {
          var elementExists = document.getElementById("msg-default");
          if (elementExists !== null) {
            document.getElementById("msg-default").innerHTML = "";
          }
          document.getElementById("err-msg").innerHTML = "<div class = 'alert alert-danger text-uppercase'><strong>Error!&nbsp;</strong>" + result + "</div></div>";
        }

      },
      error: function (xhr, resp, text) {
        console.log(xhr, resp, text);
      }
    });

  });

The error occurs when pressing the register button. It works as normal if the username is already taken, then that message is displayed as it should.

The HTML:

<form name="register-form" id="register-form" method="POST">
                        <h5 class="text-center">Register</h5>
                        <div class="form-group">
                            <input type="text" class="form-control" placeholder="Username" name="username" required>
                        </div>
                        <div class="form-group">
                            <input type="password" class="form-control" placeholder="Password" name="password" required>
                        </div>
                        <div class="form-group">
                            <input type="password" class="form-control" placeholder="Repeat password" name="c-password" required>
                        </div>
                        <div class="form-group">
                            <label>I am...</label>
                            <div class="radio">
                                <label><input type="radio" name="position" checked value="s">&nbsp;Student</label>
                            </div>
                            <div class="radio">
                                <label><input type="radio" name="position" value="t">&nbsp;Teacher</label>
                            </div>
                        </div>
                        <div class="err-msg" id="err-msg"></div>
                    </form>
                    <button id="register-submit" class="btn btn-success">Senda</button>

PHP:

$username = trim(preg_replace('/\s+/', ' ', htmlspecialchars($_POST["username"])));
$password = htmlspecialchars($_POST["password"]);                                       // Do not trim the password, let the user input whatever they desire
$confirmPssword = htmlspecialchars($_POST["c-password"]);                               // Do not trim the password, let the user input whatever they desire
$position = trim(preg_replace('/\s+/', ' ', htmlspecialchars($_POST["position"])));

if (empty($username))
{
    echo "Invalid username!";
} else
if (empty($password))
{
    echo "Invalid password!";
} else
if ($confirmPssword != $password)
{
    echo "Password/Confirm Password didn't match!";
} else {
    $sql = get_user_details($username);
    $result = $conn->query($sql);

    if ($result)
    {
        if ($result->num_rows > 0)
        {
            $result->close();
            echo "username is already registered";
        } else {
            // Generate a new random salt
            $salt = '$1$' . substr(strtr(base64_encode(random_bytes(32)), '+', '.'), 0, 8) . '$';

            // Generate the MD5 hashed password
            $cryptedPassword = crypt($password, $salt);

            $sql = add_user($username, $cryptedPassword, $position);
            if ($conn->query($sql))
            {
                echo "done";
            } else {
                echo "please refresh the page and try again";
            }
        }
    } else {
        echo "please refresh the page and try again";
    }

    $conn->close();
}

I am using this: https://code.jquery.com/jquery-3.1.1.min.js

Where can I get more specific information about the error on cpanel?

The network tab:

Server  
nginx/1.14.1
Date    
Mon, 24 Jun 2019 14:44:51 GMT
Content-Type    
text/html; charset=UTF-8
Content-Length  
0
Connection  
keep-alive
Expires 
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control   
no-store, no-cache, must-reval…te, post-check=0, pre-check=0
Pragma  
no-cache
Request headers (542 B) 
Host    
(WEBSITE)
User-Agent  
Mozilla/5.0 (Windows NT 10.0; …Firefox/56.0 Waterfox/56.2.11
Accept  
*/*
Accept-Language 
en-US,en;q=0.5
Accept-Encoding 
gzip, deflate
Referer 
http://(WEBSITE)/register.php
Content-Type    
application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With    
XMLHttpRequest
Content-Length  
53
Cookie  
PHPSESSID=v1qp6qo01igqlho8668sch2mu5
Connection  
keep-alive
Pragma  
no-cache
Cache-Control   
no-cache

Nothing is displayed under "Response"

Server error means it's an issue with your PHP, not your HTML or JS. Please share your PHP code. — frobinsonj, Jun 24 '19 at 14:59
A 500 error is a generic error message and covers pretty much every single thing that can go wrong with a script. Check your server error logs to find out the exact error message. — aynber, Jun 24 '19 at 14:59
Your error is coming from `ext/login_process.php`, not any of the code you showed us. As such, the only valid tag on your question is `php`, which you don't actually show any code for. — GrumpyCrouton, Jun 24 '19 at 15:00
You shouldn't use `htmlspecialchars()` in this case. It could mean that a user's username and/or password changes (they won't be able to login). `htmlspecialchars()` is used for outputting a user input on a page. You should also use [`password_hash()`](https://www.php.net/manual/en/function.password-hash.php) in place of `crypt()` (encouraged in PHP docs). Without your error (check logs as advised above), it's just a guessing game. I can't see any syntax errors. — frobinsonj, Jun 24 '19 at 15:06
I am not sure how to check the errors, in cpanel nothing is showing up under Metric > Errors — Sandra, Jun 24 '19 at 15:13
See [How do I get PHP errors to display?](https://stackoverflow.com/questions/1053424/how-do-i-get-php-errors-to-display) to display errors on the page — frobinsonj, Jun 24 '19 at 15:15
If you're calling that PHP script with Ajax, you'll need to open your Browser's "Inspector" and view the response on the Network tab. — CD001, Jun 24 '19 at 15:31
@aynber Although the question has `Where can I get more specific information about the error`, the question is still about the error with his code, not getting the error to display. — frobinsonj, Jun 24 '19 at 15:32
@frobinsonj The OP will need to know the error in order to fix the code, but they're just getting the generic 500 error. Once they get errors to display, they can figure out what is wrong with the code, since it's not an obvious issue. — aynber, Jun 24 '19 at 15:47
@aynber Fair enough, looks like OP has sorted it now anyhow :) — frobinsonj, Jun 24 '19 at 15:48

score 0 · Answer 1 · answered Jun 24 '19 at 15:45

0

Well, it works now anyhow. I just changed the PHP version from the default 5.6 to 7.0..

answered Jun 24 '19 at 15:45

Sandra

149
1
2
10

Glad you got it working. I would still recommend that you follow the advice I provided in the comments above. Also, don't forget to use [prepared statements](https://www.php.net/manual/en/mysqli.quickstart.prepared-statements.php) to prevent SQL injection. Happy coding :) – frobinsonj Jun 24 '19 at 15:47
I'll be checking it, thank you so much! – Sandra Jun 24 '19 at 15:57

500 Internal Server Error with Javascript AJAX POST on Cpanel

1 Answers1