PHP Works perfectly fine but SQL Didn't got updated

Question

At first I just follow this youtube tutorial and after I can do it than I start making my own ^^

I've followed this youtube quite precisely, the difference is he used xampp and I used online host, but I tried to calling sql database and it works so I believe the sqli_connection is correct with all the localhost, username, password, and database name

but why when I want to try another one with inputting data there's no error but there's nothing happened on the db even though I refreshed it already? When I tried putting the same code into the sql it works perfectly fine!

Html code

<!DOCTYPE html>
<html>
<head>

</head>
<body>
    <form action="signup.php" method="POST">
        <input type="text" name"first" placeholder="Firstname"><br>
        <input type="text" name"last" placeholder="Lastname"><br>
        <input type="text" name"email" placeholder="E-mail"><br>
        <input type="text" name"uid" placeholder="Username"><br>
        <input type="password" name"pwd" placeholder="Password"><br>
        <button type="submit" name="submit">Sign Up</button>
    </form>
</body>
</html>

Signup PHP Code

<?php
include 'connection.php';

$first = $_POST['first'];
$last = $_POST['last'];
$email = $_POST['email'];
$uid = $_POST['uid'];
$pwd = $_POST['pwd'];

$sql = "INSERT INTO users (user_first, user_last, user_email, user_uid, user_pwd) VALUES ( '$first','$last','$email','$uid','$pwd');";
$result = mysqli_query($conn, $sql);

header("Location: /home.php?signup=success");

`mysql_query` probably returns `false` then. Also, your query is prone to SQL injection attacks. Look into prepared statements. — Jeto, Apr 18 '20 at 06:56
Hi! Yes I know this is prone to SQL Injection and the guy already talk about that and will teach it on the next video, but I still haven't got this working so I still wondering whats wrong — Kelvin Marcellino, Apr 18 '20 at 06:57
Try checking the value of `$result` (using `var_dump`). If it's `false`, try printing `mysqli_error()` (just for debugging purposes or logging, don't print it to the user, though if it's just an exercise it doesn't really matter). — Jeto, Apr 18 '20 at 06:59
Oh well, missed that typo. Probably the reason for your query failing, but doesn't hurt to always check the return values and log errors anyway. — Jeto, Apr 18 '20 at 07:06
You should also look into using [`password_hash()`](https://stackoverflow.com/questions/30279321/how-to-use-phps-password-hash-to-hash-and-verify-passwords) rather than plain text passwords. — Nigel Ren, Apr 18 '20 at 07:08
**Never store passwords in clear text or using MD5/SHA1!** Only store password hashes created using PHP's [`password_hash()`](https://php.net/manual/en/function.password-hash.php), which you can then verify using [`password_verify()`](https://php.net/manual/en/function.password-verify.php). Take a look at this post: [How to use password_hash](https://stackoverflow.com/q/30279321/1839439) and learn more about [bcrypt & password hashing in PHP](https://stackoverflow.com/a/6337021/1839439) — Dharman, Apr 18 '20 at 12:11
Does this answer your question? [mysqli\_fetch\_assoc() expects parameter / Call to a member function bind\_param() errors. How to get the actual mysql error and fix it?](https://stackoverflow.com/questions/22662488/mysqli-fetch-assoc-expects-parameter-call-to-a-member-function-bind-param) — Dharman, Apr 18 '20 at 12:12

A l w a y s S u n n y · Answer 1 · 2020-04-18T07:13:25.273

1

Seems you've missed the = sign on your HTML form, that's why the form submitted values are available on $_POST array and in the long run, your SQL is not working.

Note: Add this line top of your PHP file, then you'll get the errors.

// Report all errors
error_reporting(E_ALL);
ini_set("display_errors", 1);

All of the below variables are missing,

$first = $_POST['first'];
$last = $_POST['last'];
$email = $_POST['email'];
$uid = $_POST['uid'];
$pwd = $_POST['pwd'];

Modified HTML,

<body>
    <form action="signup.php" method="POST">
        <input type="text" name="first" placeholder="Firstname"><br>
        <input type="text" name="last" placeholder="Lastname"><br>
        <input type="text" name="email" placeholder="E-mail"><br>
        <input type="text" name="uid" placeholder="Username"><br>
        <input type="password" name="pwd" placeholder="Password"><br>
        <button type="submit" name="submit">Sign Up</button>
    </form>
</body>

edited Apr 18 '20 at 07:13

answered Apr 18 '20 at 07:01

A l w a y s S u n n y

36,497
8
60
103

Hi yes I might say I'm totally ashamed that I missed the = on that one :(, but is still not updating even though the header of the website already changed :/ any reason why? – Kelvin Marcellino Apr 18 '20 at 07:09
1

Small note: `error_reporting` will not display the errors to the output unless `display_errors` is enabled, which it might not be depending on PHP's configuration. It's okay to enable that during development. – Jeto Apr 18 '20 at 07:09
uhhh error_reporting? I don't know where is that, but I will look it up and head back here again! – Kelvin Marcellino Apr 18 '20 at 07:11
@KelvinMarcellino have a look here: https://www.php.net/manual/en/function.error-reporting.php – A l w a y s S u n n y Apr 18 '20 at 07:12
@AlwaysSunny that is really useful! And there's a lot of wrong going on x-x, I will chec it one by one' but most importantly why does it says `Access denied for user 'xxxxxxx'@'localhost' (using password: NO)` – Kelvin Marcellino Apr 18 '20 at 07:32

PHP Works perfectly fine but SQL Didn't got updated

1 Answers1