Data is not showing up in database after "succesful" registration

Question

Hey so I've followed a tutorial on how to create a functional registration system with php and all the code seems to work just fine, however the data I input in my registration form doesn't show up in my database even though the script gives me the output that I have successfully registered. Does anyone know a solution to this?

<?php
// Connect to the db
$DATABASE_HOST = 'localhost';
$DATABSE_USER = 'root';
$DATABSE_PASS = '';
$DATABSE_NAME = 'phplogin';
// Try to connect
$con = mysqli_connect($DATABASE_HOST, $DATABSE_USER, $DATABSE_PASS, $DATABSE_NAME);
if(mysqli_connect_errno()) {
    //If there is an error stop the script and display the error
    exit('Failed to connect to MySQL: '. mysqli_connect_error());
}
//check if the data already exists
if (!isset($_POST['username'], $_POST['password'], $_POST['email'])) {
    //Could not get the data that should have been sent
    exit('Please register first');
}
//Submitted registration values are not empty
if (empty($_POST['username']) || empty($_POST['password']) || empty($_POST['email'])) {
    //if empty exit the script
    exit('Please complete the register form');
}
//check if the username has been used already
if ($stmt = $con->prepare('SELECT id, password FROM accounts WHERE username = ?')) {
    //encrypt password
    $stmt->bind_param('s', $_POST['username']);
    $stmt->execute();
    $stmt->store_result();

//store the results to be able to check the db
if ($stmt->num_rows > 0) {
    //username already exists
    echo 'Username already used';
} else {
    //Insert new account
    if ($stmt = $con->prepare('INSERT INTO accounts (username, password, email) VALUES (?, ?, ?)')) {
        //hash the password and use password_verify
        $password = password_hash($_POST['password'], PASSWORD_DEFAULT);
        $stmt->bind_param('sss', $_POST['username'], $password, $POST['email']);
        $stmt->execute();
        echo 'You have succesfully registered, you can now login';
    }}
    $stmt->close();
} else {
    //Something wrong with the sql statement
    echo 'Could not prepare Statement!';
}

$con->close();
?>

read the docu? https://www.php.net/manual/en/mysqli.errno.php https://www.php.net/manual/en/mysqli.error.php https://www.php.net/manual/en/mysqli.error-list.php — Honk der Hase, May 27 '20 at 08:06
@LarsStegelitz They are useless. You should enable error reporting instead of manually checking each function call. If you have error reporting enable these error messages will be reported to you automatically. — Dharman, May 27 '20 at 11:54
No, database errors are not reported by PHP, you'd have to explicitly ask for them... or you'd use PDO, it introduced exceptions... — Honk der Hase, May 27 '20 at 12:10

AlwaysConfused · Answer 1 · 2020-05-27T09:12:20.320

-2

It is very good practise to add error checking to your code when developing. An easy way to this is to add this at the top of your php page inside php code tags to at least echo errors out on your page -

error_reporting(E_ALL);
ini_set('display_errors', 1);

Your code should look like this, should return a record. If you had error reporting on, it would have told you where the errors are -

// Connect to the db
$DATABASE_HOST = 'localhost';
$DATABSE_USER = 'root';
$DATABSE_PASS = '';
$DATABSE_NAME = 'phplogin';
// Try to connect
$con = mysqli_connect($DATABASE_HOST, $DATABSE_USER, $DATABSE_PASS, $DATABSE_NAME);

if(mysqli_connect_errno()) {
    //If there is an error stop the script and display the error
    exit('Failed to connect to MySQL: '. mysqli_connect_error());
}

//check if the data already exists
if (!isset($_POST['username']) || !isset(['password']) || !isset($_POST['email'])) {
    //Could not get the data that should have been sent
    exit('Please register first');
} else {
    //check if the username has been used already
    if ($stmt = $con->prepare('SELECT id, password FROM accounts WHERE username = ?')) {
        //encrypt password
        $stmt->bind_param('s', $_POST['username']);
        $stmt->execute();
        $stmt->store_result();

        //username already exists
        echo 'Username already used';
    } else {
        //Insert new account
        if ($stmt = $con->prepare('INSERT INTO accounts (username, password, email) VALUES (?, ?, ?)')) {
            //hash the password and use password_verify
            $password = password_hash($_POST['password'], PASSWORD_DEFAULT);
            $stmt->bind_param('sss', $_POST['username'], $password, $POST['email']);
            $stmt->execute();
            echo 'You have succesfully registered, you can now login';
        } else {
            echo 'Data not inserted...';
        }
    }
    $stmt->close();
}

$con->close();

edited May 27 '20 at 09:12

answered May 27 '20 at 08:10

AlwaysConfused

450
4
13

I added the error reporting code. It doesn't output anything though. If I delete one of the curly brackets I then get the parse error of an unexpected ending. – dux May 27 '20 at 08:16
Use my code above, I have already corrected it. – AlwaysConfused May 27 '20 at 08:20
The if construct for checking if the username has been used already then doesn't have a closing bracket so I still get the parse error of an unexpected ending and if I add the bracket I'm back at where I started. – dux May 27 '20 at 08:23
I have edited my answer, please see if this - echo 'Data not inserted...'; - is returned. Also see that I added var_dump for $stmnt, please see what it returns. – AlwaysConfused May 27 '20 at 08:46
This is what it puts out : You have succesfully registered, you can now login object(mysqli_stmt)#3 (10) { ["affected_rows"]=> int(-1) ["insert_id"]=> int(0) ["num_rows"]=> int(0) ["param_count"]=> int(3) ["field_count"]=> int(0) ["errno"]=> int(1048) ["error"]=> string(29) "Column 'email' cannot be null" ["error_list"]=> array(1) { [0]=> array(3) { ["errno"]=> int(1048) ["sqlstate"]=> string(5) "23000" ["error"]=> string(29) "Column 'email' cannot be null" } } ["sqlstate"]=> string(5) "23000" ["id"]=> int(2) } – dux May 27 '20 at 08:51
1

Your code is incorrect - too many if statements – Your Common Sense May 27 '20 at 08:57
@YourCommonSense, posters code used as above – AlwaysConfused May 27 '20 at 09:02
1

But you ventured to fix it. – Your Common Sense May 27 '20 at 09:03
Correct, which I do apologise for, will edit code now. @dux, your answer is in the dump, your e-mail has no value - Column 'email' cannot be null – AlwaysConfused May 27 '20 at 09:04
@dux, I have changed code completely, thank you YourCommonSense, it checks for each return post variable, many if statements removed. – AlwaysConfused May 27 '20 at 09:13
I changed my code using yours however I now get a Fatal error in line 20: Cannot use isset() on the result of an expression (you can use "null !== expression" instead) – dux May 27 '20 at 09:23
Please read: [Should we ever check for mysqli_connect() errors manually?](https://stackoverflow.com/q/58808332/1839439) – Dharman May 27 '20 at 10:22

Data is not showing up in database after "succesful" registration

1 Answers1