0

I am working on a college project where I have to build a time-table management system. When I ask the user for his/her credentials for the signup system. The PHP/MySql code says that it successfully added the data into the 'students' table but when I look at the table no data has been inserted. Could someone let me know what's wrong here? Here's the code below:-


<?php

    if(isset($_POST['signup'])){

        require_once('connection.php');

        $username = $_POST['name'];
        $email = $_POST['mail'];
        $phone = $_POST['num'];
        $password = $_POST['pwd'];
        $guard = $_POST['guard'];
        $schoolName = $_POST['school-name'];
        $schoolId = $_POST['school-id'];
        $roll = $_POST['roll'];
        $class = $_POST['class'];
        $room = $_POST['room'];

        if(!filter_var($email, FILTER_VALIDATE_EMAIL)){
            header("Location: ../signup?error=invalidemail&username=".$username);
            exit();
        } else if(!preg_match("/^[a-zA-Z0-9]*$/", $username)){
            header("Location: ../signup?error=invaliduid&email=".$email);
            exit();
        } else if(!filter_var($email, FILTER_VALIDATE_EMAIL) && !preg_match("/^[a-zA-Z0-9]*$/", $username)){
            header("Location: ../signup?error=invalidemailusername");
            exit();
        } else {

            $sql = "SELECT full_name FROM students WHERE full_name=?";
            $stmt = mysqli_stmt_init($conn);

            if(!mysqli_stmt_prepare($stmt, $sql)){
                header("Location: ../signup?error=sqlerror");
                exit();
            } else {
                mysqli_stmt_bind_param($stmt, "s", $username);
                mysqli_stmt_execute($stmt);
                mysqli_stmt_store_result($stmt);
                $resultCheck = mysqli_stmt_num_rows($stmt);
                if($resultCheck > 0){
                    header("Location: ../signup?error=invaliduid&email=".$email);
                    exit();
                } else {

                    $sql = "INSERT INTO students (roll_no, full_name, mail_id, pwd, class_name, class_room, school_name, school_id, guardian_name, phone_no) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
                    $stmt = mysqli_stmt_init($conn);
                    if(!mysqli_stmt_prepare($stmt, $sql)){
                        header("Location: ../signup?error=sqlerror");
                        exit();
                    } else{
                        $hashedPwd = password_hash($password, PASSWORD_DEFAULT);
                        mysqli_stmt_bind_param($stmt, "ssssssssss", $roll, $username, $email, $hashedPwd, $class, $room, $schoolName, $schoolId, $guard, $phone);
                        mysqli_stmt_execute($stmt);
                        header("Location: ../index.php?signup=success");
                        exit();
                    }

                }
            }
        }
            mysqli_stmt_close($stmt);
            mysqli_close($conn);
    }
    else {
        header("Location: ../signup.php");
        exit();
    }
?>

Just a side note, The form is step-based but I do not think that is the actual culprit behind this. Anyways here is the form below:-


<form action="PHP/signup.inc.php" method="POST" class="signup">

                    <div class="personal">
                        <div class="name">Full Name:</div>
                        <input type="text" id="name" name="name">
                        <div class="phone">Phone number:</div>
                        <input type="number" name="num" id="num">
                        <div class="mail">E-mail: </div>
                        <input type="email" name="mail" id="mail">
                        <div class="pass">Password: </div>
                        <input type="password" name="pwd" id="pwd">
                        <div class="class">Class:</div>
                        <input type="text" placeholder="5-A, 6-B(format)" id="cls" name="class">
                    </div>
                    <div class="category">
                        <div class="school-info-student">
                            <div class="guardians">Guardian Name:</div>
                            <input type="text" name="guard" id="guard">
                            <div class="school-name">School Name:</div>
                            <input type="text" name="school-name" id="schoolname1">
                            <div class="school-id">School-ID:</div>
                            <input type="text" name="school-id" id="schoolid1">        
                        </div>
                    </div>    
                    <div class="add-info">
                        <div class="class-info">
                            <div class="roll-no">Roll number:</div>
                            <input type="number" name="roll" id="roll">
                            <div class="class-num">Room-Number:</div>
                            <input type="text" name="room" id="room">
                        </div>
                    </div>
                    <div class="thank-you">
                        <h4 class="msg">Thank you for signing up for the web app. You will be redirected shortly.</h4>
                    </div>
                    <div class="login">
                        <div class="log"><a href="#">Already have an account? Log in.</a></div>
                        <button type="button" class="btn2">Prev</button>
                        <button type="button" class="btn1">Next</button>
                        <button type="submit" name="signup" class="btn3">Submit</button>
                    </div>
                </form>
ADyson
  • 57,178
  • 14
  • 51
  • 63
Davis Johnson
  • 99
  • 7
  • 1
    `The PHP/MySql code says that it successfully added`...does it? I don't see where you check that mysql said that. You're redirecting to `header("Location: ../index.php?signup=success");` but that's _your_ message that you added. It's not something generated by mysqli or mysql. You check the status of `mysqli_stmt_prepare` but not of `mysqli_stmt_bind_param` or `mysqli_stmt_execute`. – ADyson Nov 19 '20 at 15:56
  • have you enabled error and warning logging in PHP? Have you enabled mysqli to trigger PHP errors when SQL problems occur? If not, please do so, re-run your code, and look in the log file to see what is reported. These guides can help you set it up, if you need to: https://stackify.com/php-error-logs-guide/ (php error logging/reporting) https://stackoverflow.com/a/14578644/5947043 (mysqli exception handling). It will also save you all those awkward `if` statements checking the status of every stage of the query preparation. – ADyson Nov 19 '20 at 15:57
  • Have you checked that you also `commited` your data? Otherwise it will not be visable in other sessions. – Yannik Suhre Nov 19 '20 at 16:02
  • 1
    You're not doing any error checking on `mysqli_stmt_execute()`. Start by doing some logging. – Ro Achterberg Nov 19 '20 at 16:02
  • 1
    @YannikSuhre transactions are not being used here, so that shouldn't be a concern. – ADyson Nov 19 '20 at 16:15
  • 1
    FYI, those videos from Dani Krossing was the worst source you could have chosen. Dude knows no programing at all you your current problem is a direct consequence. Better stick to the books. – Your Common Sense Nov 19 '20 at 16:20

0 Answers0