0

I wanted to create register page for my website, but it gives me db_error when i try to sign up. and isn't inserting this data into table. it connects but gives error when trying to insert data error from error.log:

BlockquotePHP Fatal error: Uncaught mysqli_sql_exception: No data supplied for parameters in prepared statement in /var/www/domain/php/controllers/authController.php:56\nStack trace:\n#0 /var/www/domain/php/controllers/authController.php(56): mysqli_stmt->execute()\n#1 /var/www/panda-dev/php/signup.php(1): require_once('/var/www/domain-...')\n#2 {main}\n thrown in /var/www/domain/php/controllers/authController.php on line 56, referer: https://www.domain . com

/php/signup.php

    <?php

session_start();

require 'config/db.php';

$errors = array();
$username = "";
$email = "";

// if clicks button
if (isset($_POST['signup-btn'])) {
    $username = $_POST['username'];
    $password = $_POST['password'];
    $email = $_POST['email'];
    $passwordConf = $_POST['passwordConf'];

    // validate
    if (empty($username)) {
        $errors['username'] = "Username is required!";
    }
    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
        $errors['email'] = "Email is invalid!";
    }
    if (empty($email)) {
        $errors['email'] = "Email is required!";
    }
    if (empty($password)) {
        $errors['password'] = "Password is required!";
    }
    if ($password !== $passwordConf) {
        $errors['password'] = "Password do not match!";
    }

    $emailQuery = "SELECT * FROM users WHERE email=? LIMIT 1";
    $stmt = $conn->prepare($emailQuery);
    $stmt->bind_param('s', $email);
    $stmt->execute();
    $result = $stmt->get_result();
    $userCount = $result->num_rows;
    $stmt->close();

    if ($userCount > 0) {
        $errors['email'] = "Email already exists!";
    }

    if (count($errors) === 0) {
        $password = password_hash($password, PASSWORD_DEFAULT);
        $token = bin2hex(random_bytes(50));
        $verified = false;

        $sql = "INSERT INTO users (username, password, email, verified, token) VALUES (?, ?, ?, ?, ?)";
        $stmt = $conn->prepare($emailQuery);
        $stmt->bind_param('ssbss', $username, $password, $email, $verified, $token);
        $stmt->execute();

        if ($stmt->execute()) {
            // login user
            $user_id = $conn->insert_id;
            $_SESSION['id'] = $user_id;
            $_SESSION['username'] = $username;
            $_SESSION['email'] = $email;
            $_SESSION['verified'] = $verified;
            // set flash message
            $_SESSION['message'] = "You are now logged in!";
            $_SESSION['alert-class'] = "alert-success";
            header('location: index.php');
            exit();

        } else {
            $errors['db_error'] = "Database error: failed to register";
        }
    }
}

screenshot from mysql table ..................................................................... ......................

obcior
  • 9
  • 3
  • What's the error message? – Neo Feb 09 '21 at 13:46
  • If you printed out the actual error instead of the vague error message, then you would know why the insert statement is failing... – Shadow Feb 09 '21 at 13:48
  • it gives me nothing more than this database error mysql error log is empty – obcior Feb 09 '21 at 13:52
  • Enable error reporting with `mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);` and remove that `if` statement – Dharman Feb 09 '21 at 14:06
  • Side note: why are you specifying the blob type for the email parameter? – El_Vanja Feb 09 '21 at 14:09
  • @Dharman Should I put this at the top of the file? Cause i did that but nothing shows, which if statement? sorry for my mistakes but im really beginner in this. – obcior Feb 09 '21 at 14:32

0 Answers0