-3

I know my code looks bad, but I just started using PHP. I can't fix the problem and I have been looking online for hours.

    $sql = "INSERT INTO user (username, pass) VALUES ('$username', '$pass')"; 
    $sql_check = "SELECT * FROM user WHERE username = '$username'";
    $res = $conn->query($sql);
    $res_check = $conn->query($sql_check);


    if ($res_check->num_rows > 0) {
        $melding = "Gebruikersnaam is al in gebruik";  
    } else if($res) {
        $melding =  "Gebruiker geregistreerd";
    } else {
        $melding =  "Gebruiker niet geregistreerd";
    }
Timo
  • 11
  • 4
  • Do you get any errors from database? Do you have unique index on some column? – Justinas Mar 31 '21 at 10:47
  • nope, I have not seen any errors. – Timo Mar 31 '21 at 10:49
  • 1
    You are not _checking_ for any errors. You won’t get any by default, unless you have configured your database connection to throw exceptions in case of an error, or your explicitly _ask_ the database, if there was an error. (Both been explained numerous times already, so please do a bit of research, if this doesn’t ring any bells with you yet.) – CBroe Mar 31 '21 at 10:51
  • **Never store passwords in clear text or using MD5/SHA1!** Only store password hashes created using PHP's [`password_hash()`](https://php.net/manual/en/function.password-hash.php), which you can then verify using [`password_verify()`](https://php.net/manual/en/function.password-verify.php). Take a look at this post: [How to use password_hash](https://stackoverflow.com/q/30279321/1839439) and learn more about [bcrypt & password hashing in PHP](https://stackoverflow.com/a/6337021/1839439) – Dharman Mar 31 '21 at 11:51
  • If you are only starting to learn PHP then you should learn PDO instead of mysqli. PDO is much easier and more suitable for beginners. Start here https://phpdelusions.net/pdo & https://websitebeaver.com/php-pdo-prepared-statements-to-prevent-sql-injection – Dharman Mar 31 '21 at 11:54
  • Have you got error reporting enabled? [How to get the error message in MySQLi?](https://stackoverflow.com/a/22662582/1839439) – Dharman Mar 31 '21 at 11:55
  • I already have few things to help against SQL injection. I will hash passwords when it works properly. I was doing research to PDO but I didn't understand it, I would like to use Mysqli instead – Timo Mar 31 '21 at 12:08

2 Answers2

0

you should check if your table already has an unique AND auto incrementing index!

Explanation: If you add an entry the database will give it an unique id (counting from 1). But if the field is not set as "auto incrementing" the index will always be zero and therefore it will fail to add another entry.

In phpmyadmin: go to "structure" and edit the field ID. Check "AI" (auto increment) and make sure that it is used as primary key (key symbol).

enter image description here

user7213923
  • 74
  • 8
-1

Try This

$conn
is mysql connection variable
$username
user name variable 
$pass
is user password 
user_signup($conn,$username,$pass);
// Call function 
function user_signup($conn,$user_name,$password)
{
$sql_check = "SELECT * FROM user WHERE username = '$user_name'";
$res_check = $conn->query($sql_check);
if ($res_check->num_rows > 0) {
echo "Username already exists!";
} else{
$sql = "INSERT INTO user (username, pass) VALUES ('$user_name', '$password')"; 
$conn->query($sql);
echo "insert data successfully"; 
// you can redirect another page
}
}
Waids
  • 108
  • 1
  • 5
  • This is not working, I still can add only one user. I want to add more than one. But still thanks for your time. – Timo Mar 31 '21 at 11:12
  • You want add multiple user data give me reply – Waids Mar 31 '21 at 11:14
  • Yes, I can only add a second user when i delete the user i created before. So what I am trying to say is that I can only have one user at the time – Timo Mar 31 '21 at 11:19
  • You want like sign up if one user are already sign up than give message like username already exists. Give me reply – Waids Mar 31 '21 at 11:34
  • Yes, it has to show me if username already exists. – Timo Mar 31 '21 at 12:05
  • I edit answer check out is sign up function and SQL connection ,user name , password – Waids Mar 31 '21 at 14:47