it's been 10+ years I learned PHP, HTML, SQL and CSS. I have a hard time adapting that template to include other information into the registration form. Nothing really new here but it seems the process dont go through the error variables validation just before sending the SQL command to the DB.
// Check input errors before inserting in database
if(empty($username_err) && empty($password_err) && empty($confirm_password_err) && empty($lastname_err) && empty($language_err) && empty($firstname_err)){
// Prepare an insert statement
$sql = "INSERT INTO users (username, password, firstname, lastname, language) VALUES (?, ?, ?, ?, ?, ?)";
if($stmt = $mysqli->prepare($sql)){
// Bind variables to the prepared statement as parameters
$stmt->bind_param("ss", $param_username, $param_password, $param_firstname, $param_lastname, $param_language);
// Set parameters
$param_username = $username;
$param_password = password_hash($password, PASSWORD_DEFAULT); // Creates a password hash
$param_firstname = $firstname;
$param_lastname = $lastname;
$param_language = $language;
echo "param_username :" , $param_username, " param_firstname :", $param_firstname, " param_language :", $param_language, " param_lastname :", $param_lastname , " param_password :", $param_password;
// Attempt to execute the prepared statement
if($stmt->execute()){
// Redirect to login page
header("location: login-oo-format.php");
} else{
echo "Oops! Something went wrong. Please try again later.";
}
// Close statement
$stmt->close();
}
// Close connection
$mysqli->close();
Even if i add an Echo after the first "if" it doesnt work. I can't figure out where the issue is. Nevertheless I did a Echo $username_err, and for all the other _err variables, they're all empty.
Here below one of the field validation
// Validate username
if(empty(trim($_POST["username"]))){
$username_err = "Please enter a username.";
} elseif(!preg_match('/^[a-zA-Z0-9_]+$/', trim($_POST["username"]))){
$username_err = "Username can only contain letters, numbers, and underscores.";
} else{
// Prepare a select statement
$sql = "SELECT id FROM users WHERE username = ?";
if($stmt = $mysqli->prepare($sql)){
// Bind variables to the prepared statement as parameters
$stmt->bind_param("s", $param_username);
// Set parameters
$param_username = trim($_POST["username"]);
// Attempt to execute the prepared statement
if($stmt->execute()){
// store result
$stmt->store_result();
if($stmt->num_rows == 1){
$username_err = "This username is already taken.";
} else{
$username = trim($_POST["username"]);
}
} else{
echo "Oops! Something went wrong. Please try again later.";
}
// Close statement
$stmt->close();
}
}
The original template came from here https://www.tutorialrepublic.com/php-tutorial/php-mysql-login-system.php
Here is the HMTL Form part
<div class="d-flex justify-content-center align-items-center" style="margin-top:5%;margin-bottom:5%;">
<table><td class="login" style="border:1px solid black;padding:20px;background-color:rgba(232,183,138, 0.15);">
<h2>Sign Up</h2>
<p>Please fill this form to create an account.</p>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
<div class="form-group">
<label>Prefered language</label>
<div class="form-check">
<input class="form-check-input" type="radio" name="language" id="french" value="french" checked>
<label class="form-check-label" for="french">
Français / French
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="radio" name="language" id="english" value="english">
<label class="form-check-label" for="english">
English / Anglais
</label>
</div>
<span class="invalid-feedback"><?php echo $language_err; ?></span>
<hr>
</div>
<div class="form-group">
<label>First name</label>
<input type="text" name="firstname" class="form-control <?php echo (!empty($firstname_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $firstname; ?>">
<span class="invalid-feedback"><?php echo $firstname_err; ?></span>
</div>
<div class="form-group">
<label>Last name</label>
<input type="text" name="lastname" class="form-control <?php echo (!empty($lastname_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $lastname; ?>">
<span class="invalid-feedback"><?php echo $lastname_err; ?></span>
<hr>
</div>
<div class="form-group">
<label>Username</label>
<input type="text" name="username" class="form-control <?php echo (!empty($username_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $username; ?>">
<span class="invalid-feedback"><?php echo $username_err; ?></span>
</div>
<div class="form-group">
<label>Password</label>
<input type="password" name="password" class="form-control <?php echo (!empty($password_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $password; ?>">
<span class="invalid-feedback"><?php echo $password_err; ?></span>
</div>
<div class="form-group">
<label>Confirm Password</label>
<input type="password" name="confirm_password" class="form-control <?php echo (!empty($confirm_password_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $confirm_password; ?>">
<span class="invalid-feedback"><?php echo $confirm_password_err; ?></span>
</div>
<div class="form-floating input-group mb-3" style="margin-top:5%;">
<div class=" form-group">
<input type="submit" class="btn btngreen-color" value="Submit">
<input type="reset" class="btn btnbrown-color" value="Reset">
</div>
</div>
<p><b>Already have an account?</b> <a href="login-oo-format.php" style="color:black;">Login here</a>.</p>
</form>
</td></table>
</div>
EDIT : I passed the first _err validation if condition. Now it seem to be stuck at the next condition " if($stmt = $mysqli->prepare($sql))" with error "Fatal error: Uncaught Error: Call to undefined method mysqli_stmt::bindparam() in C:\xampp\htdocs\test\register-oo-format.php:180 Stack trace: #0 {main} thrown in C:\xampp\htdocs\test\register-oo-format.php on line 180"
