slotegraafd
-
Posts
35 -
Joined
-
Last visited
-
Days Won
1
Posts posted by slotegraafd
-
-
No errors showed up... Still having the same problem
-
1 hour ago, Barand said:
If you have Workbench why are you even bothering with phpMyAdmin?
Sigh I feel like a broken record. Let me start over. All I am trying to do is figure out why the data that the user registers wont be saved in the database
-
whenever I try to start the mysql thing in xampp it says it shut down unexpectedly there is something wrong with the port, and the password is the password I used for the database that I have using MYSQL workbench
-
oh I see, so i click on that but now its saying access denied and it cant connect
-
1 minute ago, mac_gyver said:
most of the all-in-one development systems (XAMPP...) include phpmyadmin. which/how did you obtain - your development system?
I'm using XAMPP if thats what you're asking
-
27 minutes ago, mac_gyver said:
you can examine the data in the database using a tool like phpmyadmin.
next, you should have php's error_reporting set to E_ALL and display_errors set to ON, preferably in the php.ini on your system, so that php will help you by reporting and displaying all the errors that it detects. while you are making changes to the php.ini, set output_buffering to OFF, so that any messages from your code or non-fatal php error messages will be seen and not discarded at the header() redirects. you should also have error handling for all the statements that can fail. for database statements, just use exceptions for errors and in most cases let php catch and handle the exception, where it will use its error related settings to control what happens with the actual error information (database statement errors will 'automatically' get displayed/logged the same as php errors.) if you need, someone can post how to enable exceptions for errors for the mysqli database extension or if you switch to the much simpler PDO database extension.
I was going to try using phpmyadmin but i dont really know how to download it, or use it
-
22 minutes ago, jodunno said:
Hi slotegraafd,
I'm just a normal user here so you should wait for pros to help you. However, i would still like to offer my opinion about your posted code: pdo is a safer solution to interacting with a database. I recommend that you switch to pdo: https://phpdelusions.net/pdo
I've never understood error arrays and pushing data into them. a simple binary switch can be used to deal with error scenarios and a variable or array for error messages only:
$error = 0; if (empty(bla_bla)) { $errors = 1; $message = 'bla_bla contains no usable data'; } if($errors) { //code to handle errors } //else continue or no else if header relocation exit is used if $errors
if one of the required fields is empty or erroneous then just cut out completely and stop evaluating the rest of the data.
you should use password_verify to check the password. MAJOR security error here. Also, hashing passwords as a student testing login scripts is not necessary but it is absolutely necessary on live site. encryption is not a protection mechnism. Use hashes. skip for now but never forget to hash the passwords (which also requires a rehash if php changed something as the default encryption method.)
you use a header relocate without an exit: header('location: home.php'); change this to: header('location: home.php'); exit; to stop evaluation of the rest of the script.
i wouldn't escape input. I recommend that you validate input then compare login values. In any event, just use htmlentities with ENT_QUOTES or html special chars before outputting post data or using it in anyway.
you have the following code:
f (mysqli_num_rows($results) == 1)
you need to verify that the usernames match and that the passwords match:
if ($username === $resultfromdb && password_verify()) { } else {}
password verify works like so:
if (hash_equals($usernameFromDB, $username) && password_verify($password, $passwordFromDB)) { } else { }
Start with pdo then try again. I'm sure that pro members will help you further.
Good luck and i hope that you switch to pdo for security purposes. Learn proper coding early to save many headaches and problems.
Hi, that's all very helpful but that doesnt really have anything to do with the problem I am having. All I need to know is why the information is not being stored into the database after the user registers and why it wont let me log in with the registered data
-
Hi!
So due to this pandemic I've decided to do some programming just for fun in preparation for school in september. I am currently focused on just creating a simple login and registration page. The registration page is supposed to add the users entered data into the MYSQL database and then redirect to the home page. That works just fine. But when I try to login using the information the user registered with it gives me the error that i created that it is incorrect which it is not so I don't think it's actually saving and I'm unsure why...
This is the code for my server and creating the errors and what its supposed to do when the button is pressed
<?php session_start(); // variable declaration $username = ""; $email = ""; $errors = array(); $_SESSION['success'] = ""; // connect to database $db = mysqli_connect('localhost', 'root', 'deanna1999', 'registration'); // REGISTER USER if (isset($_POST['registerbtn'])) { // receive all input values from the form $username = mysqli_real_escape_string($db, $_POST['username']); $email = mysqli_real_escape_string($db, $_POST['email']); $password_1 = mysqli_real_escape_string($db, $_POST['password_1']); $password_2 = mysqli_real_escape_string($db, $_POST['password_2']); // form validation: ensure that the form is correctly filled if (empty($username)) { array_push($errors, "Username is required"); } if (empty($email)) { array_push($errors, "Email is required"); } if (empty($password_1)) { array_push($errors, "Password is required"); } if ($password_1 != $password_2) { array_push($errors, "The two passwords do not match"); } // register user if there are no errors in the form if (count($errors) == 0) { $password = md5($password_1);//encrypt the password before saving in the database $query = "INSERT INTO users (username, email, password) VALUES('$username', '$email', '$password')"; mysqli_query($db, $query); $_SESSION['username'] = $username; $_SESSION['success'] = "You are now logged in"; header('location: home.php'); } } // ... // LOGIN USER if (isset($_POST['login'])) { $username = mysqli_real_escape_string($db, $_POST['username']); $password = mysqli_real_escape_string($db, $_POST['password']); if (empty($username)) { array_push($errors, "Username is required"); } if (empty($password)) { array_push($errors, "Password is required"); } if (count($errors) == 0) { $password = md5($password); $query = "SELECT * FROM users WHERE username='$username' AND password='$password'"; $results = mysqli_query($db, $query); if (mysqli_num_rows($results) == 1) { $_SESSION['username'] = $username; $_SESSION['success'] = "You are now logged in"; header('location: home.php'); }else { array_push($errors, "Wrong username/password combination"); } } } ?>
How to save data in MYSQL database
in MySQL Help
Posted
First things first dont friggen attack me okay? I am NEW TO PROGRAMMING i know nothing! Hense the reason why the program that I am creating is so stupid and doesnt work and all the other insults you gave me. I wasnt against the idea of using the error reporting because I did and IT SHOWED ME NOTHING. I was simply asking for other suggestions. So if you arent gonna be helpful then leave me the hell alone. And yes I do have a lot of damn attitude.