Jump to content

manuelklerk

New Members
  • Posts

    1
  • Joined

  • Last visited

manuelklerk's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. The code is supposed to insert the form data in the readers table in a database called travpress. the database connection is correct but the form on input nothing is summited to the database table also no error is shown. Thank you <?php // require '../database/dbcon.php'; // require_once('functions.php'); // db con $host = 'localhost'; $username = 'root'; $password = ''; $database = 'travpress'; $connection = new mysqli($host, $username, $password, $database); if ($connection->connect_error) { die("Connection failed: " . $connection->connect_error); } // Function to sanitize input data function sanitize($data) { return htmlspecialchars(stripslashes(trim($data))); } // Function to validate email format function validateEmail($email) { return filter_var($email, FILTER_VALIDATE_EMAIL); } // Function to generate CSRF token function generateCSRFToken() { if (session_status() == PHP_SESSION_NONE) { session_start(); } $token = bin2hex(random_bytes(32)); $_SESSION['csrf_token'] = $token; return $token; } // Function to verify CSRF token function verifyCSRFToken($token) { if (session_status() == PHP_SESSION_NONE) { session_start(); } return isset($_SESSION['csrf_token']) && hash_equals($_SESSION['csrf_token'], $token); } // Function to handle file upload and return the uploaded file path function uploadProfilePhoto($file) { $targetDir = '../uploads/'; $targetFile = $targetDir . basename($file['name']); $imageFileType = strtolower(pathinfo($targetFile, PATHINFO_EXTENSION)); // Check if it's an actual image $check = getimagesize($file["tmp_name"]); if ($check === false) { return false; } // Check file size (maximum 2 MB) if ($file["size"] > 2097152) { return false; } // Allow only certain image file formats if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") { return false; } if (move_uploaded_file($file['tmp_name'], $targetFile)) { return $targetFile; } else { return false; } } // Check if the form is submitted and the CSRF token is valid if (isset($_POST["submit"]) && verifyCSRFToken($_POST['csrf_token'])) { // Sanitize and retrieve form data $first_name = sanitize($_POST['first_name']); $last_name = sanitize($_POST['last_name']); $username = sanitize($_POST['username']); $email = sanitize($_POST['email']); $phone = sanitize($_POST['phone']); $location = sanitize($_POST['location']); $gender = sanitize($_POST['gender']); $password = $_POST['password']; $confirm_password = $_POST['confirm_password']; // Validate email if (!validateEmail($email)) { echo "Invalid email format!"; exit; } // Check if the passwords match if ($password !== $confirm_password) { echo "Passwords do not match!"; exit; } // Hash the password using bcrypt (password_hash with PASSWORD_DEFAULT) $hashed_password = password_hash($password, PASSWORD_DEFAULT); // Upload the profile photo if (isset($_FILES['profilephoto']) && $_FILES['profilephoto']['error'] === 0) { $profile_photo = uploadProfilePhoto($_FILES['profilephoto']); if (!$profile_photo) { echo "Error uploading the profile photo!"; exit; } } else { echo "Profile photo upload failed!"; exit; } // Prepare the SQL query using prepared statements to prevent SQL injection $stmt = $connection->prepare("INSERT INTO readers (first_name, last_name, username, email, phone, location, gender, profilephoto, password) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)"); $stmt->bind_param("sssssssss", $first_name, $last_name, $username, $email, $phone, $location, $gender, $profile_photo, $hashed_password); // Execute the query if ($stmt->execute()) { // Registration successful, redirect to the login page header("Location: reader-login.php"); exit; } else { echo "Error: " . $stmt->error; } // Close the prepared statement $stmt->close(); } ?> <!DOCTYPE html> <html> <head> <title>TravPress- Registration</title> <style> body { color: #000; font-family: Arial, sans-serif; font-size: 16px; margin: 0; padding: 0; text-align: center; } form { background-color: #00A388; border-radius: 8px; box-shadow: 0px 2px 6px rgba(0, 0, 0, 0.3); box-sizing: border-box; margin: 40px auto; max-width: 600px; padding: 40px; text-align: left; } h3 { color: #00A388; font-size: 2rem; text-align: center; font-weight: bold; margin-bottom: 30px; text-shadow: 2px 2px #fff; } input[type="text"], input[type="email"], input[type="tel"], input[type="file"], input[type="password"] { background-color: #fff; border: none; border-radius: 4px; box-shadow: 0px 2px 6px rgba(0, 0, 0, 0.3); box-sizing: border-box; display: block; margin-bottom: 20px; padding: 10px; width: 100%; } label[for="gender"] { display: block; margin-bottom: 10px; color: black; } /* Style for the select */ select[name="gender"] { display: block; width: 100%; padding: 10px; border: none; border-radius: 4px; box-shadow: 0px 2px 6px rgba(0, 0, 0, 0.3); background-color: #fff; color: #333; } input[type="submit"] { background-color: #000; border: none; border-radius: 4px; color: #fff; cursor: pointer; display: block; font-size: 1.2rem; font-weight: bold; margin-top: 30px; padding: 10px; text-align: center; width: 100%; } </style> </head> <body> <form action="reader-reg.php" method="POST" enctype="multipart/form-data"> <header> <h3>Create a TravPress account below</h3> </header> <label for="first_name">First Name:</label> <input type="text" name="first_name" required> <label for="last_name">Last Name:</label> <input type="text" name="last_name" required> <label for="username">Username: <p style="font-size: 10px; color: yellow;">Will be used as your author name in case you make a publication.</p></label> <input type="text" name="username" required> <label for="email">Email:</label> <input type="email" name="email" required> <label for="phone">Phone:</label> <input type="tel" name="phone" required> <label for="location">Location:</label> <input type="text" name="location" required> <label for="gender">Gender:</label> <select name="gender" style="margin-bottom: 20px;" required> <option value="male">Male</option> <option value="female">Female</option> <option value="other">Other</option> </select> <label for="image">User Image:</label> <input type="file" name="profilephoto" required> <label for="password">Password:</label> <input type="password" name="password" required> <label for="confirm_password">Confirm Password:</label> <input type="password" name="confirm_password" required> <input type="hidden" name="csrf_token" value="<?php echo generateCSRFToken(); ?>"> <input type="submit" value="Register"> <p>Already Registered? login to your account <span style="text-decoration: underline;"><a href="reader-login.php">Here</a></p></small> </form> </body> </html>
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.