VladKandinsky Posted March 7, 2017 Share Posted March 7, 2017 (edited) Hello everybody i`m trying to make a website but i am unable to register a new user on my database sql (php my admin) everything is set up but it doesn`t work, here it is the code. If somebody could handle me just the Username and Password code enviroment working on myphpadmin database i would be gratefull. I used XAMP and WAMP conf.php inex.php reg.php Edited March 7, 2017 by VladKandinsky Quote Link to comment https://forums.phpfreaks.com/topic/303372-basic-registration-form/ Share on other sites More sharing options...
ginerjm Posted March 7, 2017 Share Posted March 7, 2017 Work step by step. Make sure that your db connection is working properly. If not, post it HERE and not somewhere else so we can debug that with you. Then move to the next stage and post that HERE if you are having problems. Be sure php error checking is turned on as well. Many of us (I mostly!) do not click on embedded links here or anywhere when the forum provides the means for showing us the (necessary) code to be examined. Try and limit the amount you post to that portion that is where you think we need to look. Such as posting an entire html page when we probably only need to see the form part. Quote Link to comment https://forums.phpfreaks.com/topic/303372-basic-registration-form/#findComment-1543862 Share on other sites More sharing options...
VladKandinsky Posted March 7, 2017 Author Share Posted March 7, 2017 (edited) Hello thanks to your answer i`ll post the code down below That` my login.php <?phpsession_start();$Username =$_POST['Username'];$Password =$_POST['Password'];if ($Username&&Password){ $connect = mysql_connect('localhost', 'root', '') or die("cant connect DB"); mysqli_select_db("web") or die("cant find DB"); $query = mysql_query("SELECT * FROM users WHERE Username ='$Username' ") ; $numrows = mysql_num_rows($query); if($numrows !==0) { while($row = mysql_fetch_assoc($query)) { $dbusername = $row['Username']; $dbpassword = $row['Password']; } if ($Username==$dbusername&&($Password)==$dbpassword) //md5 { echo "you are in"; @$_SESSION['Username'] = $Username; } else echo "wrong password"; } else die("that user doesn't exist!"); }else die("Please enter a username and password");?> That`s my index.php <html> <form action ="login.php" method="POST"> <input type = "text" class= "inputvalues" placeholder="Username" required/><br> <input type = "password" class= "inputvalues" placeholder="Password" required/><br> <input type = "submit" id="login_btn" value = "Register"/> </form> The IF/ELSE statement are not working when i click the register button and even the timestamp on my database COULD YOU KINDLY PROVIDE ME A GUIDE HOW TO MAKE A REGISTRATION FORM AS ALL THE GUIDE THAT I DID ON YOUTUBE ARE COMPETELY USELESS? That`s the login form that is not working ...of course Edited March 7, 2017 by VladKandinsky Quote Link to comment https://forums.phpfreaks.com/topic/303372-basic-registration-form/#findComment-1543873 Share on other sites More sharing options...
ginerjm Posted March 7, 2017 Share Posted March 7, 2017 1 - I asked you to be sure that error checking was turned on. I don't see it mentioned at all. 2 - you post your second block of code called "index.php" but I don't see any php in it at all. ?? 3 - you are using the MySQL db interface. STOP. NO. WRONG. Check the php manual for the big red warning messages and then use the suggested alternatives. 4 - you do multiple php function calls to external resources (the database server) and don't check to see that they in fact worked. A good programmer always checks results of things like that to be sure his app doesn't break. Again - if you check the php manual you will see how the functions should be used and how to check their results. 5 - You really need to do some reading and learning about things. You wrote an html form without knowing anything about how the form and php are related. I will simply say that you need a name attribute and let you do some reading. It will be good for your development. 6 - you posted your code but have some serious errors. Look at your first if statement. And your second if statement seems to be missing some of your thoughts. PS - your stored password s/b already hashed. See my signature for how to use error checking. Check this link for the official PHP manual - especially the function reference here: http://www.php.net/manual/en/funcref.php 1 Quote Link to comment https://forums.phpfreaks.com/topic/303372-basic-registration-form/#findComment-1543876 Share on other sites More sharing options...
Mlaaa Posted March 7, 2017 Share Posted March 7, 2017 (edited) First of all u don't have in your input fields name="" which is used for $_POST['name'], it need to be like this Login form: <form action ="login.php" method="POST"> <input type="text" name="Username" class= "inputvalues" placeholder="Username" required/><br> <input type="password" name="Password" class= "inputvalues" placeholder="Password" required/><br> <input type="submit" name="submit" id="login_btn" value="Register"/> </form> Register form: <form action ="register.php" method="POST"> <input type="text" name="Username" class= "inputvalues" placeholder="Username" required/><br> <input type="password" name="Password" class= "inputvalues" placeholder="Password" required/><br> <input type="submit" name="submit" id="login_btn" value="Register"/> </form> Second thing u need a proper connection to database mysqli or PDO with prepared statements "mysql is deprecated DON'T USE IT !" Also don't use md5() it's not safe for decryption use password_hash() and password_verify() for storing passwords http://php.net/manual/en/ref.password.php This is a config file with error_reporting() and proper connection: conf.php <?php // turn on error reporting error_reporting(1); ini_set("error_reporting", E_ALL); $db_host = 'localhost'; // your host name $db_user = 'root'; // your database username $db_pass = ''; // your batabase password $db_name = 'web'; // your database name // mysqli connection $conn = mysqli_connect($db_host, $db_user, $db_pass, $db_name); // test connection if (!$conn) { echo "Error: Unable to connect to MySQL." . mysqli_connect_error(); exit(); } ?> login.php <?php // include your config file include_once 'conf.php'; // check if submit button is pressed if (isset($_POST['submit'])) { // check if your fields username and password isset if (isset($_POST['Username']) && isset($_POST['Password'])) { // grab data from your form inputs $_POST['Username'] and $_POST['Password'] // prevent mysql injection $Username = mysqli_escape_string($conn, $_POST['Username']); $Password = mysqli_escape_string($conn, $_POST['Password']); // convert password to md5() $Password_md5 = md5($Password); // make query to check for username and password match $query = "SELECT * FROM users WHERE Username = '$Username' AND Password = '$Password_md5'"; // run query $query_run = mysqli_query($conn, $query); // fetch data from query $row = mysqli_fetch_array($query_run); // check if username and password if founded, if founded result is greater than 0 if ($row > 0) { $_SESSION['Username'] = $Username; } else { echo "Invalid username or password."; } } } ?> register.php <?php // include your config file include_once 'conf.php'; // check if submit button is pressed if (isset($_POST['submit'])) { // check if your fields username and password isset if (isset($_POST['Username']) && isset($_POST['Password'])) { // grab data from your form inputs $_POST['Username'] and $_POST['Password'] // prevent mysql injection $Username = mysqli_escape_string($conn, $_POST['Username']); $Password = mysqli_escape_string($conn, $_POST['Password']); // convert password to md5() $Password_md5 = md5($Password); // make query to check that username don't exists, prevent duplicate usernames $query = "SELECT * FROM users WHERE Username = '$Username'"; // run query $query_run = mysqli_query($conn, $query); // fetch data from query $row = mysqli_fetch_array($query_run); // if username exists give a message if ($row > 0) { echo "Username already in use, please choose another one."; } else { // if user don't exists lets put him into database $reg = "INSERT INTO users (Username, Password) VALUES ('$Username', '$Password_md5')"; // run query $reg_user = mysqli_query($conn, $reg); // check if our user is inserted into database if (mysqli_insert_id($conn)) { echo "Thank u for registering, u can now <a href=\"login.php\">Login</a>"; // close connection mysqli_close($conn); } else { echo "User fail to register, please try again."; } } } } ?> Edited March 7, 2017 by Mlaaa Quote Link to comment https://forums.phpfreaks.com/topic/303372-basic-registration-form/#findComment-1543894 Share on other sites More sharing options...
Strider64 Posted March 8, 2017 Share Posted March 8, 2017 It's still a work-in-progress but I'm developing a registration and login tutorial and you can find it here: https://github.com/Strider64/php-registration-tutorial The registration portion works (though I want to rework it a little) and I need to do the login portion of the tutorial. All the files can be found there. Quote Link to comment https://forums.phpfreaks.com/topic/303372-basic-registration-form/#findComment-1543899 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.