Jump to content

auction site

torpedo91

By torpedo91
in PHP Coding Help

 Share

Recommended Posts

torpedo91 Member

torpedo91

Posted
Posted

Good day all , 

I am in the processes of creating a add buyer page for an auction site. However , the rows are not updating when i add a new buyer. Below is the code i have written . 

 

This is the add buyer form page

<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
</head>

<body>
    
<?php    
    echo "<img id='logo' src='auction.png'/>";
    echo "<br>";
    echo "<form class='add_buyer_form' action='check_buyer.php' method='POST'>";
    
    if (isset($_GET["buyer"]))
        
    {
        if($_GET["buyer"] == "successful")
        {
            echo"<h4>Successfully added user!</h4>";
                              
        }

            else if ($_GET["buyer"] == "duplicate")
            echo"<h4? BUyer already exists. Please enter another username and password<h4>";
     
    
    }
    else 
    {
        
        echo "<h4>Please Add the buyers username and password</h4>";
        
    }
        
     echo "<label class='label' for='username'>Username:</label>";
    echo "<input class='text' type='text' name='username' placeholder='username'>";
    echo "<br>";
    echo "<label class='label' for='password'>Password:</label>";
    echo "<input class='password' type='password' name='password' placeholder='Password'>";
    
    echo "<input class='submit' type='submit' value='Add Buyer'>";
    
    echo"</form>";
    
    ?>    
    
</body>
</html>

 

This is the check buyer form page

<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
</head>

<body>
<?php

    
    if (!empty($POST["username"]) && !empty($_POST["password"]))
    {
        
$DBHOST = "localhost";    
$DBUSER = "tim";
$DBPWD  = "nineteen1985";    
$DBNAME = "customs_auction";    
        
    $conn = new mysqli($DBHOST, $DBUSER, $DBPWD, $DBNAME);

if ($conn->connect_error)    
{
    die("connection failed:" .$conn->connect_error);
    
}    

        
$username = $_POST["username"];
$password = $_POST["password"];
$hashed = password_hash($password, PASSWORD_DEFAULT);

$statement = "SELECT * FROM buyer WHERE username=?";
$stmt = $conn->prepare($statement);
$stmt->bind_param("s", $username);
$stmt->execute;
$result = $stmt->get_result();


if ($result->num_rows>=1)
{
    $value = "duplicate";
    header("Location: add_buyer.php?buyer=$value");
    
}
    else
{
    $statement = "INSERT INTO buyer(username,password) VALUES(?, ?)";
    $stmt = $conn->prepare($statement);
    $stmt->bind_param("ss", $username, $hashed);
    $stmt->execute;    
    
        
    $value = "successful";
    header("Location: add_buyer.php?buyer=$value");
    }
    
    $conn->close();
    }
        
    else
    {
        header("Location: add_buyer.php");
        
    }
        
                 
    
?>    
    
</body>
</html>

 

 

 

 

Link to comment
https://forums.phpfreaks.com/topic/311646-auction-site/
Share on other sites
Barand Prolific Member

Barand

Posted
Posted

There is no data because no code executes to add them.

  • You have a $POST instead of $_POST so the first if() fails.
  • You use "execute" instead of "execute()"
  • You need to remove the html code from the start of check_buyer.php otherwise the header() calls will fail (you can't sent output before a header() call.) There is no need for any html in that file.
Link to comment
https://forums.phpfreaks.com/topic/311646-auction-site/#findComment-1582097
Share on other sites
Barand Prolific Member

Barand

Posted
Posted

A more efficient way to write the code is not to check first if the username exists but to define a UNIQUE key on username column.

The just add the record and trap any duplicate key exceptions. Like this... 

<?php
if (!empty($_POST["username"]) && !empty($_POST["password"]))
{
        
    $DBHOST = "localhost";    
    $DBUSER = "tim";
    $DBPWD  = "nineteen1985";    
    $DBNAME = "customs_auction";      
    
    mysqli_report(MYSQLI_REPORT_ERROR|MYSQLI_REPORT_STRICT);    
    $conn = new mysqli($DBHOST, $DBUSER, $DBPWD, $DBNAME);

    $hashed = password_hash($_POST["password"], PASSWORD_DEFAULT);

    try {
        $statement = "INSERT INTO buyer(username,password) VALUES(?, ?)";
        $stmt = $conn->prepare($statement);
        $stmt->bind_param("ss", $_POST["username"], $hashed);
        $stmt->execute();
        header("Location: add_buyer.php?buyer=successful");
    }
    catch (mysqli_sql_exception $e) {
        if ($e->getCode() == 1062) {
            header("Location: add_buyer.php?buyer=duplicate");
        }
        else throw $e;
    }
}
        
else
{
    header("Location: add_buyer.php");
    
}
?>

 

Link to comment
https://forums.phpfreaks.com/topic/311646-auction-site/#findComment-1582098
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.