Form handler not connecting to config file

[TechnoDiver]

This is my first post on your forums. I've some problems with a registration form that I've been trying to work out for 2+ days now, asking about it here is a last resort -

I have a config.php file located at config/config.php there's a register.php file in the sites root directory and a includes/form_handlers/register.php

My config.php file is:
 

<?php

ob_start();
session_start();

$timezone = date_default_timezone_set("America/Cancun");

$servername = "localhost";
$username = "root";
$password = "";
$database = "social";

$conn = mysqli_connect($servername, $username, $password, $database);

if (mysqli_connect_error()) {

    echo "Failed to connect: " . mysqli_connect_error();

}

?>

This is my register.php file:

<?php
require 'config/config.php';
require 'includes/form_handlers/register.php';
?>

 <!-- REMOVED THE <HEAD> SECTION -->

  <body class="login-img3-body">

    <div class="container">

      <form class="login-form" action="includes/form_handlers/register.php" method="POST">

        <div class="login-wrap">

          <p class="login-img"><i class="icon_lock_alt"></i></p>

          <div class="input-group">

            <span class="input-group-addon"><i class="icon_profile"></i></span>

            <input type="text" class="form-control" name="fname" placeholder="First Name" value="<?php 
            if(isset($_SESSION['fname'])) {
              echo $_SESSION['fname'];
            }
            ?>" required>
            <br>
            <?php if(in_array("Your first name must be 2-50 characters long.<br>", $error_array)) echo "<span style='color: #AD0303;'>Your first name must be 2-50 characters long.</span><br>"; ?>

          </div>

          <div class="input-group">

            <span class="input-group-addon"><i class="icon_profile"></i></span>

            <input type="text" class="form-control" name="lname" placeholder="Last Name" value="<?php 
            if(isset($_SESSION['lname'])) {
              echo $_SESSION['lname'];
            }
            ?>" required>
            <br>
            <?php if(in_array("Your last name must be 2-50 characters long.<br>", $error_array)) echo "<span style='color: #AD0303;'>Your last name must be 2-50 characters long.</span><br>"; ?>

          </div>

          <div class="input-group">

            <span class="input-group-addon"><i class="icon_mail_alt"></i></span>

            <input type="text" class="form-control" name="email" placeholder="Email" value="<?php 
            if(isset($_SESSION['email'])) {
              echo $_SESSION['email'];
            }
            ?>" required>

          </div>

          <div class="input-group">

            <span class="input-group-addon"><i class="icon_mail_alt"></i></span>

            <input type="text" class="form-control" name="email2" placeholder="Confirm Email" value="<?php 
            if(isset($_SESSION['email2'])) {
              echo $_SESSION['email2'];
            }
            ?>" required>
            <br>
            <?php
            if(in_array("Email already in use<br>", $error_array)) echo "<span style='color: #AD0303;'>Email already in use</span><br>";

            else if(in_array("Invalid Email<br>", $error_array)) echo "<span style='color: #AD0303;'>Invalid Email</span><br>";

            else if(in_array("Emails don't match<br>", $error_array)) echo "<span style='color: #AD0303;'>Emails don't match</span><br>"; 
            ?>

          </div>

          <div class="input-group">
            <span class="input-group-addon"><i class="icon_key_alt"></i></span>
            <input type="password" class="form-control" name="pwd" placeholder="Password" required>
          </div>

          <div class="input-group">

            <span class="input-group-addon"><i class="icon_key_alt"></i></span>

            <input type="password" class="form-control" name="pwd2" placeholder="Confirm Password" required>

            <br>
            <?php
            if(in_array("Your passwords don't match.<br>", $error_array)) echo "<span style='color: #AD0303;'>Your passwords don't match.</span><br>";

            else if(in_array("Your password must contain English characters or numbers.<br>", $error_array)) echo "<span style='color: #AD0303;'>Your password must contain English characters or numbers.</span><br>";

            else if(in_array("Your password must be 5-30 characters long.<br>", $error_array)) echo "<span style='color: #AD0303;'>Your password must be 5-30 characters long.</span><br>"; 
            ?>

          </div>

          <input class="btn btn-info btn-lg btn-block" type="submit" name="register" value="Register">

        </div>

        <?php if(in_array("<span style='color: #14C800;'>You're all set! Go ahead and login!</span><br>", $error_array)) echo "<span style='color: #14C800;'>You're all set! Go ahead and login!</span><br>"; ?>

      </form>
    </div>
  </body>
</html>

and my includes/form_handlers/register.php file:

<?php

  //error variables
  $fname = "";
  $lname = "";
  $email = "";
  $email2 = "";
  $pwd = "";
  $pwd2 = "";
  $date = "";
  $error_array = array();

  if(isset($_POST['register'])) {

    //form values

    $fname = clean($_POST['fname']);
    $_SESSION['fname'] = $fname;

    $lname = clean($_POST['lname']);
    $_SESSION['lname'] = $lname;

    $email = clean($_POST['email']);
    $_SESSION['email'] = $email;

    $email2 = clean($_POST['email2']);
    $_SESSION['email2'] = $email2;

    $pwd = strip_tags($_POST['pwd']);
    $pwd2 = strip_tags($_POST['pwd2']);

    $date = date('Y-m-d'); //signup date

    if($email == $email2) {

      //validate email format
      if(filter_var($email, FILTER_VALIDATE_EMAIL)) {

        $email = filter_var($email, FILTER_VALIDATE_EMAIL);

        //does email exist??
        $email_check = mysqli_query($conn, "SELECT email FROM users WHERE email='$email'");

        //number of rows returned
        $num_rows = mysqli_num_rows($email_check);

        if($num_rows > 0) {

          array_push($error_array, "Email already in use<br>");

        }


      } else {

        array_push($error_array, "Invalid Email<br>");

      }

    } else {

      array_push($error_array, "Emails don't match<br>");

    }

    //first name length
    if(strlen($fname) > 50 || strlen($fname) < 2) {

      array_push($error_array, "Your first name must be 2-50 characters long.<br>");

    }

    //last name length
    if(strlen($lname) > 50 || strlen($lname) < 2) {

      array_push($error_array, "Your last name must be 2-50 characters long.<br>");

    }

    if($pwd != $pwd2) {

      array_push($error_array, "Your passwords don't match.<br>");

    } else {

      if(preg_match('/[^A-Za-z0-9]/', $pwd)) {

         array_push($error_array, "Your password must contain English characters or numbers.<br>");

        }

      }

    if(strlen($pwd) > 30 || strlen($pwd) < 2) {

      array_push($error_array, "Your password must be 5-30 characters long.<br>");

    }

    if(empty($error_array)) {

      $pwd = md5($pwd); //encrypts password

      $username = strtolower($fname . "_" . $lname);
      $check_username = mysqli_query($conn, "SELECT username FROM users WHERE username='$username'");

      //assign unique username if original is taken
      $snum = 0;

      while(mysqli_num_rows($check_username) != 0) {

        $snum++;
        $username = $username . "00" . $snum;
        $check_username = mysqli_query($conn, "SELECT username FROM users WHERE username='$username'");

      }

      //assign a random profile pic
      $rand = rand(1,3);

      switch ($rand) {
        case '1':
          $profile_pic = "assets/images/profile_pics/default/01.jpeg";
          break;
        case '2':
          $profile_pic = "assets/images/profile_pics/default/02.jpeg";
          break;
        case '3':
          $profile_pic = "assets/images/profile_pics/default/03.jpeg";
          break;
        
      }

      $query = mysqli_query($conn, "INSERT INTO users VALUES (NULL, '$fname', '$lname', '$username', '$email', '$pwd', '$date', '$profile_pic', '0', '0', 'no', ',')");

      array_push($error_array, "<span style='color: #14C800;'>You're all set! Go ahead and login!</span><br>");

      //clear session variables 
      $_SESSION['fname'] = "";
      $_SESSION['lname'] = "";
      $_SESSION['email'] = "";
      $_SESSION['email2'] = "";

    }

  }

  //polish user imput
  function clean($data) {

    $data = str_replace(" ","", $data);
    $data = htmlspecialchars($data);
    $data = stripslashes($data);
    $data = strip_tags($data);
    $data = trim($data);

    return $data;

  }

?>

I can't get the reg. form handler to recognize the $conn variable from the config.php file.

if I add require '../../config/config.php'; to it I get this error:

Warning: require(../../config/config.php): failed to open stream: No such file or directory in /opt/lampp/htdocs/qcicnews/includes/form_handlers/register.php on line 3

Fatal error: require(): Failed opening required '../../config/config.php' (include_path='.:/opt/lampp/lib/php') in /opt/lampp/htdocs/qcicnews/includes/form_handlers/register.php on line 3

I don't know why it can't find that file, but the way I understand PHP is that I don't need that line because it's in the register.php.  When I don't use it I get a party of errors all connected to it not recognizing the $conn variable:

Notice: Undefined variable: conn in /opt/lampp/htdocs/qcicnews/includes/form_handlers/register.php on line 43

Warning: mysqli_query() expects parameter 1 to be mysqli, null given in /opt/lampp/htdocs/qcicnews/includes/form_handlers/register.php on line 43

Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, null given in /opt/lampp/htdocs/qcicnews/includes/form_handlers/register.php on line 46

 

There's about 6 more that look like the ones above but from different lines where $conn is referenced, I just deleted them for brevity sake.

I'm pretty new to PHP and this is the most difficult situation I've encountered so far, can someone help me find the way here?

 

[Barand]

It looks like you need to include config.php in register.php and not in register.php.

[TechnoDiver]

When I insert the line:

require '../../config/config.php';

to includes/form_handlers/register.php

I get this error:

Warning: require(../../config/config.php): failed to open stream: No such file or directory in /opt/lampp/htdocs/qcicnews/includes/form_handlers/register.php on line 2

Fatal error: require(): Failed opening required '../../config/config.php' (include_path='.:/opt/lampp/lib/php') in /opt/lampp/htdocs/qcicnews/includes/form_handlers/register.php on line 2

I'm so confused and frustrated that I can't get this to work

 

It seems like it's looking in the includes/form_handlers directory for the config.php file which would imply it's not recognizing the '..' to move one directory up but I've also tried using an absolute path and got pretty much the same message.

Edited December 7, 2020 by TechnoDiver
adding info

[benanamen]

Where ever you have been learning from, toss it. There is so much not right with your code there is no point getting into every single thing.

A couple points though, md5 has been hacked a hundred years ago, don't use it. Not now, not ever. It is also not "encryption". It creates a very hackable hash. Use password_hash and password_verify. I would also highly recommend you use PDO Instead of mysqli. This tutorial will get you going. Your clean function is a junk relic from the 90's. There is no reason to be putting your POST elements into a session. You already have the values in the POST array, just use them. You are also using the same exact $username variable as a database connection parameter AND using it to query a database column.

NEVER EVER put variables in a query. Use Prepared Statements.

Edited December 7, 2020 by benanamen