2 Replies - 321 Views - Last Post: 25 December 2017 - 10:23 AM Rate Topic: -----

#1 SemmiebRoDo   User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 1
  • Joined: 25-December 17

PHP loginsystem error

Posted 25 December 2017 - 04:29 AM

When i fill all fields in my login page it says that some of the fields are empty and i don't know why.



<?php

if (isset($_POST['submit'])){

    include_once 'dbh.inc.php';

    $dbServername = "localhost";
    $dbUsername = "root";
    $dbPassword = " ";
    $dbName = "loginsystem";

    $conn = mysqli_connect($dbServername, $dbUsername, $dbPassword, $dbName);

    $first =  mysqli_real_escape_string($conn, $_POST['first']);
    $last =  mysqli_real_escape_string($conn, $_POST['last']);
    $email =  mysqli_real_escape_string($conn, $_POST['email']);
    $uid =  mysqli_real_escape_string($conn, $_POST['uid']);
    $pwd =  mysqli_real_escape_string($conn, $_POST['pwd']);

    //error handlers
    //check for empty fields

    if (empty($first) || empty($last) || empty($email) || empty($uid) || empty($pwd)){
        header("Location: ../signup.php?signup=empty");
        exit();
    } else {
        //Check if input character are valid
        if(!preg_match("/^[a-zA-Z]*$/", $first ) || !preg_match("/^[a-zA-Z]*$/", $last )) {
            header("Location: ../signup.php?signup=invalid");
            exit();
        }else {
            //Check if email is valid
            if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
                header("Location: ../signup.php?signup=email");
            exit();
        } else {
           $sql = "SELECT * FROM users WHERE user_uid= '$uid'" ;
           $result = mysqli_query($conn, $sql);
           $resultCheck = mysqli_num_rows($result);

           if ($resultCheck > 0) {
               header("Location: ../signup.php?signup=usertaken");
               exit(); {
               }
           } else {
               //Hashing the password
               $hashedPwd = password_hash($pwd, PASSWORD_DEFAULT);
               $sql = "INSERT INTO users (user_first, user_last, user_email, user_uid, user_pwd) VALUES ($first, $last, $email, $uid, $pwd);";
               $result = mysqli_query($conn, $sql);
           }       header("Location: ../signup.php?signup=succes");
                exit();
            }

        }
    }






}else{
    header("Location: ../signup.php");
    exit();
}



Is This A Good Question/Topic? 0
  • +

Replies To: PHP loginsystem error

#2 modi123_1   User is online

  • Suitor #2
  • member icon



Reputation: 14168
  • View blog
  • Posts: 56,759
  • Joined: 12-June 08

Re: PHP loginsystem error

Posted 25 December 2017 - 08:59 AM

Perhaps copy/paste the entire error message.
Was This Post Helpful? 0
  • +
  • -

#3 benanamen   User is offline

  • D.I.C Head

Reputation: 24
  • View blog
  • Posts: 169
  • Joined: 28-March 15

Re: PHP loginsystem error

Posted 25 December 2017 - 10:23 AM

What you have is a poorly written script. Starting from the top...

Depending on the name of a button to be submitted for your script to work will completely fail in certain circumstances. You need to check the request method instead. if ($_SERVER['REQUEST_METHOD'] == 'POST')

The login credentials should be in the dbh include otherwise you will need to repeat it in every page.

You "should" be using PDO since you are improperly using mysqli.

You lazily lump all the errors together which is why you have no idea what fields are missing.

You incorrectly check for problems one by one and redirect at the first issue found. You need to gather ALL the errors in an array and then do something.

You are putting variables in the querys. NEVER EVER do that. You need to use Prepared Statements

You are letting the user create a UID??????

Based on this code, your entire code base needs work.

This post has been edited by benanamen: 25 December 2017 - 10:25 AM

Was This Post Helpful? 0
  • +
  • -

Page 1 of 1