Form doesn't add User to Database

  • (2 Pages)
  • +
  • 1
  • 2

21 Replies - 1545 Views - Last Post: 30 April 2018 - 05:42 AM Rate Topic: ***** 1 Votes

#16 astonecipher   User is offline

  • Senior Systems Engineer
  • member icon

Reputation: 2542
  • View blog
  • Posts: 10,187
  • Joined: 03-December 12

Re: Form doesn't add User to Database

Posted 27 April 2018 - 03:04 PM

Do you know what version the school uses?
Was This Post Helpful? 0
  • +
  • -

#17 Heathersmithx   User is offline

  • D.I.C Head

Reputation: 2
  • View blog
  • Posts: 64
  • Joined: 07-November 16

Re: Form doesn't add User to Database

Posted 27 April 2018 - 05:49 PM

Okay...Now we're getting into the stuff that really confuses me. How do I find out what version of php I'm running...
Was This Post Helpful? 0
  • +
  • -

#18 Heathersmithx   User is offline

  • D.I.C Head

Reputation: 2
  • View blog
  • Posts: 64
  • Joined: 07-November 16

Re: Form doesn't add User to Database

Posted 27 April 2018 - 06:12 PM

Okay, so I figured out how to hash the password....I think.... But now I'm having a hard time with prepared statements. I'm looking it up, I'm doing everything the way I understand it. But I'm still getting an error:
Errormessage: %s Warning: mysqli_stmt_bind_param() expects parameter 1 to be mysqli_stmt, string given in /var/www/html/ECommerce/newUser.php on line 40 Warning: mysqli_stmt_execute() expects parameter 1 to be mysqli_stmt, null given in /var/www/html/ECommerce/newUser.php on line 41

Here is my current code. I've been changing things...
<?php
//add nav bar and host connection
include 'navBar.php';
include 'hostConnection.php';
//IF THE SUBMIT BUTTON WAS PRESSED = TRUE
if (isset($_POST['submitButton'])) {

    $username = ($_POST["username"]);
    $password = ($_POST["password"]);
    $passwordConfirm = ($_POST["confirmPass"]);
    $algo = "haval160,4";
   
    //CHECK IF USER ALREADY EXISTS 
    $sql = "SELECT * FROM User WHERE Username= ?";
    $stmt = mysqli_prepare($con, $sql);
    mysqli_stmt_bind_param($stmt, "s", $username);
    mysqli_stmt_execute($stmt);
    $row = mysqli_stmt_affected_rows($stmt);
    //SHOULD RETURN ZERO ROWS IF USER DOESN'T EXIST
    //PROVIDE A TRY AGAIN BUTTON AND A LOGIN BUTTON
    if ($row > 0) {
        echo("<h2>" . $username . " already exists.</h2>");
        echo("<button action='login.php' id='login'>Login</button>");
        //echo("<button action='' onclick='back()' id='tryAgain'>Try Again</button>");
    } else {
        echo "Errormessage: %s\n", mysqli_error($con);
    }

    //MAKE SURE PASSWORD & CONFIRM PASSWORD MATCH. 
    
    if ($password == $passwordConfirm) {
        //HASH THE PASSWORD USING THE ALGORITHM
        $hashedPass = hash($algo, $password);
        if(!$hashedPass){
           echo"The password was not hashed";
        }
        $sql = "INSERT INTO User (Username, Password) VALUES (?,?)";
        mysqli_stmt_prepare($con, $sql); 
        $stmt = mysqli_stmt_bind_param($stmt, "ss", $username, $hashedPass);
        }
        //INSERT THE NEW USER AND HASHED PASSWORD INTO THE  DATABASE;
        if ($result = mysqli_stmt_execute($stmt)) {
            echo "<h1>Thank you for registering, $username!</h1>";
        } else {
            echo "<h1 style='color: red'>There was an Error: </h1>\n" ."<h3>" . mysqli_error($con) . "</h3>";
        }
    }else{
        echo"<h2>The passwords you entered don't match. Please try again.</h2>";
    }
}
?>
<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8">
        <title>ACME company</title>
        <link rel="stylesheet" type="text/css" href="acme.css">
        <script>
            function back() {
                window.history.back();
            }
        </script>
    </head>
    <body>
        <!--NEW USER FORM-->
        <div class="form-group" id="newUserForm">
            <form class="form-horizontal" action="" method="post" id="newUserForm">
                <!--USERNAME-->
                <div class="form-group">
                    <label class="control-label col-sm-2" for="user">Username</label>
                    <div class="col-sm-8">
                        <input type="text" class="form-control" id="user" placeholder="New Username" name="username">
                    </div>
                </div>
                <!--PASSWORD-->
                <div class="form-group">
                    <label class="control-label col-sm-2" for="pwd">Password:</label>
                    <div class="col-sm-8"> 
                        <input type="password" class="form-control" id="password" placeholder="Enter password" name="password">
                    </div>
                </div>
                <!--CONFIRM PASSWORD-->
                <div class="form-group">
                    <label class="control-label col-sm-2" for="pwd">Confirm Password:</label>
                    <div class="col-sm-8"> 
                        <input type="password" class="form-control" id="password" placeholder="Confirm Password" name="confirmPass">
                    </div>
                </div>
                <!--SUBMIT BUTTON-->
                <div class="form-group"> 
                    <div class="col-sm-offset-2 col-sm-10">
                        <button type="submit" class="btn btn-default" name="submitButton">Submit</button>
                    </div>
                </div>
            </form>
        </div>
    </body>
</html>


Was This Post Helpful? 0
  • +
  • -

#19 Heathersmithx   User is offline

  • D.I.C Head

Reputation: 2
  • View blog
  • Posts: 64
  • Joined: 07-November 16

Re: Form doesn't add User to Database

Posted 27 April 2018 - 06:17 PM

I'm on AWS server. The free micro tier.

This post has been edited by Heathersmithx: 27 April 2018 - 06:55 PM

Was This Post Helpful? 0
  • +
  • -

#20 CTphpnwb   User is offline

  • D.I.C Lover
  • member icon

Reputation: 3795
  • View blog
  • Posts: 13,738
  • Joined: 08-August 08

Re: Form doesn't add User to Database

Posted 27 April 2018 - 08:10 PM

If you want to see your version of php and other information, run this script:
<?php
phpinfo();



https://secure.php.n...ion.phpinfo.php

By the way, you really should be using functions at a minimum at this point. The fact that you aren't using classes, didn't know about prepared statements, and are nearing finals is troubling. Is this a college course?

Look at this line:
 $stmt = mysqli_stmt_bind_param($stmt, "ss", $username, $hashedPass);

What will be the value of $stmt after it runs?
Was This Post Helpful? 1
  • +
  • -

#21 Heathersmithx   User is offline

  • D.I.C Head

Reputation: 2
  • View blog
  • Posts: 64
  • Joined: 07-November 16

Re: Form doesn't add User to Database

Posted 28 April 2018 - 12:43 PM

From what I've heard, my instructor is teaching us all outdated stuff. That's what someone who knows more about this stuff than I do told me in class. This is for web programming class. He's a nice guy, but I really feel like I've had to do an exuberant amount of research on my own. It's just a community college. I'm glad that I'm at least learning the basics, and I'm grateful that this site exists. I wouldn't understand a lot of things and I wouldn't have passed my classes if it weren't for this site, and all the help I've had on here.



I finally got it working.
Here is what I did.

  • I used hash() which works with older versions of php.
  • I didn't use prepared statements. I used mysqli_escape_strings() instead.
  • It seems that my main issue was that my version of php wasn't compatible with the functions I was trying to use.







Someone showed me how to look at the errors on my server, so that helped looking at the error_log file or whatever it was called.

Here is my final code newUser.php

<?php
include 'navBar.php';
include 'hostConnection.php';
//IF THE SUBMIT BUTTON WAS PRESSED = TRUE
if (isset($_POST['submitButton'])) {

    $username = $_POST["username"];
    $password = $_POST["password"];
    $passwordConfirm = $_POST["confirmPass"];
    $algo = "haval160,4";

    //CHECK IF USER ALREADY EXISTS 
    $sql = "SELECT * FROM User WHERE Username='$username'";
    $result = mysqli_query($con, $sql);
    if (!$result) {
        echo"Error: " . mysqli_error($con);
    }
    $row = mysqli_fetch_row($result);
    //SHOULD RETURN ZERO ROWS IF USER DOESN'T EXIST
    //PROVIDE A TRY AGAIN BUTTON AND A LOGIN BUTTON
    if ($row > 0) {
        echo("<h2 class='message'>" . $username . " already exists.</h2>");
        echo("<button class='btn btn-default' id='tryAgain' onclick='back()'>Try Again</button>");
    } else {
        //MAKE SURE PASSWORD & CONFIRM PASSWORD MATCH. 
        if ($password == $passwordConfirm) {
            //HASH THE PASSWORD USING THE ALGORITHM
            $hashedPass = hash($algo, $password);
            if (!$hashedPass) {
                echo"<h3 class='message'>The password was not hashed</h3>";
            }
            $sql = "INSERT INTO User (Username, Password) VALUES ('$username','$hashedPass')";
            $result = mysqli_query($con, $sql);

            //INSERT THE NEW USER AND HASHED PASSWORD INTO THE  DATABASE;
            if ($result) {
                echo "<h1 class='message'>Thank you for registering, $username!</h1>";
            } else {
                echo "<h1 class='message' style='color: red'>There was an Error: </h1>\n" . "<h3>" . mysqli_error($con) . "</h3>";
            }
        } else {
            echo"<h2 class='message'>The passwords you entered don't match. Please try again.</h2>";
        }
    }
}
?>
<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8">
        <title>ACME company</title>
        <link rel="stylesheet" type="text/css" href="acme.css">
        <script>
            function back() {
                window.history.back();
            }

            function hideForm() {
                var form = document.getElementById("newUserForm");
                form.style.display = "none";
            }
            
        </script>
    </head>
    <body>
        <h1 class='message'>Create a new account</h1>
        <h4 class='message smallStuff'><span class='message'>Pick a username and a password to begin.</span></h4>
        <!--NEW USER FORM-->
        <div class="form-group" id="newUserForm">
            <form class="form-horizontal" action="" method="post">
                <!--USERNAME-->
                <div class="form-group">
                    <label class="control-label col-sm-2" for="user">Username</label>
                    <div class="col-sm-8">
                        <input type="text" class="form-control" id="user" placeholder="New Username" name="username">
                    </div>
                </div>
                <!--PASSWORD-->
                <div class="form-group">
                    <label class="control-label col-sm-2" for="pwd">Password:</label>
                    <div class="col-sm-8"> 
                        <input type="password" class="form-control" id="password" placeholder="Enter password" name="password">
                    </div>
                </div>
                <!--CONFIRM PASSWORD-->
                <div class="form-group">
                    <label class="control-label col-sm-2" for="pwd">Confirm Password:</label>
                    <div class="col-sm-8"> 
                        <input type="password" class="form-control" id="password" placeholder="Confirm Password" name="confirmPass">
                    </div>
                </div>
                <!--SUBMIT BUTTON-->
                <div class="form-group"> 
                    <div class="col-sm-offset-2 col-sm-10">
                        <button type="submit" class="btn btn-default" name="submitButton" id="submit" onclick="hideForm()">Submit</button>
                    </div>
                </div>
            </form>
        </div>
    </body>
</html>



And here is my host connection file. I also had a problem with using the object
type of mysqli connection interchangably with the procedural style.

procedural style
$con = mysqli_connect(host, user, pass, db);

object style
$con = new mysqli(host, user, pass, db);

and they should not be treated equally. That was my problem from the very get go.

<?php
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);

$user = 'root';
$password = 'dbpass';
$db = 'Commerce';
$host = 'localhost';

$con = mysqli_connect($host,$user,$password,$db);

// Check connection
if (!$con)
  {
   die("<h1>UNABLE TO CONNECT: </h1>\n" 
     . "<h3>ERROR: " . mysqli_connect_errno() 
     . "<h3>ERROR MESSAGE:<h3>" . mysqli_connect_error());
  }



Thanks for the help everyone.

This post has been edited by Heathersmithx: 28 April 2018 - 12:45 PM

Was This Post Helpful? 1
  • +
  • -

#22 astonecipher   User is offline

  • Senior Systems Engineer
  • member icon

Reputation: 2542
  • View blog
  • Posts: 10,187
  • Joined: 03-December 12

Re: Form doesn't add User to Database

Posted 30 April 2018 - 05:42 AM

Way to go
Was This Post Helpful? 0
  • +
  • -

  • (2 Pages)
  • +
  • 1
  • 2