My Blog: php - Data not coming up on database -

php - Data not coming up on database -

i followed tutorial on youtube, making social network. had register user. when register, nil shows on database.. files are:

index.php

 <?php include ("./inc/header.inc.php");?>     <?php     date_default_timezone_set('utc');     $reg = @$_post['reg'];     //declaring variables     $fn = "";//first name     $ln ="";//last name     $un = "";//username     $em = "";//email     $em2 = "";//email 2     $pswd = "";//password     $pswd2 = "";//password 2     $d = "";//sign date $u_check = ""; // check if username exists //registration form $fn = strip_tags(@$_post['fname']); $ln = strip_tags(@$_post['lname']); $un = strip_tags(@$_post['username']); $em = strip_tags(@$_post['email']); $em2 = strip_tags(@$_post['email2']); $pswd = strip_tags(@$_post['password']); $pswd2 = strip_tags(@$_post['password2']); $d = date("y-m-d"); // year - month - day  if ($reg) { if ($em==$em2) { // check if user exists $u_check = mysqli_query("select username users username='$un'"); // count amount of rows username = $un $check = mysqli_num_rows($u_check); //check whether email exists in database $e_check = mysqli_query("select email users email='$em'"); //count number of rows returned $email_check = mysqli_num_rows($e_check); if ($check == 0) {   if ($email_check == 0) { //check of fields have been filed in if ($fn&&$ln&&$un&&$em&&$em2&&$pswd&&$pswd2) { // check passwords match if ($pswd==$pswd2) { // check maximum length of username/first name/last name not exceed 25 characters if (strlen($un)>25||strlen($fn)>25||strlen($ln)>25) { echo "the maximum limit username/first name/last name 25 characters!"; } else { // check maximum length of password not exceed 25 characters , not less 5 characters if (strlen($pswd)>30||strlen($pswd)<5) { echo "your password must between 5 , 30 characters long!"; } else { //encrypt password , password 2 using md5 before sending database $pswd = md5($pswd); $pswd2 = md5($pswd2); $query = mysqli_query("insert users values ('','$un','$fn','$ln','$em','$pswd','$d','0','write yourself.','','','no')"); die("<h2>welcome findfriends</h2>login  business relationship started ..."); } } } else { echo "your passwords don't match!"; } } else { echo "please fill in of fields"; } } else {  echo "sorry, looks has used email!"; } } else { echo "username taken ..."; } } else { echo "your e-mails don't match!"; } } ?> <? //login script if (isset($_post["user_login"]) && isset($_post["password_login"])) {     $user_login = preg_replace('#[^a-za-z0-9]#i', '', $_post["user_login"]); // filter numbers , letters     $password_login = preg_replace('#[^a-za-z0-9]#i', '', $_post["password_login"]); // filter numbers , letters     $md5password_login = md5($password_login);     $sql = mysqli_query("select id users username='$user_login' , password='$md5password_login' , closed='no' limit 1"); // query person     //check existance     $usercount = mysqli_num_rows($sql); //count number of rows returned     if ($usercount == 1) {         while($row = mysqli_fetch_array($sql)){               $id = $row["id"];     }          $_session["id"] = $id;          $_session["user_login"] = $user_login;          $_session["password_login"] = $password_login;          exit("<meta http-equiv=\"refresh\" content=\"0\">");         } else {         echo 'that  info incorrect,  seek again';         exit();     } } ?> <div style="float: left;">             <h2>already memeber? login below ...</h2>             <form action="index.php" method="post" name="form1" id="form1">                 <input type="text" size="40" name="user_login" id="user_login" class="auto-clear" title="username ..." /><p />                 <input type="text" size="40" name="password_login" id="password_login" value="password ..." /><p />                 <input type="submit" name="button" id="button" value="login account">             </form>             </div>            <div style="float: right; width: 240px;">             <h2>sign below ...</h2>            <form action="#" method="post">            <input type="text" size="40" name="fname"  class="auto-clear" title="first name" value="<? echo $fn; ?>"><p />            <input type="text" size="40" name="lname" class="auto-clear" title="last name" value="<? echo $ln; ?>"><p />            <input type="text" size="40" name="username" class="auto-clear" title="username" value="<? echo $un; ?>"><p />            <input type="text" size="40" name="email" class="auto-clear" title="email" value="<? echo    $em; ?>"><p />            <input type="text" size="40" name="email2" class="auto-clear" title="repeat email" value="        <? echo $em2; ?>"><p />            <input type="password" size="40" name="password" value="password ..."><p />            <input type="password" size="40" name="password2" value="password ..."><p />            <input type="submit" name="reg" value="sign up!">            </form>            </div>

connect.inc.php:

<?php  $con = mysqli_connect("localhost", "root", "password") or die("unable connect"); mysqli_select_db($con, "socialnetworkdatabase") or die("could not open db");  mysqli_close($con);  ?>

when open database on phpmyadmin, shows : mysql returned empty result set (i.e. 0 rows). (query took 0.0000 seconds.)

i edited code index.php , looks this:

<?php include ("./inc/header.inc.php");?> <?php include("./inc/connect.inc.php");?> <?php $con = mysqli_connect("localhost" ,"root" ,"iamanasian", "theworlddatabase" ); date_default_timezone_set('utc'); if(isset($_post['reg'])){ $reg = $_post['reg']; //declaring variables $fn = "";//first name $ln ="";//last name $un = "";//username $em = "";//email $em2 = "";//email 2 $pswd = "";//password $pswd2 = "";//password 2 $d = "";//sign date $u_check = ""; // check if username exists //registration form $fn = stripslashes($_post['fname']); $fn = mysqli_real_escape_string($con,$_post['fname']); $ln = stripslashes($_post['lname']); $ln = mysqli_real_escape_string($con,$_post['lname']); $un = stripslashes($_post['username']); $un = mysqli_real_escape_string($con,$_post['username']); $em = stripslashes($_post['email']); $em = mysqli_real_escape_string($con,$_post['email']); $em2 = stripslashes($_post['email2']); $em2 = mysqli_real_escape_string($con,$_post['email2']); $pswd = stripslashes($_post['password']); $pswd = mysqli_real_escape_string($con,$_post['password']); $pswd2 = stripslashes($_post['password2']); $pswd2 = mysqli_real_escape_string($con,$_post['password2']); $d = date("y-m-d"); // year - month - day if ($reg) { if ($em==$em2) { // check if user exists $u_check = mysqli_query($con, "select username users username='$un'");  // count amount of rows username = $un $check = mysqli_num_rows($u_check); //check whether email exists in database $e_check = mysqli_query($con,"select email users email='$em'");  //count number of rows returned $email_check = mysqli_num_rows($e_check); if ($check == 0) {   if ($email_check == 0) { //check of fields have been filed in if ($fn&&$ln&&$un&&$em&&$em2&&$pswd&&$pswd2) { // check passwords match if ($pswd==$pswd2) { // check maximum length of username/first name/last name not exceed 25 characters if (strlen($un)>25||strlen($fn)>25||strlen($ln)>25) { echo "the maximum limit username/first name/last name 25 characters!"; } else { // check maximum length of password not exceed 25 characters , not less 5 characters if (strlen($pswd)>30||strlen($pswd)<5) { echo "your password must between 5 , 30 characters long!"; } else { //encrypt password , password 2 using md5 before sending database $pswd = md5($pswd); $pswd2 = md5($pswd2); $query = mysqli_query($con,"insert users (id, username, first_name, last_name, email, password, sign_up_date, activated ) values ('','$un','$fn','$ln','$em','$pswd','$d','0','write yourself.','','','no')"); die("<h2>welcome findfriends</h2>login  business relationship started ..." ) or die(mysqli_error($con)); } } } else { echo "your passwords don't match!"; } } else { echo "please fill in of fields"; } } else {  echo "sorry, looks has used email!"; } } else { echo "username taken ..."; } } else { echo "your e-mails don't match!"; } } }   ?>                 <div style="width: 800px; margin: 0px auto 0px auto;">                 <table>                         <tr>                             <td width="60%" valign="top">                                 <h2>enter new world today!</h2>                             </td>                             <td width="40%" valign="top">                                 <h2>sign below!</h2>                                 <form action="#" method="post">                                     <input type="text" name="fname" size="25" placeholder="first name"><br/> <br/>                                       <input type="text" name="lname" size="25" placeholder="last name"><br/><br/>                                     <input type="text" name="username" size="25" placeholder="username"><br/><br/>                                     <input type="text" name="email" size="25" placeholder="email"><br/><br/>                                     <input type="text" name="email2" size="25" placeholder="re-enter email"><br/><br/>                                     <input type="password" name="password" size="25" placeholder="password"><br/><br/>                                     <input type="password" name="password2" size="25" placeholder="re-enter password"><br/><br/>                                     <input type="submit" name="reg" value="enter world!">                                    </form>                             </td>                         </tr>                 </table>  <?php include ("./inc/footer.inc.php");?>

and it's still not working

firstly, not passing db connection variable $con of queries, it's required.

$u_check = mysqli_query("select username users username='$un'");  $e_check = mysqli_query("select email users email='$em'");  $query = mysqli_query("insert users values ('','$un','$fn','$ln','$em','$pswd','$d','0','write yourself.','','','no')");  $sql = mysqli_query("select id users username='$user_login' , password='$md5password_login' , closed='no' limit 1"); // query person

use , same others:

mysqli_query($con, "select ...

mysqli_query($con, "insert ...

sidenote insert: best include actual columns when doing insert.

i.e.: insert table (column_x, column_y) values ('value_x', 'value_y')

you're potentially missing session_start(); since using sessions, required , placed @ top of every file using sessions.

you should using or die(mysqli_error($con)) mysqli_query() in order errors, if any.

also, adding top of files:

error_reporting(e_all); ini_set('display_errors', 1);

sidenote: error reporting should done in staging, , never production.

remove @ symbols post variables; suppress potential errors.

plus, instead of strip_tags() strips out html , php tags string, utilize mysqli_real_escape_string() , stripslashes()

i.e.:

$fn = stripslashes($_post['fname']); $fn = mysqli_real_escape_string($con,$_post['fname']);

and same others.

your nowadays code open sql injection.

use mysqli prepared statements, or pdo prepared statements.

for password storage, utilize of next , not utilize md5, old , considered broken.

crypt_blowfish or php 5.5's password_hash() function. php < 5.5 utilize password_hash() compatibility pack.

edit:

place next , wrap braces within code wish execute:

// related named submit button if(isset($_post['reg'])){ // code execute }

which why you're getting undefined index: reg notice.

edit #2:

place next , wrap braces within code wish execute:

<?php include ("./inc/header.inc.php");?> <?php date_default_timezone_set('utc');  if(isset($_post['reg'])){  $reg = $_post['reg'];  //declaring variables $fn = "";//first name $ln ="";//last name  //  set rest of code      } }  } // closing brace if(isset($_post['reg'])) ?> <div style="float: left;">    // rest of code

parse error: syntax error, unexpected '{

that caused short tags not beingness set.

change

<? //login script

<?php //login script

php mysql

My Blog

Thursday, 15 January 2015

php - Data not coming up on database -

No comments:

Post a Comment