问题
im trying to write a sign up code in php mysqli and phpmyadmin. im having struggle in that.
i have written the code as shown below but nothing happens when its run ie when a user tries to signs up. all the major coding is done I can not figure out where the problem/s is/are.
i have considered all that steps that should be taken in the process ie validate user data, checking the db for current usernames.
I would be grateful if anyone could assist me with this and point in the right direction!
<?php
include 'include/db-conn.php';
if (isset($_POST['register'])) {
// Raw Inputs
$raw_user_username = trim($_POST['user_name']);
$raw_user_email = trim($_POST['user_email']);
//Radio Implode
// $raw_user_role_type_name = trim($_POST['user_role_type']);
// $imp_user_role_type_name = implode("," , $raw_user_role_type_name);
$raw_user_password = $_POST['user_password'];
$raw_user_password_confirm = $_POST['user_password_confirm'];
//Random User ID Generator
$random_user_id = rand(1,100);
//Cleaned Inputs
$cleaned_user_name = filter_var($raw_user_username,FILTER_SANITIZE_STRING);
$cleaned_user_email = filter_var($raw_user_email,FILTER_VALIDATE_EMAIL);
//$cleaned_user_role_type = filter_var($imp_user_role_type,FILTER_SANITIZE_STRING);
$cleaned_user_password = filter_var($raw_user_password,FILTER_SANITIZE_STRING);
$cleaned_user_confirm_password = filter_var($raw_user_password_confirm,FILTER_SANITIZE_STRING);
//Password Hashed
$hashed_user_password = md5($cleaned_user_password);
//Make username into lowercase
$username_lowercase = str_lower($cleaned_user_name);
//Error Messages
$email_empty = "Please Provide an Valid Email";
$email_taken = "Email Provided already Exist";
$username_empty = "Please Provide an Valid Username";
$username_taken = "Username Provided already Exist";
$user_role_type_empty = "Please Select an User Role Type";
$password_empty = "Password Field is empty please provide a Password";
$password_dont_match = "Confirm password dont match";
$sign_up_success = "Congratulation Your Account was Created Successfully";
$sign_up_not_success = "Sorry Your Account was Not Created Successfully";
//Input Field Empty Check
if (empty($cleaned_user_name)) {
echo $email_empty;
}
if (empty($cleaned_user_email)) {
echo $username_empty;
}
if (empty($cleaned_user_role_type)) {
echo $user_role_type_empty;
}
if (empty($cleaned_user_password)) {
echo $password_empty;
}
// User Name Length Check
if ($cleaned_user_name < 6) {
echo "Your Username Must be at least 6 Charachter Long";
}
// Password Length Check
if ($cleaned_user_password < 8) {
echo "Your Password Must be at least 8 Charachter Long";
}
if ($cleaned_user_password != $cleaned_password_confirm) {
echo "Both Passowrd should Match";
}
//SQL Query Email Check
$user_email = "SELECT `user_email` FROM `all_users` WHERE `user_email`='$cleaned_user_email'";
$user_email_result = mysqli_query($conn , $user_email);
if (mysqli_num_rows($user_email_result)>0) {
echo $email_taken ;
}
//SQL Query Username Check
$user_name = "SELECT `user_name` FROM `all_users` WHERE `user_name`='$username_lowercase'";
$user_result = mysqli_query($conn , $user_name);
if (mysqli_num_rows($user_name_result)>0) {
echo $username_taken;
}
//SQL Query Register User
$register_user = "INSERT INTO `all_users` (`user_name`,`user_random_id`,`user_email`,`user_password`,`status`)
VALUES ('$username_lowercase','$user_random_id','$cleaned_user_email','$hashed_user_password','0')";
$run_register = mysqli_query($conn,$register_user);
if ($run_register) {
header("Location: master-admin-panel/index.php");
echo $sign_up_success;
//Send Email to User
//Make Query for the email Content from the DB Email Templates
$user_signup_email = "SELECT * FROM `email_templates` WHERE `id`='1'";
$user_signup_email_result = mysqli_query($conn, $user_signup_email);
$row_result = mysqli_fetch_assoc($user_signup_email_result);
//Row Data
$email_template_name = $row_result['email_template_name'];
$email_from = $row_result['email_from'];
$email_subject = $row_result['email_subject'];
$cc_email = $row_result['cc_email'];
$email_content = $row_result['email_content'];
$to = "$cleaned_user_email";
$subject = "$email_subject";
$message = "
<html>
<head>
<title> $email_subject </title>
</head>
<body>
<p>Hi, $cleaned_user_name</p>
$email_content
</body>
</html>
";
// Always set content-type when sending HTML email
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
// More headers
$headers .= 'From: <$email_from >' . "\r\n";
$headers .= 'Cc: $cc_email' . "\r\n";
mail($to,$subject,$message,$headers);
}
else{
echo $sign_up_not_success;
}
}
?>
and here is the html part.
<div class="panel panel-default">
<div class="panel-heading">Sign Up</div>
<div class="panel-body">
<form action="register.php" method="POST">
<!---->
<div class="form-group hidden">
<label for="user_role_type"> <span class="mr10">User Type </span>
<input type="radio" name="user_role_type[]" value="1">
<span class="ml10 fa fa-user"></span>
</label>
</div>
<hr>
<!---->
<div class="form-group">
<label for="username">Username</label>
<input required="required" placeholder="enter here" type="text" name="user_name" class="form-control">
</div>
<hr>
<!---->
<div class="form-group">
<label for="user_email">Email</label>
<input required="required" placeholder="enter here" type="email" name="user_email" class="form-control">
</div>
<hr>
<!---->
<div class="form-group">
<label for="user_password">Password</label>
<input required="required" placeholder="enter here" type="password" name="user_password" class="form-control">
</div>
<hr>
<!---->
<div class="form-group">
<label for="user_password_confirm">Password Confirm</label>
<input r checked="checked" disabledelaceholder="enter here" type="password" name="user_password_confirm" class="form-control">
</div>
<hr>
<p class="text-center">Please read our
<a href="cms-pages/privacy-policy.php">Privacy Policy</a> ,
<a href="cms-pages/terms-conditions.php">Terms and Conditions </a> and
<a href="cms-pages/cookie-policy.php">Cookie Policy </a> before Signing Up</p>
</div>
<div class="panel-footer">
<div class="form-group">
<input class="form-control btn-success" type="submit" value="Sign Up" name="
register">
</div>
</div>
</form>
</div>
I managed to get the code to work but now i have this problem during sign up there are some conditions in if statement if they are true the user is prompted to fix those the insert of user should go ahead , but currently even if those conditions aren't met the user user is registered it shouldn't be like that.
this is the improved php code
<?php
include 'include/db-conn.php';
ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL);
if (isset($_POST['add_user'])) {
// Raw Inputs
$raw_username = trim($_POST['u_name']);
$raw_user_email = trim($_POST['u_email']);
//Radio Implode
// $raw_user_role_type_name = trim($_POST['user_role_type']);
// $imp_user_role_type_name = implode("," , $raw_user_role_type_name);
$raw_user_password = $_POST['u_password'];
$raw_user_password_confirm = $_POST['u_password_confirm'];
//Random User ID Generator
$random_user_id = rand(1,100);
//Cleaned Inputs
$cleaned_username = filter_var($raw_username,FILTER_SANITIZE_STRING);
$cleaned_user_email = filter_var($raw_user_email,FILTER_VALIDATE_EMAIL);
//$cleaned_user_role_type = filter_var($imp_user_role_type,FILTER_SANITIZE_STRING);
$cleaned_user_password = filter_var($raw_user_password,FILTER_SANITIZE_STRING);
$cleaned_user_confirm_password = filter_var($raw_user_password_confirm,FILTER_SANITIZE_STRING);
//Password Hashed
$hashed_user_password = md5($cleaned_user_confirm_password);
//Error Messages
//Error Mwssages
$empty = '<div class="alert alert-danger alert-dismissible">
<a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
<strong>Error!</strong>Field is empty please provide content!
</div>
';
$success = '<div class="alert alert-success alert-dismissible fixed-top">
<a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
<strong>Success!</strong>
</div>
';
$not_success = '<div class="alert alert-danger alert-dismissible">
<a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
<strong>Not Success!</strong>
</div>
';
$email_empty = '<div class="alert alert-danger alert-dismissible">
<a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
<strong>Not Success!</strong> Please Provide an Valid Email
</div>
';
$email_taken = '<div class="alert alert-danger alert-dismissible">
<a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
<strong>Not Success!</strong> Email Provided already Exist
</div>
';
$username_empty = '<div class="alert alert-danger alert-dismissible">
<a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
<strong>Not Success!</strong> Please Provide an Valid Username
</div>
';
$username_taken = '<div class="alert alert-danger alert-dismissible">
<a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
<strong>Not Success!</strong> Username Provided already Exist
</div>
';
$user_role_type_empty = '<div class="alert alert-danger alert-dismissible">
<a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
<strong>Not Success!</strong> Please Select an User Role Type
</div>
';
$password_empty = '<div class="alert alert-danger alert-dismissible">
<a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
<strong>Not Success!</strong> Password Field is empty please provide a Password
</div>
';
$password_dont_match = '<div class="alert alert-danger alert-dismissible">
<a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
<strong>Not Success!</strong> Confirm password dont match
</div>
';
$username_short = '<div class="alert alert-danger alert-dismissible">
<a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
<strong>Not Success!</strong> User Name short
</div>
';
$password_short = '<div class="alert alert-danger alert-dismissible">
<a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
<strong>Not Success!</strong> Password to Short
</div>
';
//Input Field Empty Check
if (empty($cleaned_username)) {
echo $username_empty;
}
if (empty($cleaned_user_email)) {
echo $email_empty;
}
//if (empty($cleaned_user_role_type)) {
//echo $user_role_type_empty;
//}
if (empty($cleaned_user_password & $cleaned_user_confirm_password)) {
echo $password_empty;
}
// User Name Length Check
if ($cleaned_username < 6) {
echo $username_short;
}
// Password Length Check
if ($cleaned_user_password < 8) {
echo $password_short;
}
if ($cleaned_user_password != $cleaned_user_confirm_password) {
echo $password_dont_match;
}
//SQL Query Email Check
$user_email = "SELECT `u_email` FROM `user_records` WHERE `u_email`='$cleaned_user_email'";
$user_email_result = mysqli_query($conn, $user_email);
if (mysqli_num_rows($user_email_result)>0) {
echo $email_taken;
}
//SQL Query Username Check
$user_name = "SELECT `u_name` FROM `user_records` WHERE `u_name`='$cleaned_username'";
$user_name_result = mysqli_query($conn, $user_name);
if (mysqli_num_rows($user_name_result)>0) {
echo $username_taken;
}
//SQL Query Register User
$register_user = "INSERT INTO `user_records` (`u_name`,`u_password`,`u_email`,`status`)
VALUES ('$cleaned_username', '$hashed_user_password','$cleaned_user_email','0')";
$run_register = mysqli_query($conn, $register_user);
if ($run_register) {
echo $success;
}
else{
echo $not_success;
}
}
?>
and this is the improved html code
<div class="panel panel-default">
<div class="panel-heading">Sign Up</div>
<div class="panel-body">
<form action="sign-up-script.php" method="POST">
<!---->
<div class="form-group">
<label for="username">Username</label>
<input placeholder="enter here" type="text" name="u_name" class="form-control">
</div>
<hr>
<!---->
<div class="form-group">
<label for="user_email">Email</label>
<input placeholder="enter here" type="email" name="u_email" class="form-control">
</div>
<hr>
<!---->
<div class="form-group">
<label for="user_password">Password</label>
<input placeholder="enter here" type="password" name="u_password" class="form-control">
</div>
<hr>
<!---->
<div class="form-group">
<label for="user_password_confirm">Password Confirm</label>
<input placeholder="enter here" type="password" name="u_password_confirm" class="form-control">
</div>
<hr>
<p class="text-center">Please read our
<a href="cms-pages/privacy-policy.php">Privacy Policy</a> ,
<a href="cms-pages/terms-conditions.php">Terms and Conditions </a> and
<a href="cms-pages/cookie-policy.php">Cookie Policy </a> before Signing Up
</p>
</div>
<div class="panel-footer">
<div class="form-group">
<input class="form-control btn-success" type="submit" value="Sign Up" name="add_user">
</div>
</div>
</form>
</div>
回答1:
While inserting data in database, you should check existing data. either it exist or not, you may achieve this by performing a Select * from table name query and then comparing all your columns one by one with your input fields using loop.
来源:https://stackoverflow.com/questions/53023485/kindly-have-a-look-at-this-code-and-let-me-know-where-i-got-it-wrong