php - Why won't my code populate a row in the mysql table?

871

I am trying to allow for user registration, and the code comes back without any errors, but nothing shows up in my db. I can't for the life of me find out why. I don't see anything wrong, but maybe one of you can help me?

Here's the full php file:

<?php

require "includes/constants.php";

$conn = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_NAME);

if(isset($_POST['username'])) {
    $username = $_POST['username'];
    $uLength = strlen($username);
}

if ($uLength >= 4 && $uLength <= 15)
{
}
else
{
    die("Your username must be between 4 and 15 characters.");
}

if($username == "")
{
    die("You didn't tell me what to call you! Please enter a username.");
}

if(isset($_POST['pwd'])) {
    $pwd = $_POST['pwd'];
    $pLength = strlen($pwd);
}

if ($pLength >= 6 && $pLength <= 41)
{
}
else
{
    die("Password must be between 6 and 41 characters.");
}

if($pwd == "")
{
    die("Please enter a password and verify it.");
}

if(isset($_POST['pwd_conf'])) {
    $pwd_conf = $_POST['pwd_conf'];
}
if($pwd != $pwd_conf)
{
    die("Ouch! Your passwords don't match! Try again.");
}

if(isset($_POST['email'])) {
    $email = $_POST['email'];
    $email1 = "@";
    $email_check = strpos($email,$email1);
}

$user_check = "SELECT username FROM users WHERE username='$username'";
if($stmt = mysqli_prepare($conn,$user_check)) {
    mysqli_stmt_execute($stmt);

    if(mysqli_stmt_num_rows($stmt) > 0){
        die("Username is already in use!<br>");
    }
}

$query = "INSERT INTO users (username, password, email) VALUES ('$username', '$pwd', '$email')";

if(!$query)
{
    die("Unfortunately, we can't sign you up because we have problems: ".mysql_error());
}
else
{
    header("Location: login.php");
}

?>    
53

Answer

Solution:

You build a query string, but then never never execute it...

1. $sql = "INSERT ..."
2. ???
3. come to SO to ask why

Also note that you're mixing mysqli and mysql calls (mysql_error call in particular after you define the INSERT query.. The two libraries are NOT interchangeable and NOT compatible with each other

Also note that while you ARE using prepared statements (yay!) you're using them utterly incorrectly (boo hiss) and are vulnerable to SQL injection attacks.

365

Answer

Solution:

You need to use mysql_query() function before if(!$query) Something else

$result = mysql_query($query);
if(!$result){

People are also looking for solutions to the problem: php - Placing javascript/jquery functions in a universally accessible page

Source

Didn't find the answer?

Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.

Ask a Question

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.

Similar questions

Find the answer in similar questions on our website.