<?php
if (isset($_POST['signup-submit'])) {
require 'dbh.inc.php';
$firstname = $_POST['firstName'];
$lastname = $_POST['LastName'];
$email = $_POST['email'];
$password = $_POST['password'];
$confirm_password = $_POST['confirm_pwd'];
$profile_pic = $_POST['profile-Upload'];
if (empty($firstname) || empty($lastname) || empty($email) || empty($password) || empty($confirm_password)) {
header("Location: register.php?error=emptyfields&firstname=".$firstname."&lastname=".$lastname."&mail=".$email);
exit();
}
else if (!preg_match("/^[a-zA-Z0-9]*$/", $lastname) && !preg_match("/^[a-zA-Z0-9]*$/", $firstname)) {
header("Location: register.php?error=invalid&firstname&lastname&mail=".$email);
exit();
}
elseif (!filter_var($email, FILTER_VALIDATE_EMAIL) && !preg_match("/^[a-zA-Z0-9]*$/", $firstname)) {
header("Location: register.php?error=invalidmail&invalid&firstname&lastname=".$lastname);
exit();
}
elseif (!filter_var($email, FILTER_VALIDATE_EMAIL) && !preg_match("/^[a-zA-Z0-9]*$/", $firstname) && !preg_match("/^[a-zA-Z0-9]*$/", $lastname)) {
header("Location: register.php?error=invalidmail&invalid&firstname$invalidlastname&invalidemail");
exit();
}
elseif (!filter_var($email, FILTER_VALIDATE_EMAIL) && !preg_match("/^[a-zA-Z0-9]*$/", $lastname)) {
header("Location: register.php?error=invalidmail&invalid&lastname=".$firstname."&lastname=".$lastname);
exit();
}
elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header("Location: register.php?error=invalidmail&firstname=".$firstname."&lastname=".$lastname);
exit();
}
else if (!preg_match("/^[a-zA-Z0-9]*$/", $firstname)) {
header("Location: register.php?error=invalidfirstname&mail=".$email);
exit();
}
else if (!preg_match("/^[a-zA-Z0-9]*$/", $lastname)) {
header("Location: register.php?error=invalidlastname&mail=".$email);
exit();
}
elseif ($password !== $confirm_password) {
header("Location: register.php?error=passwordcheck&mail=".$email."&firstname=".$firstname."$lastname=".$lastname."email=".$email);
exit();
}
else{
$sql = " INSERT INTO users (firstnameUsers, lastnameUsers, emailUers, pwdUsers, profileImage) VALUES (?, ?, ?, ?, ?)";
$stmt = mysqli_stmt_init($conn);
if(!mysqli_stmt_prepare($stmt, $sql)){
header("Location: register.php?error=sqlerror");
exit();
}else{
mysqli_stmt_bind_param($stmt, "sssss", $firstname, $lastname, $email, $password, $profile_pic);
mysqli_stmt_execute($stmt);
header("Location: register.php?recordedsuccesively");
exit();
}
}
}
You should format your code and also give a more detail explanation of your problem. You’re going to be lucky to find someone to help you with the code as it is.
Agreed.
You posted nothing but a run-on, wall of non-sense.
- not formatted
- non-readable
- no context
- no explanation of what IS happening, vs what you EXPECT to happen
These posts either are, or might as well be, bot test posts. Anyway, I added bbcode [code][/code]
tags around it so that it can be read.
I/we have seen this design pattern posted lately on help forums. Wherever you found or were taught this, forget that you ever saw this. This is not how to program. You would never write repeated conditional logic for every combination of inputs.
Instead -
- Put the form and the form processing code on the same page. This will eliminate all that repeated logic and the redirects.
- Detect if a post method form was submitted before referencing any of the form data.
- Don’t copy variables to other variables for nothing. Keep the input data as an array, then operate on elements of the array throughout the remainder of the code.
- Trim all the inputs before validating them. This can be done using one total statement.
- Store validation error messages in an array, using the field name as the main array index. This array is also an error flag. If the array is empty after the end of the validation logic, you can use the submitted form data. You can test/display the contents of this array at the appropriate point in the html document to display the errors.
- Validate all independent inputs at once. Only use conditional logic when performing dependent validation steps on a single input.
- Use exceptions for database statement errors and in most cases let php catch and handle the exception. The exception to this rule is when inserting/updating duplicate or out of range values. In this case, your code would catch the exception, test if the sql error number is for something that your code is designed to handle, then setup a user error message telling the user exactly what was wrong with the data that they submitted.
- Don’t unconditionally output raw database errors onto a live web page and don’t even tell a visitor that a database error occurred when there’s nothing they can do about it.
- The only redirect you should have in post method form processing code is upon successful completion, no errors, is to the exact same url of the current page to cause a get request for the page.
Lastly, if you are just starting out, get your code to work for one form field, then you can worry about the code needed for all the rest of the form fields.