Sign up form not not submitting

General PHP Help
#1

hey whenever i input data into my sign up form and click submit… i am getting nothing on the screen, and nothing is going into my data base.

Can someone check my code and see where I have gone wrong please?

<!DOCTYPE html>

<html lang="en">

<head>

  <link rel="stylesheet" href="signup.css">

  <meta charset="UTF-8">

  <meta http-equiv="X-UA-Compatible" content="IE=edge">

  <meta name="viewport" content="width=device-width, initial-scale=1.0">

  <title>****************</title>

  <link rel="stylesheet" href="./signup.css">

  <script src="./index.js" defer></script>

</head>

<button onclick= "window.location.href = 'index.php';">Go Back</button>

<body>

  <div class="container">

  <div class="h1">

    <h1>******************</h1>

<section class="signup.css">

<h2> Sign Up</h2>

<form action= "Signup.inc.php" method="post" novalidate>

<input type="text" name="name" placeholder="Full name...">

<input type="text" name="email" placeholder="Email...">

<input type="password" name="pwd" placeholder="Password...">

<input type="password" name="pwdrepeat" placeholder="Repeat Password...">

<button type="submit" name="submit">Sign Up</button>

</form>

<?php

    // Error messages

    if (isset($_GET["error"])) {

      if ($_GET["error"] == "emptyinput") {

        echo "<p>Fill in all fields!</p>";

      }

      else if ($_GET["error"] == "invaliduid") {

        echo "<p>Choose a proper username!</p>";

      }

      else if ($_GET["error"] == "invalidemail") {

        echo "<p>Choose a proper email!</p>";

      }

      else if ($_GET["error"] == "passwordsdontmatch") {

        echo "<p>Passwords doesn't match!</p>";

      }

      else if ($_GET["error"] == "stmtfailed") {

        echo "<p>Something went wrong!</p>";

      }

      else if ($_GET["error"] == "usernametaken") {

        echo "<p>Username already taken!</p>";

      }

      else if ($_GET["error"] == "none") {

        echo "<p>You have signed up!</p>";

      }

    }

 

  ?>

<?php

function emptyInputSignup($name, $email, $username, $pwd, $pwdRepeat) {

    $result;

    if (empty($name) || empty($email) || empty($username) || empty($pwd) || empty($pwdRepeat)) {

        $result = true;

    }

    else {

        $result = false;

    }

    return $result;

}

function invalidUid($username) {

    $result;

    if (!preg_match("/^[a-zA-Z0-9]*$/", $username)) {

        $result = true;

    }

    else {

        $result = false;

    }

    return $result;

}

function invalidEmail($email) {

    $result;

    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {

        $result = true;

    }

    else {

        $result = false;

    }

    return $result;

}

function pwdMatch($pwd, $pwdrepeat) {

    $result;

    if ($pwd !== $pwdrepeat) {

        $result = true;

    }

    else {

        $result = false;

    }

    return $result;

}

function uidExists($conn, $username) {

  $sql = "SELECT * FROM users WHERE usersUid = ? OR usersEmail = ?;";

    $stmt = mysqli_stmt_init($conn);

    if (!mysqli_stmt_prepare($stmt, $sql)) {

        header("location: ../Signup.php?error=stmtfailed");

        exit();

    }

    mysqli_stmt_bind_param($stmt, "ss", $username, $username);

    mysqli_stmt_execute($stmt);

    $resultData = mysqli_stmt_get_result($stmt);

    if ($row = mysqli_fetch_assoc($resultData)) {

        return $row;

    }

    else {

        $result = false;

        return $result;

    }

    mysqli_stmt_close($stmt);

}

function createUser($conn, $name, $email, $username, $pwd) {

  $sql = "INSERT INTO users (usersName, usersEmail, usersUid, usersPwd) VALUES (?, ?, ?, ?);";

    $stmt = mysqli_stmt_init($conn);

    if (!mysqli_stmt_prepare($stmt, $sql)) {

        header("location: ../Signup.php?error=stmtfailed");

        exit();

    }

    $hashedPwd = password_hash($pwd, PASSWORD_DEFAULT);

    mysqli_stmt_bind_param($stmt, "ssss", $name, $email, $username, $hashedPwd);

    mysqli_stmt_execute($stmt);

    mysqli_stmt_close($stmt);

    mysqli_close($conn);

    header("location: ../Signup.php?error=none");

    exit();

}

function emptyInputLogin($username, $pwd) {

    $result;

    if (empty($username) || empty($pwd)) {

        $result = true;

    }

    else {

        $result = false;

    }

    return $result;

}

function loginUser($conn, $username, $pwd) {

    $uidExists = uidExists($conn, $username);

    if ($uidExists === false) {

        header("location: ../login.php?error=wronglogin");

        exit();

    }

    $pwdHashed = $uidExists["usersPwd"];

    $checkPwd = password_verify($pwd, $pwdHashed);

    if ($checkPwd === false) {

        header("location: ../login.php?error=wronglogin");

        exit();

    }

    elseif ($checkPwd === true) {

        session_start();

        $_SESSION["userid"] = $uidExists["usersId"];

        $_SESSION["useruid"] = $uidExists["usersUid"];

        header("location: ../index.php?error=none");

        exit();

    }

}
<?php

if (isset($_POST["submit"])) {

 

  $name = $_POST["name"];

  $email = $_POST["email"];

  $pwd = $_POST["pwd"];

  $pwdRepeat = $_POST["pwdrepeat"];

  require_once "dbh.inc";

  require_once 'functions.inc.php';

  if (emptyInputSignup($name, $email, $username, $pwd, $pwdRepeat) !== false) {

    header("location: ../Signup.php?error=emptyinput");

        exit();

  }

  if (invalidEmail($email) !== false) {

    header("location: ../Signup.php?error=invalidemail");

        exit();

  }

  if (pwdMatch($pwd, $pwdRepeat) !== false) {

    header("location: ../Signup.php?error=passwordsdontmatch");

        exit();

  }

  if (uidExists($conn, $username) !== false) {

    header("location: ../Signup.php?error=usernametaken");

        exit();

  }

  createUser($conn, $name, $email, $username, $pwd);

} else {

    header("location: ../Signup.php");

    exit();

}
<?php

$servername = "localhost";

$dBUsername = "root";

$dBPassword = "";

$dBname = "Signup_db";

$conn = mysqli_connect($servername,$dBUsername,$dBPassword,$dBname);

if (!$conn) {

    die("Connection failed: " . mysqli_connect_error());

}
#2

To post code on the forum, either add bbcode [code][/code]tags or markdown three back-tacks ``` on lines before/after your code. I have edited your post above to add these.

You have apparently posted code for multiple files without identifying the file name of each section. Could you please edit your post above to break the code apart by file and add the filenames for each section.

Because we don’t know how this code goes together, until you provide the file names, there’s no specific help that can be given.

As to the posted code, whatever learning resource you are using, it has resulted in 2-3 times too much code, that’s insecure, provides a poor user experience, that’s filled with unnecessary logic, and apparently doesn’t have enough validation and error handling so that it will tell you why it doesn’t work.

The biggest problems with the implementation are -

  1. The form processing code and form should be on the same page. This will eliminated a lot of the logic and prevent a phishing attack that the code is currently open to.
  2. The code for any page should be laid out in this general order - 1) initialization, 2) post method form processing, 3) get method business logic - get/produce data needed to display the page, 4) html document.
  3. The only redirect should be upon successful completion of the form processing code and it should be to the exact same URL of the current page to cause a get request for that page. This will prevent the browser from trying to resubmit the form data.
  4. If you switch to the much simpler and more modern PDO database extension, over half of the database specific code will go away.
  5. You should be using exceptions for database statement errors (this is the default setting now in php8+) and only catch and handle exceptions in your code for user recoverable errors, such as when inserting/updating duplicate user submitted data.
  6. The only value that should be stored in a session variable upon successful login is the user id (autoincrement primary index.) You should query on each page request to get any other user data.
  7. The post method form processing should first detect if a post method form was submitted, trim all the inputs, then validate all the inputs.
#3

Here’s another security problem. By not giving the file a .php extension, anyone guessing the file name or if they can see a listing of files due to a mis-configured server, can browse to this file and see the database connection credentials. Any file that contains php code should have a .php extension.

As to what might be occurring, do you have php’s error_reporting set to E_ALL and display_errors set to ON, preferably in the php.ini on your development system, so that php will help you by reporting and displaying all the errors it detects? Stop and start your web server to get any changes made to the php.ini to take effect and check that the settings actually got changed by using a phpinfo() statement in a .php script.

Sign up form connecting to php database
#4

see here

Sponsor our Newsletter | Privacy Policy | Terms of Service