I am new to programming.
Today, I started learning some mysqli so I can make a login form for my "practising site", but I have a problem. If you check down the code you will understand what I want to do.
So any help? Because this doesn't work. It doesn't pass the data I enter in the form. And, is that a correct way to do it and if no which way is more professional? Thanks in advance.
<form action = "<?php $_PHP_SELF ?>" method ="POST">
Username: <input type ="text" name = "username"/> </br>
Password: <input type ="password" name = "password"/> </br>
Email: <input type = "text" name = "email"/> </br>
<input type = "button" value = "Submit"/>
</form>
<?php
ini_set('display_errors', '1');
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
$dbname = 'dbtesting';
$username = $_POST["username"];
$password = $_POST['passsword'];
$email = $_POST['email'];
$query = "INSERT INTO mywebpageusers (username, password, email)
VALUES ('$username', '$password', '$email')";
$conn = new mysqli($dbhost, $dbuser, $dbpass, $dbname);
if($conn->connect_error > 0)
{
die ('Could not connect to database [' . $conn->connect_error . ']');
}
echo 'Connected succesfully!!';
$conn->query($query);
?>
You have some errors:
Forgot the function "echo"
$_PHP_SELF is not a PHP variable, it should be $_SERVER['PHP_SELF'], it's better if you use $_SERVER['SCRIPT_NAME'].
Wrong submit button's type: type="submit"
"$conn->connect_error" is a string, when you compared with 0, it will become 0 => (0 > 0) will return false, so the function "die" never execute
<form action = "<?php echo $_SERVER['PHP_SELF']; ?>" method ="POST">
Username: <input type ="text" name = "username"/> </br>
Password: <input type ="password" name = "password"/> </br>
Email: <input type = "text" name = "email"/> </br>
<input type = "submit" value = "Submit"/>
</form>
<?php
ini_set('display_errors', '1');
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
$dbname = 'dbtesting';
$username = $_POST['username'];
$password = $_POST['passsword'];
$email = $_POST['email'];
$query = "INSERT INTO mywebpageusers (username, password, email)
VALUES ('$username', '$password', '$email')";
$conn = new mysqli($dbhost, $dbuser, $dbpass, $dbname);
var_dump($conn->connect_error); //You can debug variables by var_dump function
if ($conn->connect_error) {
die('Could not connect to database ['.$conn->connect_error.']');
}
echo 'Connected succesfully!!';
$conn->query($query);
?>
Hope this help. This code is enough for practise.
You have to check whether the form is submitted or not. But you code is vulnerable
<?php
ini_set('display_errors', '1');
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
$dbname = 'dbtesting';
if(isset($_POST['submit'])){
$username = $_POST["username"];
$password = $_POST['passsword'];
$email = $_POST['email'];
$query = "INSERT INTO mywebpageusers (username, password, email)
VALUES ('$username', '$password', '$email')";
$conn = new mysqli($dbhost, $dbuser, $dbpass, $dbname);
if($conn->connect_error > 0)
{
die ('Could not connect to database [' . $conn->connect_error . ']');
}
echo 'Connected succesfully!!';
$conn->query($query);
}
?>
<form method ="POST">
Username: <input type ="text" name = "username"/> </br>
Password: <input type ="password" name = "password"/> </br>
Email: <input type = "text" name = "email"/> </br>
<input type = "submit" name="submit" value = "Submit"/>
</form>