Page 1 of 1
Mysqli Register
Posted: Wed Oct 02, 2013 5:27 am
by Epiales
Okay all... I've been messing around with mysqli for a bit today. Have spent a few hours trying to do a registration page. The page is telling me that mysqli needs to be defined. Why is that?
Code: Select all
Notice: Undefined variable: mysqli in C:\xampp\htdocs\mysqli\register.php on line 17
I am also getting this error:
Code: Select all
Fatal error: Call to a member function prepare() on a non-object in C:\xampp\htdocs\mysqli\register.php on line 17
I thought mysqli and prepare didn't need to be defined? Or maybe I just don't get it... Here is my code:
Code: Select all
<?php
if(isset($_POST['register'])){
$username = $_POST['username'];
$password = $_POST['password'];
$random_salt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
$password = hash('sha512', $password.$random_salt);
$email = $_POST['email'];
$stmt = $mysqli->prepare("INSERT INTO members (username, email, password, salt) VALUES ($_POST[username], $_POST[email], $_POST[password], $random_salt)");
$stmt->bind_param("ssss", $members);
$result = $stmt->execute();
$stmt->close();
return $result;
}
?>
<form action='register.php' method='post' name='register'>
Username: <input type='text' name='username' /><br />
Email: <input type='text' name='email' /><br />
Password: <input type='password' name='password' id='password'/><br />
<input type='submit' id='register' name='register' value='Send' />
</form>
Re: Mysqli Register
Posted: Wed Oct 02, 2013 5:55 am
by Winawer
You aren't creating a mysqli object anywhere. Your query is also wrong, but that's another issue. Check out
http://www.php.net/manual/en/mysqli.quickstart.php
Re: Mysqli Register
Posted: Wed Oct 02, 2013 6:16 am
by Epiales
Here is a better fix I guess, but no matter what examples I see online, and match them perfect with those examples, I get the same errors.
Code: Select all
<?php
if(isset($_POST['register'])){
$username = $_POST['username'];
$password = $_POST['password'];
$random_salt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
$password = hash('sha512', $password.$random_salt);
$email = $_POST['email'];
$stmt = $mysqli->prepare("INSERT INTO members (username, email, password, salt) VALUES (?, ?, ?, ?)");
$stmt->bind_param("ssss", $_POST['username'], $_POST['password'], $_POST['email'], $random_salt);
$stmt->execute();
$stmt->close();
}
?>
<form action='register.php' method='post' name='register'>
Username: <input type='text' name='username' /><br />
Email: <input type='text' name='email' /><br />
Password: <input type='password' name='password' id='password'/><br />
<input type='submit' id='register' name='register' value='Send' />
</form>
Re: Mysqli Register
Posted: Wed Oct 02, 2013 6:19 am
by Winawer
You still need to create a mysqli object.
Re: Mysqli Register
Posted: Wed Oct 02, 2013 6:22 am
by Epiales
Winawer wrote:You still need to create a mysqli object.
I think this is what you meant:
Code: Select all
<?php
include "db_config.php";
if(isset($_POST['register'])){
$username = $_POST['username'];
$password = $_POST['password'];
$random_salt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
$password = hash('sha512', $password.$random_salt);
$email = $_POST['email'];
$stmt = $mysqli->prepare("INSERT INTO members (username, email, password, salt) VALUES (?, ?, ?, ?)");
$stmt->bind_param("ssss", $_POST['username'], $_POST['password'], $_POST['email'], $random_salt);
$stmt->execute();
$stmt->close();
}
?>
<form action='register.php' method='post' name='register'>
Username: <input type='text' name='username' /><br />
Email: <input type='text' name='email' /><br />
Password: <input type='password' name='password' id='password'/><br />
<input type='submit' id='register' name='register' value='Send' />
</form>
Database Config... I had it defined, but in the config file. LOL
Code: Select all
define("DB_HOST","localhost");
define("DB_USER","root");
define("DB_PASS","");
define("DB_NAME"," ");
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
Re: Mysqli Register
Posted: Wed Oct 02, 2013 6:31 am
by Epiales
Okay though, even though it's registering and placing information into the database now, the salt is working great, but the password is the users "typed" password and not coded... Why is that?
Re: Mysqli Register
Posted: Wed Oct 02, 2013 6:33 am
by Winawer
You're binding $_POST['password'], not $password.
Re: Mysqli Register
Posted: Wed Oct 02, 2013 6:40 am
by Epiales
Winawer wrote:You're binding $_POST['password'], not $password.
yeah, that made sense, but when I did the $password only, it won't let me login.
Code: Select all
<script type="text/javascript" src="sha512.js"></script>
<script type="text/javascript" src="forms.js"></script>
<?php
include 'functions.php';
if(isset($_GET['error'])) {
echo 'Error Logging In!';
}
?>
<form action="process_login.php" method="post" name="login_form">
Email: <input type="text" name="email" /><br />
Password: <input type="password" name="p" id="password"/><br />
<input type="button" value="Login" onclick="formhash(this.form, this.form.password);" />
</form>
Form.js
Re: Mysqli Register
Posted: Wed Oct 02, 2013 7:13 am
by Epiales
Okay, updated the forms and such.
Register
Code: Select all
<script type="text/javascript" src="sha512.js"></script>
<script type="text/javascript" src="forms.js"></script>
<?php
include "db_config.php";
if(isset($_POST['register'])){
$password = $_POST['p'];
$username = $_POST['username'];
$email = $_POST['email'];
$random_salt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
$password = hash('sha512', $password.$random_salt);
$stmt = $mysqli->prepare("INSERT INTO members (username, email, password, salt) VALUES (?, ?, ?, ?)");
$stmt->bind_param("ssss", $_POST['username'], $_POST['email'], $password, $random_salt);
$stmt->execute();
$stmt->close();
}
?>
<form action='register.php' method='post' name='register'>
Username: <input type='text' name='username' /><br />
Email: <input type='text' name='email' /><br />
Password: <input type='password' name='p' /><br />
<input type='submit' id='register' name='register' value='Send' onclick="formhash(this.form, this.form.password);" />
</form>
Login
Code: Select all
<script type="text/javascript" src="sha512.js"></script>
<script type="text/javascript" src="forms.js"></script>
<?php
include 'functions.php';
if(isset($_GET['error'])) {
echo 'Error Logging In!';
}
?>
<form action="process_login.php" method="post" name="login_form">
Email: <input type="text" name="email" /><br />
Password: <input type="password" name="p" id="password"/><br />
<input type="button" value="Login" onclick="formhash(this.form, this.form.password);" />
</form>
It enters detail to database, but does not allow for login
Re: Mysqli Register
Posted: Wed Oct 02, 2013 7:49 am
by Epiales
Okay, this is why I hate trying to follow someone else's work LOL... I'm figuring it out though. Just not very fast.
Okay... Login form NOW...
Code: Select all
<script type="text/javascript" src="sha512.js"></script>
<script type="text/javascript" src="forms.js"></script>
<?php
include 'functions.php';
include 'db_config.php';
if(isset($_GET['error'])) {
echo 'Error Logging In!';
$stmt = $mysqli->prepare("SELECT * FROM members WHERE email = ? && password = ?");
$stmt->bind_param('ss', $_POST['email'], $_POST['p']);
$stmt->execute();
$stmt->bind_result($email, $password);
$stmt->fetch();
$stmt->close();
$mysqli->close();
}
?>
<form action="process_login.php" method="post" name="login_form">
Email: <input type="text" name="email" /><br />
Password: <input type="password" name="p" id="password"/><br />
<input type="button" value="Login" onclick="formhash(this.form, this.form.password);" />
</form>
Getting closer, but not yet there... I get this error:
Code: Select all
Warning: mysqli_stmt::bind_result(): Number of bind variables doesn't match number of fields in prepared statement in C:\xampp\htdocs\mysqli\login.php on line 18