1

I'm new to PHP/SQL and tried a tutorial. I created a database with an user who has read and write permissions. Also a table named "employees" with columns: username, password, email, token

This is my code:

<!DOCTYPE html>
<html lang="en" dir="ltr">
  <head>
    <meta charset="utf-8">
    <title>Account erstellen</title>
  </head>
  <body>
    <?php
    if(isset($_POST["submit"])){
      require("mysql.php");
      $stmt = $mysql->prepare("SELECT * FROM employees WHERE USERNAME = :user"); //Username überprüfen
      $stmt->bindParam(":user", $_POST["username"]);
      $stmt->execute();
      $count = $stmt->rowCount();
      if($count == 0){
        //Username ist frei
        $stmt = $mysql->prepare("SELECT * FROM employees WHERE EMAIL = :email"); //Username überprüfen
        $stmt->bindParam(":email", $_POST["email"]);
        $stmt->execute();
        $count = $stmt->rowCount();
        if($count == 0){
          if($_POST["pw"] == $_POST["pw2"]){
            //User anlegen
            $stmt = $mysql->prepare("INSERT INTO employees (USERNAME, PASSWORD, EMAIL, TOKEN) VALUES (:user, :pw, :email, null)");
            $stmt->bindParam(":user", $_POST["username"]);
            $hash = password_hash($_POST["pw"], PASSWORD_BCRYPT);
            $stmt->bindParam(":pw", $hash);
            $stmt->bindParam(":email", $_POST["email"]);
            $stmt->execute();
            echo "Account created successfully";
          } else {
            echo "Passwords doesn't match";
          }
        } else {
          echo "E-Mail is already used";
        }
      } else {
        echo "Username not available";
      }
    }
     ?>
    <h1>Account erstellen</h1>
    <form action="register.php" method="post">
      <input type="text" name="username" placeholder="Username" required><br>
      <input type="text" name="email" placeholder="Email" required><br>
      <input type="password" name="pw" placeholder="Passwort" required><br>
      <input type="password" name="pw2" placeholder="Passwort wiederholen" required><br>
      <button type="submit" name="submit">Erstellen</button>
    </form>
    <br>
    <a href="index.php">Do you have already a account?</a>
  </body>
</html>

After entering username, mail and 2x password into my form and click on "create" I get the message "Account created successfully" but the values aren't in my database.

I tried to debug it with F12(Firefox)the parameters get passed.......

Improve this question
3
  • Check the server's error logs. Commented Apr 6, 2020 at 17:18
  • After $stmt->execute(); use php.net/manual/en/pdostatement.rowcount.php that will tell you if it inserted a row or not. The execute call just means to was sent. Commented Apr 6, 2020 at 17:21
  • The value returned by $stmt->execute() should not be ignored. Commented Apr 6, 2020 at 17:26

2 Answers 2

Reset to default
1

https://www.php.net/manual/en/pdostatement.rowcount

RowCount does not return the count for select queries under some conditions. You could get the results of the query with a if ($stmt->fetchColumn() !== false).

Also, there's no error handling for the $stmt->execute (unless you have the exception turned on: $mysql->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);), so it will present "Account created successfully" even if that statement failed. Try if ($stmt->execute()) { good } else { bad } That's also a good place for the ->rowCount()

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Thanks for your help!

My mistake was a dumb one.. I didn't accepted "null" values for "Token" so the insert failed everytime. Thanks for the tipps I'll do an error handling :P

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.