PHP/MySQL code won't insert userid and password into table

StackOverflow https://stackoverflow.com/questions/20363897

Domanda

I'm working on an assignment and can't seem to get my code to insert the userid and password into my "users" table. The input name is "userid" and "password" - I also used a hashing password example. For the sake of brevity, I left out the code that follows if($result == false). If you don't see any errors, then I will chalk it up to errors in my SQL table/host setup.

Thanks so much.  

<?php

    $userid = $_POST['userid'];
    $password = $_POST['password'];

    require('constants.php');
    include_once('menu.php'); 

    //starts connection
    $dbc = mysqli_connect(HOST,USERID,PASSWORD,DB);

    if(isset($_POST['register'])) {
        $query = "INSERT INTO `users` (`userid`, `password`) VALUES (?,?)";
        // PREPARED STATEMENTS
        $stmt = mysqli_prepare($dbc,$query);

        include('PasswordHash.php');
        $pwdHasher = new PasswordHash(8, false);
        $hash = $pwdHasher->HashPassword($password);

        mysqli_stmt_bind_param($stmt,'ss',$userid,$hash);

        // execute query
        $result = mysqli_stmt_execute($stmt);

    else {
        //user successfully signed in
        //session the session value to the user id
        $_SESSION['uid']=$userid;
        //display the page
        include('displayChat.php');
    }
    }
?>
È stato utile?

Soluzione

I'd suggest moving from mysqli_* to PDO.

I don't really use mysqli_* but this should work. If it doesn't, post all the code you're using to make it easier. Also you were missing a bracket beside your else {

require 'constants.php';
include_once 'menu.php'; 

if( isset($_POST['register']) )
{
    $dbc = mysqli_connect(HOST,USERID,PASSWORD,DB);

    $stmt = mysqli_prepare( $dbc, "INSERT INTO users (userid, password) VALUES ( :userid, :password )" );
    $stmt = mysqli_execute(':userid' =>$_POST['userid'], ':password' => $_POST['password']);

    include('PasswordHash.php');
    $pwdHasher = new PasswordHash(8, false);
    $hash = $pwdHasher->HashPassword($_POST['password']);

    mysqli_stmt_bind_param($stmt,'ss',$_POST['userid'],$hash);

    $result = mysqli_stmt_execute($stmt);

} else {
    $_SESSION['uid']= $userid;

    include_once 'displayChat.php';
}
Autorizzato sotto: CC-BY-SA insieme a attribuzione
Non affiliato a StackOverflow
scroll top