Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- adduser_process.php not adding information to MySQL table
- <form name="adduser_form" action="process/adduser_process.php" method="post">
- Username:<input id="username" type="test" name="username" />
- Email:<input id="email" type="text" name="email" />
- Password:<input id="password" type="password" name="password" />
- <input id="add_usr" type="button" value="Add User" onclick="formhash(this.form, this.form.password);" />
- </form>
- function formhash(form, password) {
- var p = document.createElement("input");
- form.appendChild(p);
- p.name = "p";
- p.type = "hidden";
- p.value = hex_sha512(password.value);
- password.value = "";
- form.submit();
- }
- include '../includes/lgn_connect.php';
- include '../includes/functions.php';
- sec_session_start();
- $password = $_POST['p'];
- $random_salt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
- $password = hash('sha512', $password.$random_salt);
- if($insert_stmt = $mysqli->prepare("INSERT INTO users (username, email, password, salt) VALUES (?, ?, ?, ?)")) {
- $insert_stmt->bind_param('ssss', $username, $email, $password, $random_salt);
- $insert_stmt->execute();
- }
- <input id="username" type="test" name="username" /> //should be
- <input id="username" type="text" name="username" />
- if($insert_stmt = $mysqli->prepare("INSERT INTO users (username, email, password, salt) VALUES (?, ?, ?, ?)")) //should be
- if(($insert_stmt = $mysqli->prepare("INSERT INTO users (username, email, password, salt) VALUES (?, ?, ?, ?)")))
- session_start();
Add Comment
Please, Sign In to add comment