API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 21st, 2018
87
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.48 KB | None | 0 0
raw download clone embed print report diff
  1. <html>
  2. <div class="form-group">
  3.             <label for="exampleInputUsername">Username</label>
  4.             <input type="text" name="name" class="form-control" id="exampleInputUsername" placeholder="enter username">
  5.             <span class="error_message"><?php echo $nameErr;?></span>
  6.           </div>
  7.  
  8.           <div class="form-group">
  9.               <label for="exampleInputEmail1">Email address</label>
  10.               <input type="email" name="email" class="form-control" id="exampleInputEmail1" aria-describedby="emailHelp" placeholder="Enter email">
  11.               <span class="error_message"><?php echo $emailErr;?></span>
  12.               <small id="emailHelp" class="form-text text-muted">We'll never share your email with anyone else.</small>
  13.             </div>
  14. </html>
  15.  
  16. <?php
  17. if (isset($_POST['signupBtn'])) { // missing open brace
  18.     $name = trim($_POST['name']);
  19.     $email = trim($_POST['email']);
  20.    
  21.     $hashed_password = password_hash($pwd, PASSWORD_DEFAULT);
  22.     $encrypted = password_hash($cpwd, PASSWORD_BCRYPT);
  23.  
  24.     // check if user already exist
  25.     $username_exist = "SELECT * FROM signup WHERE username='$username'"; // what is $username?
  26.     $email_exist = "SELECT * FROM signup WHERE email='$email'";
  27.  
  28.     $username_result = $dbh->prepare($username_exist);
  29.     $email_result = $dbh->prepare($email_exist);
  30.  
  31.     $username_result->execute();
  32.     $email_result->execute();
  33.  
  34.     if ($username_result->rowCount() > 0) { // you are assuming your $username_result execute successfully without checking
  35.                 // since $username_result execute without binding params, it fails
  36.         $nameErr = "username already taken";
  37.     } elseif ($email_result->rowCount() > 0) {
  38.                 // same here, you execute statement without binding params and you didn't check if $email_result returns true/false
  39.         $emailErr = "email taken";
  40.     } else {
  41.         // insert into database
  42.         $insert="INSERT INTO signup(username, email,password,confirm_password) VALUES(:name, :email, :pwd, :cpwd)";
  43.         $statement = $dbh->prepare($insert);
  44.         $statement->bindParam(':name', $name);
  45.         $statement->bindParam(':email', $email);
  46.         $statement->bindParam(':pwd', $hashed_password);
  47.         $statement->bindParam(':cpwd', $encrypted);
  48.        
  49.         $statement->execute();
  50.  
  51.         if ($statement->rowCount() > 0) {
  52.             $result = "row inserted";
  53.         }else {
  54.             $result = "insertion failed";
  55.         }
  56.  
  57.  
  58.     }
  59. } // missing closing brace
  60. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!