Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <div class="form-group">
- <label for="exampleInputUsername">Username</label>
- <input type="text" name="name" class="form-control" id="exampleInputUsername" placeholder="enter username">
- <span class="error_message"><?php echo $nameErr;?></span>
- </div>
- <div class="form-group">
- <label for="exampleInputEmail1">Email address</label>
- <input type="email" name="email" class="form-control" id="exampleInputEmail1" aria-describedby="emailHelp" placeholder="Enter email">
- <span class="error_message"><?php echo $emailErr;?></span>
- <small id="emailHelp" class="form-text text-muted">We'll never share your email with anyone else.</small>
- </div>
- </html>
- <?php
- if (isset($_POST['signupBtn'])) { // missing open brace
- $name = trim($_POST['name']);
- $email = trim($_POST['email']);
- $hashed_password = password_hash($pwd, PASSWORD_DEFAULT);
- $encrypted = password_hash($cpwd, PASSWORD_BCRYPT);
- // check if user already exist
- $username_exist = "SELECT * FROM signup WHERE username='$username'"; // where is $username?
- $email_exist = "SELECT * FROM signup WHERE email='$email'";
- $username_result = $dbh->prepare($username_exist);
- $email_result = $dbh->prepare($email_exist);
- $username_result->execute();
- $email_result->execute();
- if ($username_result->rowCount() > 0) { // you are assuming your $username_result execute successfully without checking
- // since $username_result execute without binding params, it fails
- $nameErr = "username already taken";
- } elseif ($email_result->rowCount() > 0) {
- // same here, you execute statement without binding params and you didn't check if $email_result returns true/false
- $emailErr = "email taken";
- } else {
- // insert into database
- $insert="INSERT INTO signup(username, email,password,confirm_password) VALUES(:name, :email, :pwd, :cpwd)";
- $statement = $dbh->prepare($insert);
- $statement->bindParam(':name', $name);
- $statement->bindParam(':email', $email);
- $statement->bindParam(':pwd', $hashed_password);
- $statement->bindParam(':cpwd', $encrypted);
- $statement->execute();
- if ($statement->rowCount() > 0) {
- $result = "row inserted";
- }else {
- $result = "insertion failed";
- }
- }
- } // missing closing brace
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement