Solved

Record inserting into database even with form validation in place for empty fields

Posted on 2016-08-28
7
64 Views
Last Modified: 2016-08-28
If I run this code and leave the password blank it will give an error and not insert anything. If I enter a password and leave the email address field empty, it still submits into the database (empty record in email column) but still shows me the error on the page that I must enter an email address. I can't figure out why this is happening. Also, the page does not redirect if signup is successful.

$error = "";
$success = "";

if (isset($_POST['submit'])) {
	
	if (!$_POST['email']) {
		
		$error .="Your email address is required<br>";
	}
	
	if ($_POST['email'] && filter_var($_POST["email"], FILTER_VALIDATE_EMAIL) === false) {

            $error .= "The email address is invalid.<br>";

        }
	
	if (!$_POST['password']) {
		
		$error .="Please enter a password<br>";
		
		
	} 
	
	else {
			
		
	$sql = "SELECT email FROM `users` WHERE email = '".$link->real_escape_string($_POST['email'])."' LIMIT 1";
		
			$result = $link->query($sql);
		
		if($result->num_rows > 0) {

			$error .= "The email, " .$_POST['email']. " ,is already taken";
			
		} else {
			
			$stmt = $link->prepare("INSERT INTO users (email, password) VALUES (?, ?)");
			$stmt->bind_param("ss", $email, $password);
			$email = htmlentities($_POST['email'], ENT_QUOTES);
			$password = trim(password_hash($password, PASSWORD_BCRYPT, [12]));
			$stmt->execute();
			$stmt->close();
                        header:("location: welcome.php");
		}
		
	}

}

Open in new window

0
Comment
Question by:Black Sulfur
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 9

Accepted Solution

by:
Mukesh Yadav earned 500 total points
ID: 41773512
Try this ;)

Instead of else use if condition to check for errors

So, replace
} else {

Open in new window

with
if(empty($error)){

Open in new window

0
 
LVL 1

Author Comment

by:Black Sulfur
ID: 41773513
Excellent, that worked! What about the redirect though? It still doesn't redirect.
0
 
LVL 29

Expert Comment

by:Olaf Doschke
ID: 41773520
Try the full url. See https://en.wikipedia.org/wiki/HTTP_location 
It's true, that the updated HTTP 1.1 specifications...allow(ing) the use of relative URLs in Location headers, but it can't hurt to specify the full url.

Also, do you see errors in error log? Your code does not output anything, which is fine, but if there is anything, even just a space outside of <?php ?> before you send a header, you get an error.

Also things output afterwards may hinder it to work. Put an exit; after sending the header.

Bye, Olaf.
0
Business Impact of IT Communications

What are the business impacts of how well businesses communicate during an IT incident? Targeting, speed, and transparency all matter. Find out more in this infographic.

 
LVL 1

Author Comment

by:Black Sulfur
ID: 41773524
Hi Olaf,

Using exit keeps the url at register.php so it doesn't redirect but the page becomes blank. I get no errors as far as I can see. if I use the full URL (I am running on localhost) it still doesn't redirect.

Do you have a suggestion or method you would use to check for errors just in case I am missing something?
0
 
LVL 1

Author Comment

by:Black Sulfur
ID: 41773599
never mind, I see what I did wrong.

I had header:("

instead of header(

:)
0
 
LVL 29

Expert Comment

by:Olaf Doschke
ID: 41773601
OK, I didn't spot that, too. It surely caused an error. You might have error display off, if this is your productive website, for development every error should be reported.

Bye, Olaf.
0
 
LVL 110

Expert Comment

by:Ray Paseur
ID: 41773795
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Developers of all skill levels should learn to use current best practices when developing websites. However many developers, new and old, fall into the trap of using deprecated features because this is what so many tutorials and books tell them to u…
This article discusses how to implement server side field validation and display customized error messages to the client.
The viewer will learn how to count occurrences of each item in an array.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question