*Warning: mysqli_stmt_bind_param() expects parameter 1 to be mysqli_stmt, null given in C:\Program Files\Ampps\www\danik php login system\include\funcs.inc.php on line 64
Warning: mysqli_stmt_execute() expects parameter 1 to be mysqli_stmt, null given in C:\Program Files\Ampps\www\danik php login system\include\funcs.inc.php on line 66
Warning: mysqli_stmt_get_result() expects parameter 1 to be mysqli_stmt, null given in C:\Program Files\Ampps\www\danik php login system\include\funcs.inc.php on line 68
Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, null given in C:\Program Files\Ampps\www\danik php login system\include\funcs.inc.php on line 72*
code below, can you please provide error correction and point me in the right direction to learn why this happened?
// create the functions we've referenced
// checks for empty fields
function emptyInputSignup($name, $username, $email, $password, $password_repeat) {
$result; // declared here so we don't have to declare it in each if/else stmt
if (empty($name) || empty($username) || empty($email) || empty($password) || empty($password_repeat)) {
$result = true; // true means it's empty
}
else {
$result = false; // our desired outcome
}
return $result;
}
// invalid userID
function invalidUID($username) {
$result;
if (!preg_match("/^[a-zA-Z0-9]*$/", $username)) {
$result = true; // if doesn't contain the correct characters, return true, invalid username
}
else {
$result = false;
}
return $result;
}
function invalidEMAIL($email) {
$result;
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$result = true;
}
else {
$result = false;
}
return $result;
}
// true = improper
// if they're not the same input
function passwordMATCH($password, $password_repeat) {
$result;
if ($password !== $password_repeat) {
$result = true;
}
else {
$result = false;
}
return $result;
}
// checks if email and username taken
function uidEXISTS($conn, $username, $email) {
$sqlsearch = "SELECT * FROM users WHERE usersID = ? OR usersEMAIL = ?;"; // the ? is a placeholder
$stmt = mysqli_stmt_init($conn); // begins the prepared statement, we need to give $conn
// allows stmt to use the prepared sqlsearch statement, preventing sql injection attacks
if (!mysqli_stmt_prepare($stmt, $sqlsearch))// if the stmt fails and doesn't accept sql input
header("location: ../signup.php?error=invalidEMAIL");
exit();
}
// if doesn't fail, use this
mysqli_stmt_bind_param($stmt, "ss", $username, $email); // prepared statement, what kind of data are we submitting? two strings = ss
// this user data is now bound to the user
mysqli_stmt_execute($stmt); // executes the sql stmt
// obtains info from the db
$resultData = mysqli_stmt_get_result($stmt); // all the information we're binding and results we're getting, goes into $stmt
// checks to see if $stmt contains info
if ($row = mysqli_fetch_assoc($resultData)) { // $row returns true if data in here; data is in associative array in var $row
return $row; // return all the info from inside the db
// if data already exists inside the db, logs the user in using this data
}
else {
$result = false; // if not data returned from the db, false
return $result;
}
mysqli_stmt_close($stmt);
function createUSER($conn, $name, $username, $email, $password) { // instead of checking against the db, use this to sign up user
// creates user
$sqlsearch = "INSERT INTO users (usersNAME, usersUID, usersEMAIL, usersPASSWORD) VALUES (?, ?, ?, ?);";
// have to be in proper order
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt, $sqlsearch)) { //always check if fails
// if error, it'll send us back to signup page with error message
header("location: ../signup.php?error=statementfailed");
exit();
}
$hashedpwd = password_hash($password, PASSWORD_DEFAULT); // auto-updated & built-in php func()
mysqli_stmt_bind_param($stmt, "ssss", $name, $username, $email, $hashedpwd); // what are we submitting to php?, $stmt, "s" means two strings;
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
header("location: ../signup.php?error=none"); // go here after signing in
exit();
}```
Aucun commentaire:
Enregistrer un commentaire