CODEWITHSUNDEEP
phpfunctionpost
Domiq
Domiq

Reputation: 77

PHP POST and a function, Im doing something wrong

Im not sure if POST is not working or if function is not working. So heres the code for one page:

<?php require_once("includes/Functions.php"); ?>
<?php include("includes/front.php"); ?>
<div id="register"> 
<form action="Includes/Functions.php" method="post" name="createUser"> 
Username: <input type="text" name="user" maxlength="16"/><br />
Password: <input type="password" name="pass" maxlength="30"/><br />
Repeat password: <input type="password"/><br />
E-mail: <input type="email" name="mail"/><br />             
<input type="submit" value="Next" />            
</form>
<a href="/login.php">Log in</a>  
</div>
</body>
</html>
<?php include("includes/footer.php"); ?>

Here is the begining of functions.php:

<?php require_once("connect.php"); ?>
<?php
if(isset($_POST["createUser"]) && isset($_POST["user"], $_POST["pass"],    $_POST["mail"])){
call_user_func_array("createUser", array($_POST("user"), $_POST("pass"), $_POST("mail")));
}

Using echo method of troubleshooting I see that echo is working everywhere in code but not in the function I need.

Here is the function:

function createUser ($username, $password, $email){
//Get from form
$username = $_POST["user"];
$password = $_POST["pass"];
$email = $_POST["mail"];
$hashedPassword = sha1($password);
//Submit to database
//make query
$query = ("INSERT INTO users ( username , email , hashPass ) VALUES ( '$username' ,  '$email' , '$hashedPassword')");
//use query
if (mysql_query($query, $connection)) {
//userMade.php
header("Location: ../userMade.php");
exit;
} else {
echo "<p>I suck!</p>";
echo "<p>".mysql_error()."</p>";
} 
}

No PHP or MySQL errors are being reported, I only see a blank page.

Upvotes: 1

Views: 164

Answers (3)

codea
codea

Reputation: 1252

call_user_func_array("createUser", array($_POST("user"), $_POST("pass"), $_POST("mail")));

should be 

call_user_func_array("createUser", array($_POST["user"], $_POST["pass"], $_POST["mail"]));

or

createUser($_POST["user"], $_POST["pass"], $_POST["mail"]);

And you don't have to :

$username = $_POST["user"];
$password = $_POST["pass"];
$email = $_POST["mail"];

in createUser function.

Upvotes: 1

jeffjenx
jeffjenx

Reputation: 17467

In functions.php you are checking if(isset($_POST["createUser"])...

The form name attribute is not submitted during the post, so this if-statement will always fail.

You will want to use the name/value attribute of the submit button, or a hidden input field in order to satisfy this condition

Upvotes: 0

David Houde
David Houde

Reputation: 4778

<?php require_once("includes/Functions.php"); ?>
<form action="Includes/Functions.php" method="post" name="createUser">

Do these 2 lines point to the same file? I would assume so, but the case is not correct. I would start here. I would keep a standard naming convention, as some files are in Caps and some are not.

I would also recommend salting your passwords before hashing.

For your SQL, i recommend using PDO, because your code right now is subject to SQL injection attack, possibly revealing the unsalted passwords.

Upvotes: 0

Related Questions