CODEWITHSUNDEEP
phpmysql
Theo
Theo

Reputation: 3139

Getting null value in my json response.

I have the following registration php script. I want to get back a json response as {"result":"success","message":"123"}

where 123 is the id of the registered user. I want this id so at a later point the user can post data to other tables.

However I get this.

{"result":"fail","message":null}

This is my script.

<?php
  session_start();
  require "init.php";
  header('Content-type: application/json');
  $id = $_POST['id'];
  $email = $_POST['email'];
  $user_name = $_POST['user_name'];

  $user_pass = $_POST['user_pass'];
  $passwordEncrypted = sha1($user_pass);  

  $confirmPass = $_POST['confirm_pass'];
  $confPasswordEncrypted = sha1($confirmPass);  

  $msg = "Congratulations. You are now registered to the most amazing app   
  ever!";            

        if(!filter_var($email, FILTER_VALIDATE_EMAIL)){

            $don = array('result' =>"fail","message"=>"Please enter a valid email");

        }    

if($email && $user_name && $user_pass && $confirmPass && filter_var($email, FILTER_VALIDATE_EMAIL)){


    $sql_query = "select * from user_info WHERE email  ='".mysqli_real_escape_string($con, $email)."' or user_name 
    ='".mysqli_real_escape_string($con, $user_name)."'";

    $result = mysqli_query($con, $sql_query);   

    $results = mysqli_num_rows($result);

    if ($results){
        $don = array('result' =>"fail","message"=>"Email or username exists.");

    }else{
        //This is where I am trying to get the id
        while($row = mysqli_fetch_array($result)) {             
            $posts['id'] = $row['id'];


        }   

        $sql_query = "insert into user_info values('$id','$email','$user_name','$passwordEncrypted','$confPasswordEncrypted');";

        if(mysqli_query($con,$sql_query)){
            $_SESSION['id'] = mysqli_insert_id($con);
            //And this is the json response I was talking about
            $don = array('result' =>"success","message"=>$posts['id']);
            mail($email,"Well done. You are registered to my sample app!",$msg);

        }
    }
}else if(!$email){


        $don = array('result' =>"fail","message"=>"Please enter a valid email");               


    }else if(!$user_name){

        $don = array('result' =>"fail","message"=>"Please enter your username");

    }else if(!$user_pass){

        $don = array('result' =>"fail","message"=>"Please enter a password");

    }else if(!confirmPass){

        $don = array('result' =>"fail","message"=>"Please confirm your    
        password");

    }     

  echo json_encode($don);

 ?>

Upvotes: 2

Views: 246

Answers (3)

Deepak Saini
Deepak Saini

Reputation: 116

You don't need the following lines, so remove them, as you are using them before the select query.

//This is where I am trying to get the id
while($row = mysqli_fetch_array($result)) {             
   $posts['id'] = $row['id'];

}

You can replace 

 $don = array('result' =>"success","message" => $posts['id']);

with 

$don = array('result' =>"success","message"=> mysqli_insert_id($con));

No need of session as well.

Upvotes: -1

BeetleJuice
BeetleJuice

Reputation: 40886

Change

$don = array('result' =>"success","message"=>$posts['id']);

To:

$don = array('result' =>"success","message"=>mysqli_insert_id($con));

The problem is that you're referring to $posts['id'] which is always null You try to set it here:

$results = mysqli_num_rows($result);
if ($results){
    $don = array('result' =>"fail","message"=>"Email or username exists.");

}else{
    while($row = mysqli_fetch_array($result)) {
        $posts['id'] = $row['id'];
    }
...

Notice that we only reach the while if $result does not contain any row. Therefore, mysqli_fetch_array($result) is false and this loop never executes. In fact this loop is useless in this script and should be removed.

This goes beyond the scope of your question, but you should think about the following:

  1. What's the point of $confirmPass? You never check whether password and confirm pass match.
  2. Given that the two should be the same, why are you storing both password and confirm pass?
  3. You should never use user-supplied values in SQL queries without escaping them, or even better, without using prepared statements. Your SELECT query at least escapes values, but your INSERT query does not. That leaves you open to SQL injection attacks.
  4. sha1($user_pass) is not a good way to hash a pwd for storage. Use PHP's password_hash and password_verify functions instead. See the guide

Upvotes: 1

Phuong Nguyen
Phuong Nguyen

Reputation: 121

Change

$don = array('result' =>"success","message"=>$posts['id']);

to

$don = array('result' =>"success","message"=>$_SESSION['id']);

$posts['id'] is always null as the row is not inserted to the database. Remove that code.

Upvotes: 5

Related Questions