Reputation: 41
Success message after submit
Hey now i have this but when i register only the index.php page shows up. Without the success message. When the registry is completed i redirected to index.php?msg=1 so that's in my opinion correct?
<?php
if (isset($_GET['msg'] == 1)) {
echo "You have successfully registered.";
}
require_once('connect.php');
$errors = array();
if (isset($_POST['submit'])) {
if(empty($_POST['username'])){ array_push($errors, 'You did not submit a username'); }
$old_usn = mysqli_query($connect, "SELECT id FROM users WHERE name = '".htmlentities($_POST['username'], ENT_QUOTES)."' LIMIT 1;") or die(mysqli_error());
if (mysqli_num_rows($old_usn) > 0) { array_push($errors, 'This username is already registered.'); }
if (sizeof($errors) == 0) {
$username = htmlentities($_POST['username'], ENT_QUOTES);
$email = htmlentities($_POST['email'], ENT_QUOTES);
mysqli_query($connect, "INSERT INTO users (name, hashed_pw, email, joined)
VALUES ('{$username}', '{$password1}', '{$email}', NOW());") or die ($connection_error);
header('Location: index.php?msg=1');
}
}
?>
Upvotes: 3
Views: 589
Answers (3)
Reputation: 74230
if (isset($_GET['msg'] == 1)) that isn't the proper way to do this, since it will always be considered as being set.
You need to separate those into two conditions.
Such as:
if (isset($_GET['msg']) && $_GET['msg'] == 1)
I highly suggest you use a prepared statement though and password_hash().
What you have now, isn't safe at all.
If you do plan on going that route (which I hope you do), then please read over those manuals attentively for password_hash() and password_verify():
- http://php.net/manual/en/function.password-hash.php
- http://php.net/manual/en/function.password-verify.php
Note: You appear to have a missing variable set for $password1, so make sure it has value, otherwise your query will fail.
Also, mysqli_error() requires a database connection argument for it.
mysqli_error($connect)
This line or die ($connection_error) will throw you an undefined variable error, least for what you posted in the question.
Upvotes: 1
Reputation: 26288
The issue is here:
if (isset($_GET['msg'] == 1)) { // These are two different conditions, you have to separate them by using &
change it to:
if ( isset($_GET['msg']) && $_GET['msg'] == 1 ) {
and try again.
Your code is not safe at all, use prepared statement and store the hash password instead of plain one.
Upvotes: 1
Related Questions
- I want to echo message when form is submitted
- How to get the success message after clicking on submit button
- Show message after submit
- Display success message upon form submit
- How to show the success message of PHP in html page on Form submission
- Present Success Message Upon Form Submission
- How to show a success message after PHP form submission?
- Display success message upon form submission
- How to get success message after submit
- How to display a message after form has successfully submitted