0

views/registration.php

<form action="classes/registration.php" method="post">
Username: <input type="text" name="username"><br>
Password: <input type="text" name="password"><br>
<input type="submit">
</form>

classes/registration.php

if(isset($_POST['submit']))
{
 // Define form variables
 $username = $_POST['username'];
 $password= $_POST['password'];

 // Insert form data into database
 $query = "INSERT INTO users (username, password)
 VALUES ('$username', '$password')";
 if(mysqli_query($conn, $query))
 {
    echo "Registration successfull.";
 }
}

The problem is, when I click submit, I get a blank page. The query isn't being executed.

I thought the problem might be because my values aren't setup correctly, so I did the following:

VALUES ('$_POST['password']', '$_POST['password']')";

but that gives me an error, presumably because I am using ' inside of '

So now I am back to square one, unsure of why my query isn't being executed

Improve this question
1
  • add an else to print something else. else { echo 'did not work'; } or some such. Commented Dec 12, 2014 at 0:20

2 Answers 2

Reset to default
3

You are getting a blank page because you don't echo something if $_POST submit isn't set.

if(isset($_POST['submit']))

is never true as your $_POST['submit'] is never set. You need to give your submit a name, this (the name) is what get's POSTed / what you can access within $_POST[' /*name of input*/ ']

Change your form to the following, then you should see your 

echo "Registration successfull.";

HTML:

<form action="classes/registration.php" method="post">
Username: <input type="text" name="username"><br>
Password: <input type="text" name="password"><br>
<input type="submit" name="submit"> <!-- <<<<<<<<<<< here -->

As a sidenote, you should absolutely consider using a prepared statement. Running a registration form with your insert query is like an invitation for people keen on ruining your server. You might want to try the query like this:

$query = $conn->prepare("INSERT INTO users (username, password) VALUES (?,?)");
$query->bind_param('ss',$username,$password);
$query->execute;

This way, you will be secured against mysql injection.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

Your file naming and paths seem to be mismatching(as per the file names you provided).

No matter if you keep:

views/registration.php
views/classes/registration.php

But if you follow:

--/classes
         /registration.php

--/views
        /registration.php

[Note: '--/' is the path of your root directory]

Then the form action classes/registration.php won't go anywhere. So change it:

<form action="../classes/registration.php" method="post">

I suggest to follow the naming convention:

filename- for pages with HTML forms, and

filename_action- for action pages

Also notice the possible error cases mentioned by user baao in the other answer.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.