current community

your communities

more stack exchange communities

company blog
Stack Exchange Inbox Reputation and Badges
tour help
Stack Overflow is a community of 4.7 million programmers, just like you, helping each other.

Join them; it only takes a minute:

Sign up
Join the Stack Overflow community to:
  1. Ask programming questions
  2. Answer and help your peers
  3. Get recognized for your expertise
up vote -1 down vote favorite

I am trying to input data into a database with PHP and mysqli. There is no error and the code runs, but when I look in the database, it says that a row has been added but the columns "usernames" and "passwords" are empty.

$sql = "INSERT INTO $table (usernames, passwords) VALUES ('$username','$password')";
if(mysqli_query($db, $sql)) {
    echo "new user successfully created";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($db);
}

I think there is something wrong above but I am not sure what it is.

EDIT: I think the problem is with $username and $password not having any value. It might have to do with the following code:

    if ($_SERVER["REQUEST_METHOD"] == "POST") { //remove whitespace, slashes, and unnecessary characters
    $username = test_input($_POST["username"]);
    $password = test_input($_POST["password"]);
}

function test_input($data) { //function to remove unnecessary characters
    if($data != trim($data)) {
        die("error: there is an unnacceptable character in your username or password");
    }
    if($data != stripslashes($data)) {
        die("error: you cannot have slashes");
    }
    if($data != htmlspecialchars($data)) {
        die("error: password not accepted");
    }
}
share|improve this question
1  
check for the $username and $password values before insert query – Diego Mariani 47 mins ago
    
basic debugging echo $sql; – Dagon 45 mins ago
    
error_reporting(E_ALL); ini_set('display_errors', 1); and use a conditional !empty() on wherever those variables are assigned as. Sure hope you're hashing this password, one that's of "this century". – Fred -ii- 45 mins ago
1  
$username and $password probably hold null. Dump their values before the query. var_dump($username); and the same with password. This is just to debug for now, in a production environment you should validate your input. – LukeNukem 45 mins ago
2  
Save yourself the trouble and don't even begin by making crappy applications with PHP webdeveloper.gdemolished.com/… – Halfstop 40 mins ago
up vote 1 down vote accepted

test_input has no return, its a black hole

return $data;

at the end is required

share|improve this answer
    
Thank you! this fixed the problem – user2059810 32 mins ago
    
now fix the sql injection vulnerability, etc etc etc ;-) – Dagon 31 mins ago
    
A better "Black hole"... just don't look at it for too long. – Fred -ii- 13 mins ago

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.