mysql php registration form does not work correctly

Navigation
0

I am working with a simple user registration form, they are already inserted, the code

HTML 

<?php include '../includes/insert/insert_usuario.php'; ?>    
<form class="form-horizontal style-form" method="post">
    <div class="form-group">
       <label class="col-sm-2 col-sm-2 control-label"><b>Nombre</b></label>
       <div class="col-sm-3">
           <input type="text" class="form-control" minlength="3" name="name">
       </div>
    </div>
    <div class="form-group">
       <label class="col-sm-2 col-sm-2 control-label"><b>Correo</b></label>
       <div class="col-sm-3">
            <input type="email" class="form-control grey" name="email">
       </div>
    </div>
    <div class="form-group">
       <label class="col-sm-2 col-sm-2 control-label"><b>Contraseña</b></label>
       <div class="col-sm-3">
            <input type="password" class="form-control grey" minlength="5" name="password">
       </div>
    </div>
    <div class="form-group">
       <label class="col-sm-2 col-sm-2 control-label"><b>Confirmar contraseña</b></label>
       <div class="col-sm-3">
          <input type="password" class="form-control grey" minlength="5" name="cPassword">
       </div>
     </div>
     <div class="form-group">
        <label class="col-sm-2 col-sm-2 control-label"></label>
        <div class="col-sm-9">
            <button class="btn btn-primary" name="submit" type="submit"><i class="fa fa-floppy-o"></i> GUARDAR</button>
        </div>
     </div>
</form>

PHP (insert_user.php) 

<?php

  $msg = "";

  if (isset($_POST['submit'])) {
    $con = new mysqli('localhost', 'root', '', 'carreteras');

    $name = $_POST['name'];
    $email = $_POST['email'];
    $password = $_POST['password'];
    $cPassword = $_POST['cPassword'];

    if ($password != $cPassword)
      $msg = "¡Las contraseñas no coinciden!";
    else {
      $hash = password_hash($password, PASSWORD_BCRYPT);
      $con->query("INSERT INTO users (name,email,password) VALUES ('$name', '$email', '$hash')");
      $msg = "¡Usuario registrado con éxito!";
    }
  }
?>

I have two drawbacks, the first one is that when I press submit and the passwords do not match, the fields in my form are cleaned, how can I do so that this does not happen and allow the user to edit their information. The second is that if the INSERT proceeds, the following happens: the fields are "apparently" cleaned, the message of "Successfully registered user" is displayed! but the message stays there and if I refresh the page with f5 the same record is reinserted into my database, even though it apparently has been cleaned.

I hope you can help me, I thank you from now on.

    
asked by IndiraRivas 28.09.2018 в 18:21
source

1 answer

2

Hello dear, I propose the following improvements: 

     <?php
     //Para efectos de obtener errores de programación:
      //error_reporting(E_ALL);
       //ini_set('display_errors', 'On');

     //1. Declaración de variables
       $msg = "";
      $name = $email = $password = $cPassword = "";
     $nameErr = $emailErr = $passwordErr = $cPasswordErr = null;
     //Declaramos una bandera para que me permita ejecutar 
     //el SQL en caso pase todas las 
     validaciones
    $valid = true;
      if ($_SERVER["REQUEST_METHOD"] == "POST") {
    //validamos que los campos no sean vacíos y sean requeridos:
      if (empty($_POST["name"])) {
        $nameErr = "El nombre es requerido.";
        $valid = false;
    } else {
        $name = test_input($_POST['name']);
        // chequea que el nombre tenga letras y espacios
        if (!preg_match("/^[a-zA-Z ]*$/", $name)) {
            $nameErr = "Solo se permiten letras y espacios.";
            $valid = false;
        }
    }
    if (empty($_POST["email"])) {
        $emailErr = "El correo es requerido.";
        $valid = false;
    } else {
        $email = test_input($_POST["email"]);
        // verificar que el correo esté correcto
        if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
            $emailErr = "Formato no válido.";
            $valid = false;
        }
    }

    if (empty($_POST["password"])) {
        $passwordErr = "La contraseña es obligatoria";
        $valid = false;
    } else {
        $password = $_POST['password'];
    }

    if (empty($_POST["cPassword"])) {
        $cPasswordErr = "La confirmación de contraseña es obligatoria";
        $valid = false;
    } else {
        $cPassword = $_POST['cPassword'];
    }
    if ($password != $cPassword) {
        $msg = "¡Las contraseñas no coinciden!";
        $valid = false;
    }
    if ($valid) {
        $con = new mysqli('localhost', 'root', '', 'carreteras');
        //Si pasa las validadciones, ejecuta el SQL
        $hash = password_hash($password, PASSWORD_BCRYPT);

         $sql = "INSERT INTO users (name,email,password) VALUES ('$name', 
          $email', $hash')";

         if ($con->query($sql) === TRUE) {
          $msg = "¡Usuario registrado con éxito!";
           //EN ESTE PUNTO LO DEBES DE REDIRIGIR A OTRA PANTALLA O REFRESCAR 
           // LA PANTALLA
         } else {
           echo "Error: " . $sql . "<br>" . $con->error;
             }

           $con->close();

      }
    }

     function test_input($data) {
      $data = trim($data);
      $data = stripslashes($data);
      $data = htmlspecialchars($data);
      return $data;
        }
        ?>
      <!DOCTYPE HTML>  
    <html>
       <head>
          <style>
               .error {color: #FF0000;}
          </style>
      </head>
      <body>  

            <form class="form-horizontal style-form" method="post" action="<?php echo                  
         htmlspecialchars($_SERVER["PHP_SELF"]);?>">  

            <div class="form-group">
                <label class="col-sm-2 col-sm-2 control-label"><b>Nombre</b></label>
                <div class="col-sm-3">
                    <input type="text" class="form-control" minlength="3" name="name" 
          value="<?php echo $name; ?>">
                    <span class="error">* <?php echo $nameErr; ?></span>
                </div>
            </div>
            <div class="form-group">
                <label class="col-sm-2 col-sm-2 control-label"><b>Correo</b></label>
                <div class="col-sm-3">
                    <input type="email" class="form-control grey" name="email" value="<?php echo $email; ?>">
                    <span class="error">* <?php echo $emailErr; ?></span>
                </div>
            </div>
            <div class="form-group">
                <label class="col-sm-2 col-sm-2 control-label"><b>Contraseña</b></label>
                <div class="col-sm-3">
                    <input type="password" class="form-control grey" minlength="5" name="password" value="<?php echo $password; ?>">
                    <span class="error">* <?php echo $passwordErr; ?></span>
                </div>
            </div>
            <div class="form-group">
                <label class="col-sm-2 col-sm-2 control-label"><b>Confirmar contraseña</b></label>
                <div class="col-sm-3">
                    <input type="password" class="form-control grey" minlength="5" name="cPassword" value="<?php echo $cPassword; ?>">
                    <span class="error">* <?php echo $cPasswordErr; ?></span>
                    <br>
                    <span class="error"><?php echo $msg; ?></span>
                </div>
            </div>
            <div class="form-group">
                <label class="col-sm-2 col-sm-2 control-label"></label>
                <div class="col-sm-9">
                    <button class="btn btn-primary" name="submit" type="submit"><i class="fa fa-floppy-o"></i> GUARDAR</button>
                </div>
            </div>
        </form>
    </body>
</html>

<?php
echo "<h2>Tus entradas:</h2>";
echo $name;
echo "<br>";
echo $email;
echo "<br>";
echo $password;
echo "<br>";
echo $cPassword;
echo '<br>';
echo $msg;
?>

Reference: insert MySQLi Handling php forms

    
answered by 28.09.2018 / 21:21
source
how to identify that the attribute of an object is a class type? C # [closed] Counter in an input with Javascript