What is wrong with my code? (302 error in function while signing up) mysql database error by not s-CodePudding

my error is in the mysql database it saves the db login instead of the user's input. also, as from the terminal(linux mint) there is a 302(temp redirect) "error" that is make some error in the code... from the terminal is: [302]: POST /signupp.php and all the others is [200]: GET /... which means this is some of the error right? now for the code itself:

index.php

    <!DOCTYPE html>
<html lang="en">
<head>
    <title>hi</title>
    <meta charset="utf-8">
</head>
<body>
    <a href="/">Home</a>
    <a href="/signup.php">Sign Up</a>
</body>
</html>

db.php

<?php

$servername = "localhost";
$username = "root";
$password = "password";
$dbname = "phpshop";

// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);

// Check connection
if (!$conn) {
  die("Connection failed: " . mysqli_connect_error());
}

signup.php

<?php
include_once 'index.php';
?>

<h2>Sign Up</h2>
<form action="signupp.php" method="post">
        <input type="text" name="namee" placeholder="Full name..">
        <input type="email" name="emaill" placeholder="email..">
        <input type="text" name="userme" placeholder="username..">
        <input type="password" name="passme" placeholder="password..">
        <button type="submit" name="submit">Sign Up</button>
</form>

signupp.php

<?php

if (isset($_POST["submit"])) {

    $name = $_POST["namee"];
    $email = $_POST["emaill"];
    $username = $_POST["userme"];
    $password = $_POST["passme"];

    require_once 'db.php';
    require_once 'functions.php';

    createUser($conn, $name, $email, $username, $password);
}
else {
    header("location: signup.php");
}

functions.php

<?php

function createUser($conn, $name, $email, $username, $password) {
    $sql = "INSERT INTO GuestsLogs (namee, emaill, userme, passme) VALUES (?, ?, ?, ?);";
    $stmt = mysqli_stmt_init($conn);
    if (!mysqli_stmt_prepare($stmt, $sql)) {
        header("location: signup.php");
        exit();
    }

    mysqli_stmt_bind_param($stmt, "ssss", $name, $email, $username, $password);
    mysqli_stmt_execute($stmt);
    mysqli_stmt_close($stmt);
    header("location: signup.php");
    exit();
}

CodePudding user response：

You have used the same variable names for db login and user submitted data.

Since you required "db.php" after the user submitted $username and $password, but they are using the same variable names ($username / $password), so the data insertion will use the db credentials for data insertion.

Hence, please change the signupp.php from

<?php

if (isset($_POST["submit"])) {

    $name = $_POST["namee"];
    $email = $_POST["emaill"];
    $username = $_POST["userme"];
    $password = $_POST["passme"];

    require_once 'db.php';
    require_once 'functions.php';

    createUser($conn, $name, $email, $username, $password);
}
else {
    header("location: signup.php");
}

<?php

if (isset($_POST["submit"]) ) {

    $namee = $_POST["namee"];
    $email = $_POST["emaill"];
    $userme = $_POST["userme"];
    $passme = $_POST["passme"];

    require_once 'db.php';
    require_once 'functions.php';

    createUser($conn, $namee, $email, $userme, $passme);
}
else {
    header("location: signup.php");
}

On the other hand, I cannot see any 302 error when I implement my suggested code in my testing site, so I believe it may be previous errors during your previous development / testing ? Please double-check whether the problem is fixed after implementing my suggested answer.

SPECIAL NOTE:

If you want to change header location redirection (php command) to javascript, you may do the following change :

<?php
if (!mysqli_stmt_prepare($stmt, $sql)) {
        header("location: signup.php");
        exit();
    }
?>

<?php
if (!mysqli_stmt_prepare($stmt, $sql)) {
    //    header("location: signup.php");
?>
<script>window.location.href="signup.php";</script>
<?php
        exit();
    }
?>