-1

so I'm just making a very basic registration for for PHP, and well...everytime I try to run it, it just returns a blank page, there are no errors or echos, just a plain, blank white page. I was hoping you guys could explain why as there are no obvious errors in my code.

Here is my reg.php file:

<html>
 <head>
<title>Registered!</title>
</head>
<body>
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);

define('DB_SERVER', 'localhost');
define('DB_USERNAME', 'username');
define('DB_PASSWORD', 'password');
define('DB_DATABASE', 'database');

$db = mysqli_connect(DB_SERVER,DB_USERNAME,DB_PASSWORD,DB_DATABASE);


if(isset($_POST['submit']))
{
  $name = $_POST['username'];
  $password = $_POST['password'];
  $email = $_POST['email'];

  $username = mysqli_real_escape_string($db, $name);
  $email = mysqli_real_escape_string($db, $email);
  $password = mysqli_real_escape_string($db, $password);

  $query = mysqli_query($db, "INSERT INTO users (username, password, 
email)VALUES ('$name', '$password', '$email')");
  if($query)
  {
    echo "You are now registered!";
  }
  else 
  {
      echo "failed";  
  }
}
?>
</body>
</html>

and here is my html For the form section

<div id="id01" class="modal">
<form class="modal-content animate" action="reg.php" method="post">
  <div class="container">
    <label><b>Username</b></label>
 <input type="text" placeholder="Enter Username" id="username" 
name="username" required>

 <label><b>Password</b></label>
 <input type="password" placeholder="Enter Password" id="password" 
name="password" required>

 <label><b>Email</b></label>
 <input type="text" placeholder="Enter Email" id="email" name="email" 
required>

 <button class="btn waves-effect waves-light teal lighten-1" type="submit" 
name="submit" id="submit" value="submit">Submit<i class="material-icons 
right">send</i></button>
   </div>
 </form>
</div>

And yes, I know, the form is open to SQL injection, I'll take care of that as soon as I can actually get the basic form to work!

Sorry, I know this will probably end up being some stupid fix, but I can't figure it out for the life of me...

Thanks everyone!

sanborn12
  • 3
  • 3
  • At quick glance you may have mis-matched curly braces. When you say "no errors", did you check the PHP error logs? – David Aug 27 '17 at 21:16
  • blank page usually means fatal error. Enable error reporting (won't always work for syntax errors) or check the logs. – GolezTrol Aug 27 '17 at 21:18
  • Fun thing is that even your quite specific title contains enough context. Just paste *"PHP / MySQLi registration form just returns a blank white page with no echoes or errors"* in Google and you'll get a dozen duplicates of your question. – GolezTrol Aug 27 '17 at 21:19
  • You're already using an API that supports **prepared statements** with bounded variable input, you should utilize parameterized queries with placeholders (prepared statements) to protect your database against [SQL-injection](http://stackoverflow.com/q/60174/)! Get started with [`mysqli::prepare()`](http://php.net/mysqli.prepare) and [`mysqli_stmt::bind_param()`](http://php.net/mysqli-stmt.bind-param). – Qirel Aug 27 '17 at 21:19
  • **Don't store your passwords in plain-text!** This is not secure *at all!* PHP has built-in functions which you should use to handle storing of passwords, see the [`password_hash()`](http://php.net/manual/en/function.password-hash.php) function which is a lot more secure! – Qirel Aug 27 '17 at 21:19
  • `else { { echo "failed"; } }` a bit excessive curlybrackets there. – Qirel Aug 27 '17 at 21:21
  • Yes, I checked the PHP error logs, nothing. I checked the CPanel logs, also nothing. I checked every other Stack Overflow problem like this and NONE of the fixes worked. That's why I posted this. I took care of the Brackets, no difference, and yes, Qirel, I know, dont store them in plain text, this is just a test and wont be implemented. Its just to get the basic form down. I will of course encrypt when it is completed – sanborn12 Aug 27 '17 at 21:24
  • Also, error reporting is enabled. I have gotten no errors at all. Just a blank, white page with a url that looks like this: https://sitename.com/reg.php?uname=uname&psw=psw&email=email%40gmail.com&action= – sanborn12 Aug 27 '17 at 21:26
  • Wait, you get the parameters in the URL? Are you sure that your form is set to `method="POST"`? because that sends over `GET`. That might explain why `if(isset($_POST['submit']))` doesn't fire. – Qirel Aug 27 '17 at 21:28
  • Yeah, its 100% post, I just checked it over, switched from all lowercase post to POST. Its definitely method="POST". So idk why its doing this. – sanborn12 Aug 27 '17 at 21:33
  • One issue is that you are inserting `$name` instead of `$username` -- look at your variables. But for this, you need to do some really basic troubleshooting, `echo 'asdf'` style troubleshooting. See where you get output, and where you don't. Enable mysql logging, in mysql, `SET GLOBAL general_log='ON';` `SHOW VARIABLES LIKE '%general%'` to see where mysql will log to after that. `tail` that log file when you make the form submission. Troubleshoot it from the top down and you will probably find the issue. – Kevin Aug 27 '17 at 21:42
  • Just changed that, but the $username couldnt have been the error, as $name was just $_POST['username'] from the html file...good catch, but not the error sadly :(. And Ill try to, Im using a host, not hosting myself so being able to change / log mysql may be limited – sanborn12 Aug 27 '17 at 21:49

1 Answers1

0

There is a SQL error in your code, try changing:

$query = mysqli_query($db, "INSERT INTO users (username, password, email)VALUES ('$name', '$password', '$email')");

to

$query = mysqli_query($db, "INSERT INTO users (username, password, email) VALUES ('$name', '$password', '$email')");

Cappa
  • 79
  • 1
  • 4