How to obtain form info from a user and store it in a database using oop prepared statements?

Question

I've created a class and I've been wrecking my brain trying to figure how to obtain form info from a user and store it in a database using oop prepared statements. I'll present the code.

Code for my class

 <?php include '../includes/Constants.php'; ?>
<?php

class User {

    public $id,
    $fname,
    $lname,
    $email,
    $username,
    $password,
    $conf_pass;
    protected $db_conn;

    //declare variables
    public function __construct() {
        $host = DB_HOST;
        $user = DB_USER;
        $pass = DB_PASS;
        $db = DB_NAME;

        //Connect to database
        $this->db_conn = new mysqli($host, $user,$pass, $db);

        //Check database connection
        if ($this->db_conn->connect_error) {
            echo 'Connection Fail: ' . mysqli_connect_error();
            exit();
        } else {
            echo 'Connected';
        }
    }

    function regUser($fname, $lname, $email, $username, $password, $conf_pass) {



        if ($this->db_conn->prepare("INSERT INTO USERS (`user_id`,`user_fname`,`user_lname`,
            `user_email`,`username`,`user_pass`) VALUES (NULL,?,?,?,?,?)")) {


            //Bind-para to values from form
            $stmt->bind_param('isssss', $id, $fname, $lname, $email, $username, $password);

            //execute statement
            $stmt->execute();
            
            $this->id = $id;
            $this->fname = $fname;
            $this->lname = $lname;
            $this->email = $email;
            $this->username = $username;
            $this->password = $password;
            
            //end statement
            $stmt->close();
        }
    }

}

?>

Here's the code I'm using to create objects.

    <?php include_once 'User.php'; ?>
<?php

//Creating new User Object
$newUser = new User();

$fname = $_POST['fname'];
$lname = $_POST['lname'];
$email = $_POST['email'];
$username = $_POST['username'];
$password = $_POST['password'];
$conf_pass = $_POST['conf_pass'];


$newUser->regUser($fname, $lname, $email,$username, $password, $conf_pass);
?>

And here is the code for my test form.

    <html>
    <head>
        <title></title>
        <link href="stylesheets/styles.css" rel="stylesheet" type="text/css"/>
    </head>


    <body>
        <form action = "Resources/testClass.php" method="post" enctype="multipart/form-data">
            <label>First Name: </label>
            <input type="text" name="fname" id="fname" size="25" maxlength="25"/>
            <label>Last Name: </label>
            <input type="text" name="lname" id="lname" size="25" maxlength="25"/>
            <label>Email: </label>
            <input type="text" name="email" id="email" size="25" maxlength="40"/>
            <label>Username: </label>
            <input type="text" name="username" id="username" size="25" maxlength="32"/>
            <label>Password: </label>
            <input type="password" name="password" id="password" size="25" maxlength="32"/>
            <label>Re-enter Password: </label>
            <input type="password" name="conf_pass" id="conf_pass" size="25" maxlength="32"/>
            <br /><br />
            <input type="submit" name="submit" id="submit" value="Register"/>
            <input type="reset" name="reset" id="reset" value="Reset"/>
        </form>

    </body>
</html>

Answer 1

I guess user_id is the primary key and is auto increment. you dont need to insert value for user_id and remove it from bind params as well.

if ($this->db_conn->prepare("INSERT INTO USERS (`user_fname`,`user_lname`,
        `user_email`,`username`,`user_pass`) VALUES (?,?,?,?,?)"))

and change bind_param to

$stmt->bind_param('sssss', $fname, $lname, $email, $username, $password);