Hi guys I set up a table on 000webhost. I set it up with a column for id, name, username, age and password. For some reason the username does not show up in the table when I run the code for the register and Im not sure what the error is. Here is the code for Register.php:
$con = mysqli_connect("*****", "****", "*****", "****");
$name = $_POST["name"];
$age = $_POST["age"];
$username = $_POST["username"];
$password = $_POST["password"];
$statement = mysqli_prepare($con, "INSERT INTO user (name, username, age, password) VALUES (?, ?, ?, ?)");
mysqli_stmt_bind_param($statement, "siss", $name, $username, $age, $password);
$response = array();
$response["success"] = true;
You're trying to insert a string using the
i parameter being an integer.
The order matters when binding.
You need to change your present parameters to
ssis while making sure the age column is indeed an integer type.
Checking for errors on the query would have told you about it.
I also hope you're not storing plain text passwords. Use
password_hash() if you plan on going live with this.
Sorry to be the bearer of bad news, but you will be hacked should this be the case.
Using a prepared statement without using a safe password hashing function won't guarantee your site from being compromised.