R. Smith R. Smith - 17 days ago 8
HTML Question

How to debug a form that is not saving data?

I have made a signup page in PHP, I've made it ask for a name, username, email, password (and confirm), gender and country. I can make it all go through except the first and last name, which are not posting to my database.

I think it won't post to the database because the names are not going through. I have tried a lot and I'm now completely stuck. I've tried google, youtube etc and I can't find anything.

<?php
session_start();
include_once("php_includes/check_login_status.php");
if($user_ok == true){
header("location: profile.php?u=".$_SESSION["username"]);
exit();
}
?>
<?php
// Ajax calls this NAME CHECK code to execute
if(isset($_POST["usernamecheck"])){
include_once("php_includes/db_connect.php");
$username = preg_replace('#[^a-z0-9]#i', '', $_POST['usernamecheck']);
$sql = "SELECT id FROM users WHERE username='$username' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
$uname_check = mysqli_num_rows($query);
if (strlen($username) < 3 || strlen($username) > 16) {
echo '<strong style="color:#FFF;">3 - 16 characters please</strong>';
exit();
}
if (is_numeric($username[0])) {
echo '<strong style="color:#F00;">Usernames must begin with a letter</strong>';
exit();
}
if ($uname_check < 1) {
echo '<strong style="color:#009900;">' . $username . ' is OK</strong>';
exit();
} else {
echo '<strong style="color:#F00;">' . $username . ' is taken</strong>';
exit();
}
}
?>
<?php
// Ajax calls this REGISTRATION code to execute
if(isset($_POST["u"])){
// CONNECT TO THE DATABASE
include_once("php_includes/db_connect.php");
// GATHER THE POSTED DATA INTO LOCAL VARIABLES\
$f = $_POST['firstname'];
$l = $_POST['lastname'];
$u = preg_replace('#[^a-z0-9]#i', '', $_POST['u']);
$e = mysqli_real_escape_string($db_conx, $_POST['e']);
$p = $_POST['p'];
$g = preg_replace('#[^a-z]#', '', $_POST['g']);
$c = preg_replace('#[^a-z ]#i', '', $_POST['c']);
// GET USER IP ADDRESS
$ip = preg_replace('#[^0-9.]#', '', getenv('REMOTE_ADDR'));

// DUPLICATE DATA CHECKS FOR USERNAME AND EMAIL
$sql = "SELECT id FROM users WHERE username='$u' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
$u_check = mysqli_num_rows($query);
// -------------------------------------------
$sql = "SELECT id FROM users WHERE email='$e' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
$e_check = mysqli_num_rows($query);

// FORM DATA ERROR HANDLING
if($f = "" || $l = "" || $u == "" || $e == "" || $p == "" || $g == "" || $c == ""){
echo "The form submission is missing values.";
exit();
} else if ($u_check > 0){
echo "The username you entered is alreay taken";
exit();
} else if (strlen($u) < 3 || strlen($u) > 16) {
echo "Username must be between 3 and 16 characters";
exit();
} else if (is_numeric($u[0])) {
echo 'Username cannot begin with a number';
exit();
} else if (strlen($p) < 8) {
echo 'Your password must be 8 characters';
exit();
} else if ($e_check > 0){
echo "That email address is already in use in the system";
exit();
} else {
// END FORM DATA ERROR HANDLING
// Begin Insertion of data into the database
// Hash the password and apply your own mysterious unique salt
$p_md5 = md5($p);
$p_hash = hash('sha512', $p_md5);
// Add user info into the database table for the main site table
$sql = "INSERT INTO users (firstname, lastname, username, email, password, gender, country, ip, signup, lastlogin, notescheck)
VALUES('$f', '$l', '$u','$e','$p_hash','$g','$c,'$ip',now(),now(),now())";
$query = mysqli_query($db_conx, $sql);
$uid = mysqli_insert_id($db_conx);
if(!$query) {
echo "DB1, FAIL<br>";
} else {
echo "DB1, Success<br>";
}

// Establish their row in the useroptions table
$sql = 'INSERT INTO useroptions (id, username, background)
VALUES ("$uid", "$u", "original")';
$query = mysqli_query($db_conx, $sql);
if(!$query) {
echo "DB2, FAIL<br>";
} else {
echo "DB2, Success<br>";
}
// Establish their row in the links table
$url = "www.elefind.x10.bz/profile.php?u=$u";
$sql = "INSERT INTO links (link_id, site_id, url, title, subtitle, description, fulltxt, indexdate, size, md5sum, visible, level)
VALUES('', '', '$url', '$u', '$f $l', '', now(), '', '', '', '')";
$query = mysqli_query($db_conx, $sql);
if(!$query) {
echo "DB3, FAIL<br>";
} else {
echo "DB2, Success<br>";
}
echo "Fname: ".$f."<br>";
echo "Lname: ".$l."<br>";
echo "Uname: ".$u."<br>";
echo "pwd: ".$p_hash."<br>";
echo "Gender: ".$g."<br>";
echo "Country: ".$c."<br>";
echo "ip: ".$ip."<br>";

// Create directory(folder) to hold each user's files(pics, MP3s, etc.)
if (!file_exists("user/")) {
mkdir("user/", 0755);
echo "User folder created.<br>";
}
if (!file_exists("user/$u")) {
mkdir("user/$u", 0755);
echo "profile folder created.<br>";
}
// Email the user their activation link
$to = "$e";
$from = "noreply@elefind.x10.bz";
$subject = 'Elefind Account Activation';
$message = ' <!DOCTYPE html>';
$message .= ' <html>';
$message .= ' <head>';
$message .= ' <meta charset="UTF-8">';
$message .= ' <title>Elefind Message</title>';
$message .= ' </head>';
$message .= ' <body style="margin:0px; font-family:Tahoma, Geneva, sans-serif;">';
$message .= ' <table style="background:#343642;padding:40px;border:1px solid #DDD;margin:0 auto;font-family:calibri;">';
$message .= ' <tr>';
$message .= ' <td>';
$message .= ' <table style="background:#505260;width:100%;border:1px solid #CCC;padding:0;margin:0;border-collapse:collapse;max-width:100%;width:550px;border-radius:10px;">';
$message .= ' <!-- Logo -->';
$message .= ' <tr>';
$message .= ' <td style="padding:10px 30px;text-align:center;margin:0">';
$message .= ' <p>';
$message .= ' <a href="#"><img src="http://www.elefind.x10.bz/img/logo.png" width="100"></a>';
$message .= ' </p>';
$message .= ' </td>';
$message .= ' </tr>';
$message .= ' <!-- Welcome Salutation -->';
$message .= ' <tr>';
$message .= ' <td style="padding:10px 30px;margin:0;font-size:2.5em;color:#4A7BA5;text-align:center;">';
$message .= ' Welcome to Elefind!';
$message .= ' </td>';
$message .= ' </tr>';
$message .= ' <!-- User Msg -->';
$message .= ' <tr>';
$message .= ' <td style="padding:10px 30px;margin:0;text-align:left;color:FFF;">';
$message .= ' <p>Hey there '.$u.',</p>';
$message .= ' <p>To activate your profile please follow link on the below link,</p>';
$message .= ' </td>';
$message .= ' </tr>';
$message .= ' <!-- Link Button -->';
$message .= ' <tr>';
$message .= ' <td style="padding:10px 30px;text-align:center;">';
$message .= ' <a href="http://elefind.x10.bz/activation.php?id='.$uid.'&u='.$u.'&e='.$e.'&p='.$p_hash.'" title="Activate Profile">';
$message .= ' <img src="http://elefind.x10.bz/img/activate.png" width="300" height="auto">';
$message .= ' </img>';
$message .= ' </a>';
$message .= ' </td>';
$message .= ' </tr>';
$message .= ' <!-- Seperator -->';
$message .= ' <tr>';
$message .= ' <td style="padding:10px 30px;">';
$message .= ' </td>';
$message .= ' </tr>';
$message .= ' <!-- Footer Content -->';
$message .= ' <tr>';
$message .= ' <td style="padding:10px 30px;margin:0;background:#555;color:#CCC;border-top:1px solid #CCC;">';
$message .= ' <p>Once your account is active you can sign in with your email adress.</p>';
$message .= ' <p>Didn\'t request this? If you didn\'t request a to make an account with us, please let us know.</p>';
$message .= ' <p>This email is sent from an unmonitored address. Please do not reply.<!-- Please use links inline to get additional information or help.--></p>';
$message .= ' <!--<p>If you no longer wish to receive these emails, click here to <a href="#" style="color:#FFF;">Unsubscribe</a></p>-->';
$message .= ' </td>';
$message .= ' </tr>';
$message .= ' </table>';
$message .= ' <!-- Some more content -->';
$message .= ' <tr>';
$message .= ' <td style="padding:10px 30px;margin:0;font-size:10px;">';
$message .= ' <p> Click on the link above to activate your account, If the button does not work please use the following link,</br>';
$message .= ' <a href="http://elefind.x10.bz/activation.php?id='.$uid.'&u='.$u.'&e='.$e.'&p='.$p_hash.'">';
$message .= ' http://elefind.x10.bz/activation.php?id='.$uid.'&u='.$u.'&e='.$e.'&p='.$p_hash;
$message .= ' </a>';
$message .= ' </p>';
$message .= ' </td>';
$message .= ' </tr>';
$message .= ' </td>';
$message .= ' </tr>';
$message .= ' </table>';
$message .= ' </body>';
$message .= ' </html>';
$headers = "From: $from\n";
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\n";
mail($to, $subject, $message, $headers);
echo "ACCOUNT_CREATED_SUCCESSFULLY";
exit();
}
exit();
}
?>
<!DOCTYPE html>
<html>
<head>
<head name="Default">
<link rel="icon" href="favicon.ico" type="image/x-icon">
<meta charset="UTF-8">
<title>Sign Up</title>
</head>
<head name="CSS">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css">
<link rel="stylesheet" href="css/pages/signup.css">
<link rel="stylesheet" href="css/header.css">
<link rel="stylesheet" href="css/footer.css">
<link rel="stylesheet" href="css/fonts.css">
</head>
<head name="JS">
<script src="https://code.jquery.com/jquery-2.2.4.min.js"></script>
<script src="js/pages/signup.js"></script>
<script src="js/header.js"></script>
<script src="js/main.js"></script>
<script src="js/ajax.js"></script>
<script>

$('.send').click(function(e){
$(".send").addClass("sending");
})

function restrict(elem){
var tf = document.getElementById(elem);
var rx = new RegExp;
if(elem == "email"){
rx = /[' "]/gi;
} else if(elem == "username"){
rx = /[^a-z0-9]/gi;
} else if(elem == "name"){
rx = /[^a-z]/gi;
} else if(elem == "name"){
rx = /[^a-z]/gi;
}
tf.value = tf.value.replace(rx, "");
}
function emptyElement(x){
document.getElementById(x).innerHTML = "";
}
function checkusername(){
var u = document.getElementById("username").value;
if(u != ""){
document.getElementById("unamestatus").innerHTML = 'checking ...';
var ajax = ajaxObj("POST", "signup.php");
ajax.onreadystatechange = function() {
if(ajaxReturn(ajax) == true) {
document.getElementById("unamestatus").innerHTML = ajax.responseText;
}
}
ajax.send("usernamecheck="+u);
}
}
function signup(){
var fn = document.getElementById("firstname").value;
var ln = document.getElementById("lastname").value;
var u = document.getElementById("username").value;
var e = document.getElementById("email").value;
var p1 = document.getElementById("pass1").value;
var p2 = document.getElementById("pass2").value;
var c = document.getElementById("country").value;
var g = document.getElementById("gender").value;
var status = document.getElementById("status");
if(fn == "" || ln == ""|| u == "" || e == "" || p1 == "" || p2 == "" || c == "" || g == ""){
status.innerHTML = "Some of the form data is missing, Please fill it all out.<br>first name: "+fn+"<br>Last name: "+ln;
$(".send").removeClass("sending");
} else if(p1 != p2){
status.innerHTML = "Your password fields do not match";
$(".send").removeClass("sending");
} else {
var ajax = ajaxObj("POST", "signup.php");
ajax.onreadystatechange = function() {
if(ajaxReturn(ajax) == true) {
if(ajax.responseText != "ACCOUNT_CREATED_SUCCESSFULLY"){
status.innerHTML = ajax.responseText;
$(".send").removeClass("sending");
} else {
window.scrollTo(0,0);
$(".send").removeClass("sending");
document.getElementById("signupform").innerHTML = "OK "+u+", check your email inbox and junk mail box at <u>"+e+"</u> in a moment to complete the sign up process by activating your account. You will not be able to do anything on the site until you successfully activate your account. <br><br>fname: "+fn+"<br>lname: "+ln+"<br> username: "+u+"<br>email: "+e+"<br>password: "+p1+ "<br><br>Correct?";
}
}
}
ajax.send("fn="+fn+"&ln="+ln+"&u="+u+"&e="+e+"&p="+p1+"&c="+c+"&g="+g);
}
}
</script>
</head>
</head>
<body>
<?php include_once("header.php"); ?>
<div class="content">
<div class="cont">
<form name="signupform" id="signupform" action="signup()">
<div class="demo">
<div class="signup">
<div class="signup__check"></div>
<div class="signup__form">
<div class="signup__row">
<input type="text" placeholder="First name" class="signup__input name" id="firstname" name="firstname" onfocus="emptyElement('status')" onkeyup="restrict('name')" maxlength="32">
<br>
</div>
<div class="signup__row">
<input type="text" placeholder="Last name" class="signup__input name" id="lastname" name="lastname" onfocus="emptyElement('status')" onkeyup="restrict('name')" maxlength="32">
<br>
</div>
<div class="signup__row">
<input type="text" placeholder="Username" class="signup__input name" id="username" onfocus="emptyElement('status')" onblur="checkusername()" onkeyup="restrict('username')" maxlength="16">
<br>
<span id="unamestatus"></span>
</div>
<div class="signup__row">
<input type="text" placeholder="Email" class="signup__input name" id="email" onfocus="emptyElement('status')" onkeyup="restrict('email')" maxlength="88">
</div>
<div class="signup__row">
<input type="password" placeholder="Password" class="signup__input pass" id="pass1" onfocus="emptyElement('status')" maxlength="16">
</div>
<div class="signup__row">
<input type="password" placeholder="Confirm password" class="signup__input pass" id="pass2" onfocus="emptyElement('status')" maxlength="16">
</div>
<div class="signup__row">
<select id="gender" onfocus="emptyElement('status')" placeholder="Gender" class="signup__input">
<option value="">Please select a gender</option>
<option value="m">Male</option>
<option value="f">Female</option>
</select>
</div>
<div class="signup__row">
<select id="country" onfocus="emptyElement('status')" placeholder="Country" class="signup__input">
<?php include_once("inc/countries.php"); ?>
</select>
</div>
<div>
<p class="signup__terms"> By creating an account you accept the <a href="terms_of_service.php">terms of service</a> </p>
</div>
<p id="status"></p>
<button id="signupbtn" onclick="signup()" class="send"name="Submit">Sign up</button>
</div>
</div>
</div>
</form>
</div>
</div>
<?php include_once("footer.php"); ?>
</body>
</html>

Answer

In your code besides what was mentioned in the comments you have an if statement that is assigning variables.

if($f = "" || $l = "" || $u == "" || $e == "" || $p == "" || $g == "" || $c == ""){}

Notice the = and not == after $f and $l, it should be:

if($f == "" || $l == "" || $u == "" || $e == "" || $p == "" || $g == "" || $c == ""){}

This way you aren't replacing the original contents and are now checking the contents.

And for future an empty() check will check for "" or even unset POST variables, allowing you to check missing POST values and empty strings in 1 go.