My php script for registrating using prepared statements isn't working and I can't figure out why.
Can somebody please check my code ? Thank you, and sorry for this post if it's duplicated but I can't figure it by myself
Code:
<?php
require_once 'connect.php';
$email = $_POST['email'];
$password = $_POST['password'];
$passwordR = $_POST['confpassword'];
if ($password == $passwordR) {
$password = hash('sha512', $password); // použi password_hash
$prep_stmt = "SELECT * FROM users WHERE email= ? ";
$stmt = connect()->prepare($prep_stmt);
if ($stmt) {
$stmt->bind_param('s', $email);
$stmt->execute();
$stmt->store_result();
if ($stmt->num_rows == 1) {
echo 0;
die();
} else {
if ($insert_stmt = connect()->prepare("INSERT INTO users (email, password) VALUES ( ? , ? )")) {
$insert_stmt->bind_param('ss', $email, $password);
$insert_stmt->execute();
if (!$insert_stmt) {
echo 2;
echo mysqli_stmt_sqlstate($insert_stmt);
die();
} else {
echo 1; //preslo to
die();
}
}
}
} else {
echo 3; //db error
die();
}
}