Hello guys I have wrote this registration page script and I want to register user info into database but I am trying to do this securely by using prepared insert statement with oop syntax but not sure if I did this right because when I register dummy data, it won't put anything in the database.
index.php page
<!DOCTYPE html>
<html>
<head>
<title>Registration form</title>
<link rel="stylesheet" type="text/css" href="regisform.css">
</head>
<body>
<div id="form">
<div id="header"><h2>Registration Form</h2></div>
<form method="post" action="process.php">
<label>Username:</label>
<input type="text" name="username" placeholder="Enter a Username please" required="required" />
<label>Email:</label>
<input type="text" name="email" placeholder="Enter your email please" required="required" />
<label>Password:</label>
<input type="text" name="password" placeholder="Enter a Password please" required="required" />
<input type="submit" name="signup" value="Sign up"/>
</form>
</div>
</body>
</html>
<?php
include "process.php";
$db = new db();
if(isset($_POST['signup'])) {
$user = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
$query = "INSERT INTO users (user_name, user_email, user_pass) VALUES (?, ?, ?)";
$run = $db->insert($query);
$run->bind_param('sss', $user, $email, $password);
$run->execute();
$run->close();
}
?>
process.php page
<?php
class db {
public $host = "localhost";
public $user = "root";
public $pass = "";
public $db_name = "pros";
public $link;
public function __construct(){
$this->connect();
}
private function connect() {
$this->link = new mysqli($this->host, $this->user, $this->pass, $this->db_name);
}
public function insert ($query) {
$result = $this->link->prepare($query);
if($result){
echo "<center><h2>Registration Successfull!</h2></center>";
}
else
{
echo "<center><h2>Registration failed!</h2></center>";
}
return $result;
}
}
?>
