Im trying to create a registration page which worked fine but a friend of mine pointed out the logout button becomes unreachable if a name is at a certain length so i tried fixing it by setting a character limit on the username but it just seems to skip the whole if statement i wrote down here is my code:
<?php
session_start();
//include database
include 'database.php';
$email = $_POST['email'];
$username = $_POST['usernames'];
$password = $_POST['password'];
$hashedpass = password_hash($password, PASSWORD_DEFAULT);
if (empty($email) || empty($username) || empty($password)) {
$_SESSION['error'] = "Vul alles in";
header('Location: ../registration.php');
} else if (strlen($username) > 25) {
$_SESSION['error'] = "Gebruikersnaam te lang";
header('Location: ../registration.php');
} else {
$stmt = $pdo->prepare("SELECT * FROM login WHERE username = ?");
$stmt->bindParam(1, $username, PDO::PARAM_STR, 255);
$stmt->execute();
if ($stmt->rowCount() == 0) {
$sql = $pdo->prepare("INSERT INTO login (username, password) VALUES (:username, :password)");
$sql->bindParam('username', $username, PDO::PARAM_STR);
$sql->bindParam('password', $hashedpass, PDO::PARAM_STR);
$sql->execute();
$_SESSION['loggedin'] = true;
$_SESSION['username'] = $username;
header('Location: ../index.php');
} else {
$_SESSION['error'] = "Gebruikersnaam bestaal al!";
header('Location: ../registration.php');
}
}
CodePudding user response:
Hey thanks alot for the help the exit()'s helped me resolve this issue, code:
<?php
session_start();
//include database
include 'database.php';
$email = $_POST['email'];
$username = $_POST['usernames'];
$password = $_POST['password'];
$hashedpass = password_hash($password, PASSWORD_DEFAULT);
if (empty($email) || empty($username) || empty($password)) {
$_SESSION['error'] = "Vul alles in";
header('Location: ../registration.php');
exit();
}
if (strlen($username) > 25) {
$_SESSION['error'] = "Gebruikersnaam te lang";
header('Location: ../registration.php');
exit();
}
$stmt = $pdo->prepare("SELECT * FROM login WHERE username = ?");
$stmt->bindParam(1, $username, PDO::PARAM_STR, 255);
$stmt->execute();
if ($stmt->rowCount() == 0) {
$sql = $pdo->prepare("INSERT INTO login (username, password) VALUES (:username, :password)");
$sql->bindParam('username', $username, PDO::PARAM_STR);
$sql->bindParam('password', $hashedpass, PDO::PARAM_STR);
$sql->execute();
$_SESSION['loggedin'] = true;
$_SESSION['username'] = $username;
header('Location: ../index.php');
} else {
$_SESSION['error'] = "Gebruikersnaam bestaal al!";
header('Location: ../registration.php');
}
CodePudding user response:
The problem is right before your eyes :) your elseif statement is written as (else if) instead of (elseif). Fix that and see if it works ;)