</head> <body> <h1 class="nomp">Register</h1> <?php function generateSalt() { return "Pepper"; } if (isset($_POST['doSQL']) && $_POST['doSQL'] == "true") { echo "<h1>DO SQL</h1>"; $username = $_POST['username']; $password = $_POST['password']; echo "Your username is '{$username}' ; your password is '{$password}'.<br>"; $salt = generateSalt(); $hashy_password = saltyhash($password, $salt); $sql = "INSERT INTO {$tabl} (username, password, salt) VALUES ('{$username}', '{$hashy_password}', '{$salt}');"; echo $sql . '<br>'; $result = query($sql); if ($result === TRUE) { echo "Succesfully saved.<br>"; } else { echo "Failed to save!<br>"; } } else { echo "<h1>ASK USERDATA</h1>"; ?> <form action="register.php" method="POST"> <input type="hidden" name="doSQL" value="true"> <input type="text" name="username" value="Username"><br>
$username = $_POST['username']; $password = $_POST['password']; $stmt = $mysqli->prepare("select username, count(*) as occurs from users where username = '******'"); if (!$stmt) { echo json_encode(array("success" => false, "message" => "Oops, query 1 failed: %s" . $mysqli->error)); exit; } //echo "after first query"; $stmt->execute(); $stmt->bind_result($nullval, $occurs); $stmt->fetch(); //echo $occurs; $stmt->close(); if ($occurs == 0) { //user is not already in database $hash = saltyhash($password); //echo "Hash: " .$hash; //echo "Username: "******"insert into users (username, passhash) values (?, ?)"); if (!$stmt1) { echo json_encode(array("success" => false, "message" => "Oops, query 2 failed: %s" . $mysqli->error)); exit; } $stmt1->bind_param('ss', $username, $hash); $stmt1->execute(); $stmt1->close(); $stmt3 = $mysqli->prepare("select id from users where username = '******'"); if (!$stmt3) { echo json_encode(array("success" => false, "message" => "Oops, query 1 failed: %s" . $mysqli->error)); exit; }