0

I have the following script where the user enters some data from the android phone in order to register. 

<?php

include("connect.php");
include("functions.php");

if(logged_in())
{
    header("location:profile.php");
    exit();
}

$error = "";
$j = new stdClass();
$string = "";


if (isset($_POST['firstName']) && isset($_POST['lastName']) && isset($_POST['email']) && isset($_POST['password'])) {


    $firstName = $_POST['firstName'];
    $lastName = $_POST['lastName'];
    $email = $_POST['email'];
    $password = $_POST['password'];

    //echo $firstName."<br/>".$lastName."<br/>".$email."<br/>".$password."<br/>".$passwordConfirm."<br/>".$image."<br/>".$imageSize."<br/>";


        //We need to encrypt our password.
        $password = md5($password);


        $insertQuery = "INSERT INTO users(firstName,lastName,email,password) VALUES('$firstName','$lastName','$email','$password')";
        $result = mysqli_query($con,$insertQuery);
        if(!$result){

                $j->status  = "Fail";
                $j->message = "No users in database";
                $string = json_encode($j);
                echo "No inserted data";
                //echo $string;

            }else{
                $j->status  = "success";
                $j->message = "Successfully registered";
                echo "Data inserted";
                $string = json_encode($j);
            }


    echo $string;
}


?>

Unfortunately nothing happens. I can't even generate JSON from the url itself. For example I enter the url's link

http://localhost/android_reg/

and get nothing back. Shouldn't I get 

{
   "status":"fail",
   "status":"No users in database"
}

when there is not data in the database? Surely there is something wrong with my php code.

Improve this question
7
  • What output are you getting currently with this code? I would recommend you to create an array , store the values and json ecode the same Commented Sep 19, 2015 at 6:57
  • Do you have a local Apache/PHP server running? Did you try a normal non-JSON PHP page to confirm it is working? Commented Sep 19, 2015 at 6:57
  • And the URL, localhost/android_reg, is not pointing to a file, so is your server setup to serve localhost/android_reg/index.php? Commented Sep 19, 2015 at 6:58
  • If you are directly hitting the url then $_POST will not work and you have written your code inside the if statement. That's why you are getting nothing. Commented Sep 19, 2015 at 6:58
  • I get no output with code at all!!! Also I have the local Apache server running. Commented Sep 19, 2015 at 7:00

2 Answers 2

Reset to default
1

No. You shouldn't get anything thing back. The main part of your code checks various $_POST variables to see if they're set. Requesting the page in your web browser is a HTTP GET request, so you'll never see any output because the POST variables will never be set.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

I see. So there is nothing wrong with my code right? I ll have to check again the Android code. The debugger of Android Studio shows me that I am posting null variables in the server. Android mistake then.
There probably are other things wrong with your code, but this first problem will make the other errors irrelevant.
0

Make sure your script generates json-output in any case.
Since the fail-branch is usually shorter I prefer to handle it first. In your case: if there is any POST parameter missing -> bail out.
Your script is also prone to sql injections. Prepared statements can avoid that.

<?php
require 'connect.php';
require 'functions.php';

if(logged_in())
{
    header("location:profile.php");
    exit();
}

// isset() can take multiple arguments and only returns true if all variables are set
if ( !isset($_POST['firstName'], $_POST['lastName'], $_POST['email'], $_POST['password']) ) {
    $result = array('status'=>'fail', 'message'=>'missing POST parameter(s)');
}
else {
    $stmt = $con->prepare('
        INSERT INTO
            users
            (firstName,lastName,email,password)
        VALUES
            (?,?,?,?)
    ');

    if ( !$stmt ) {
        $result = array('status'=>'fail', 'message'=>'prepare failed');
    }
    else if ( !$stmt->bind_param('ssss', $_POST['firstName'], $_POST['lastName'], $_POST['email'], $_POST['password']) ) {
        $result = array('status'=>'fail', 'message'=>'bind failed');
    }
    else if ( !$stmt->execute() ) {
        $result = array('status'=>'fail', 'message'=>'execute/insert failed');
    }
    else {
        $result = array('status'=>'success', 'message'=>'Successfully registered');
    }
}

// single, unconditional exit/output point (ok, except for the if(logged_in())/exit() thing)
echo json_encode($result);
Improve this answer

4 Comments

This is much better. I get this output.
{"status":"fail","message":"missing POST parameter(s)"}. At least I know that the Post parameters are not set.
Ok. I connect my Android device to the database. Simply,I enter firstName etc. But the response I get is the missing POST parameters. How can I set them?
this one's pretty highly rated: stackoverflow.com/questions/9767952/…

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.