I am trying to register a user into a SQL database using php. I am not sure why this message is popping up. {"status":"400","message":"Could not register with provided information"} This is what Im using in the url:http://localhost/iHertzmusic/register.php?username=Bob&password=1234&email=bob@mail.com&fullname=Bob%20John I it might be the url that is the problem but this worked before I add emailed conformation in STEP 4. Here is my register.php:
<?php
//Step 1. Delare parms of user info
// Sucuring information and storing variables
$username = htmlentities($_REQUEST["username"]);
$password = htmlentities($_REQUEST["password"]);
$email = htmlentities($_REQUEST["email"]);
$fullname = htmlentities($_REQUEST["fullname"]);
// if GET or POST are empty
if (empty($username) || empty($password) || empty($email) || empty($fullname)) {
$returnArray["status"] = "400";
$returnArray["massage"] = "Missing required information";
echo json_encode($returnArray);
return;
}
// secure password
$salt = openssl_random_pseudo_bytes(20);
$secured_password = sha1($password . $salt);
//Step 2. Build connection
//Secure way to build conn
$file = parse_ini_file("../../../iHertzmusic.ini");
// store in php var inf from ini var
$host = trim($file["dbhost"]);
$user = trim($file["dbuser"]);
$pass = trim($file["dbpass"]);
$name = trim($file["dbname"]);
// include access.php to call func from access.php file
require ("secure/access.php");
$access = new access($host, $user, $pass, $name);
$access->connect();
// Step 3. Insert user information
$result = $access->registerUser($username, $secured_password, $salt, $email, $fullname);
//Successfully registered
if ($result) {
// got current registered user information and store in user
$user = $access->selectUser($username);
// declare information to feedback to user of App as json
$returnArray["status"] = "200";
$returnArray["message"] = "Successfully registered";
$returnArray["id"] = $user["id"];
$returnArray["username"] = $user["username"];
$returnArray["email"] = $user["email"];
$returnArray["fullname"] = $user["fullname"];
// STEP 4. Emailing
//include email.php
require ("secure/email.php");
// store all class in $email var
$email = new email();
// store generated token in $token var
$token = $email->generateToken(20);
//save in 'emailTokens' table
$access->saveToken("emailTokens", $user["id"], $token);
//refer emailing information
$details = array();
$details["subject"] = "Email confirmation on iHertz";
$details["to"] = $user["email"];
$details["fromName"] = "Sean O'Neal";
$details["fromEmail"] = "ihertzmusic432@gmail.com";
// access template file
$template = $email->confirmationTemplate();
// replace {token} from confirmationTemplate.html by $token and store all content in $template var
$template = str_replace("{token}", $token, $template);
$details["body"] = $template;
$email->sendemail($details);
} else {
$returnArray["status"] = "400";
$returnArray["message"] = "Could not register with provided information";
}
// Step 5. Close connection
$access->disconnect();
// Step 6. Json data
echo json_encode($returnArray);
?>
Notice: Undefined variable: returnArray in
// Select user information
public function selectUser($username) {
// sql command
$sql = "SELECT * FROM users WHERE username'".$username."'";
// assign result we got from $sql to $result var
$result = $this->conn->query($sql);
// if we have at least 1 result returned
if ($result != null && (mysqli_num_rows($result) >= 1 )) {
// assign result we got to $row as accociative array
$row = $result->fetch_array(MYSQLI_ASSOC);
if (!empty($row)) {
$returnArray = $row;
}
}
return $returnArray;
}
Notice: Undefined variable: charactersLength
function generateToken($length) {
// some characters
$characters = "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM1234567890";
// get length of characters string
$characters = strlen($characters);
$token = '';
// generate random char from $characters every time until it is less than $charactersLength
for ($i = 0; $i < $length; $i++) {
$token .=$characters[rand(0, $charactersLength-1)];
}
return $token;
}
