+ 1

PHP Warning: mysqli_real_escape_string() expects parameter 1 to be mysqli, null given

<?php session_start(); $username = ""; $email = ""; $errors = []; $conn = new mysqli('localhost', 'rcbmjkoa_ITN', 'kmWEC2018', 'registration'); // REGISTER USER if (isset($_POST['reg_user'])) { // receive all input values from the form $username = mysqli_real_escape_string($db, $_POST['username']); $email = mysqli_real_escape_string($db, $_POST['email']); $password_1 = mysqli_real_escape_string($db, $_POST['password_1']); $password_2 = mysqli_real_escape_string($db, $_POST['password_2']); // form validation: ensure that the form is correctly filled ... // by adding (array_push()) corresponding error unto $errors array if (empty($username)) { array_push($errors, "Username is required"); } if (empty($email)) { array_push($errors, "Email is required"); } if (empty($password_1)) { array_push($errors, "Password is required"); } if ($password_1 != $password_2) { array_push($errors, "The two passwords do not match"); } // first check the database to make sure // a user does not already exist with the same username and/or email $user_check_query = "SELECT * FROM users WHERE username='$username' OR email='$email' LIMIT 1"; $result = mysqli_query($db, $user_check_query); $user = mysqli_fetch_assoc($result); if ($user) { // if user exists if ($user['username'] === $username) { array_push($errors, "Username already exists"); } if ($user['email'] === $email) { array_push($errors, "email already exists"); } } // Finally, register user if there are no errors in the form if (count($errors) == 0) { $password = md5($password_1);//encrypt the password before saving in the database $query = "INSERT INTO users (username, email, password) VALUES('$username', '$email', '$password')"; mysqli_query($db, $query); $_SESSION['username'] = $username; $_SESSION['success'] = "You are now logged in"; header('location: index.php'); } } // ... // LOGIN USER if not working re

6th Nov 2018, 7:04 AM
Keaikitse Zlatan Modise
Keaikitse Zlatan Modise - avatar
1 Réponse
+ 3
Have you figured it out? well, just in case you haven't; the mysqli_real_escape function expects the first argument passed to be a mysqli connection resource, your connection resource was $conn, but you passed $db, which is an undefined identifier. Replace all occurrence of $db with $conn, or change the connection variable to $db, this way less lines to replace : ) The same case also for your calls to mysqli_query function for checking if user/e-mail already exists, and for inserting new user data, you also passed $db as connection resource there.
7th Nov 2018, 5:22 PM
Ipang