The problem is very simple (and everything, php and html is on one file(.php))
JavaScript
x
<?php try { $bdd = new PDO('mysql:host=localhost;dbname=dlp;charset=utf8', /*the PDO works*/); } catch(Exception $e) { die('Erreur : '.$e->getMessage()); } if(isset($_POST["name"], $_POST["pass"], $_POST["mail"]) && !empty($_POST["name"]) && !empty($_POST["pass"]) && !empty($_POST["mail"])) { //that works if(!filter_var($_POST["mail"], FILTER_VALIDATE_EMAIL)) { //that works die("adresse email invalide"); } $name=strip_tags(($_POST["name"])); //that works $pass=password_hash($_POST["pass"], PASSWORD_ARGON2ID); //that works $stmt="INSERT INTO `users` (`name`, `pass`, `mail`, `role`) VALUES (:name, '$pass', :mail, '["ROLE_USER"]')"; $query=$bdd->prepare($stmt); $query->bindvalue(':name', $name); $query->bindvalue(':mail', $_POST["mail"]); $query->execute(); }else{ die('formulaire incomplet'); }?>html part:
JavaScript
</div> <form method="post"> <section class="formulaireTitreCulture"> <label for="name">name</label> <input type="name" name="name"></input> </section> <section class="formulaireTitreCulture"> <label for="motdepasse">Mot de passe</label> <input id="motdepasse" name="pass"></input> </section> <section class="formulaireTitreCulture"> <label for="">Mail</label> <input name="mail" id="mail"> </section> <input type="submit" value="Envoyer"> </form></div> the result is die(‘formulaire incomplet’);,and nothing is written in the database, i don’t see why. Any clue is welcome! thanks by advance
Advertisement
Answer
First, use the bound parameters method for all your data.
Second set PDO to generate exceptions, then if the query does not compile or fails with some other reason you will get told.
JavaScript
<?php try { $bdd = new PDO('mysql:host=localhost;dbname=dlp;charset=utf8'); $bdd->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $bdd->setAttribute(PDO::ATTR_EMULATE_PREPARES, FALSE); $bdd->setAttribute(PDO::MYSQL_ATTR_INIT_COMMAND,'SET NAMES UTF8'); } catch(Exception $e) { echo 'Erreur : '.$e->getMessage()); } if(isset($_POST["name"], $_POST["pass"], $_POST["mail"]) && !empty($_POST["name"]) && !empty($_POST["pass"]) && !empty($_POST["mail"])) { //that works if(!filter_var($_POST["mail"], FILTER_VALIDATE_EMAIL)) { throw new Exception("adresse email invalide"); } $stmt="INSERT INTO `users` (`name`, `pass`, `mail`, `role`) VALUES (:name, :pass, :mail, :role)"; $query=$bdd->prepare($stmt); $pass = password_hash($_POST["pass"], PASSWORD_ARGON2ID); $query->bindvalue( ':name', strip_tags($_POST["name"]) ); $query->bindvalue( ':mail', $_POST["mail"]); $query->bindvalue( ':pass', $pass); $query->bindvalue( ':name', json_encode(["ROLE_USER"]) ); $query->execute(); }else{ throw new exception('formulaire incomplet'); } }?>