0

I get the error "Warning: mysqli_close() expects parameter 1 to be mysqli, null given in" and I can't find a problem. Can anyone help, here is my code.

$username = $_POST['username'];
 $password = $_POST['password'];
 $email = $_POST['email'];

 $CheckSQL = "SELECT * FROM users WHERE email='$email'";

 $check = mysqli_fetch_array(mysqli_query($con,$CheckSQL));

 if(isset($check)){

 echo 'Email Already Exist';

 }
else{ 
$Sql_Query = "INSERT INTO users (username,password,email) values ('$username','$password','$email')";

 if(mysqli_query($con,$Sql_Query))
{
 echo 'Registration Successfully';
}
else
{
 echo 'Something went wrong';
 }
 }
}
mysqli_close($con);
3
Contributors
10
Replies
60
Views
4 Months
Discussion Span
Last Post by cereal
Featured Replies
  • 2
    diafol 3,669   4 Months Ago

    Just an observation. You are not sanitising your inputs. You can filter your inputs, sanitise or use a prepared statement. This means you are open to SQL injection. Read More

0

At line 26 there is an extra }, but it does not raise a syntax error, so if on top you have a condition like:

if($_POST)
{
    # open connection here
    # other code ...
} # <-- line 26 in your code
# close connection here

then, when you open the page with a GET request, you get the error because the connection object does not exists. If this is the case, move close() into the statement and it should work.

2

Just an observation. You are not sanitising your inputs. You can filter your inputs, sanitise or use a prepared statement. This means you are open to SQL injection.

Edited by diafol

0

When I remove the extra bracket, I get this "Parse error: syntax error, unexpected end of file". Here is what it looks like.

<?php
if($_SERVER['REQUEST_METHOD']=='POST'){

include 'DatabaseConfig.php';

 $con = mysqli_connect($localhost,$username,$password,$database);

 $username = $_POST['username'];
 $password = $_POST['password'];
 $email = $_POST['email'];

 $CheckSQL = "SELECT * FROM users WHERE email='$email'";

 $check = mysqli_fetch_array(mysqli_query($con,$CheckSQL));

 if(isset($check)){

 echo 'Email Already Exist';

 }
else{ 
$Sql_Query = "INSERT INTO users (username,password,email) values ('$username','$password','$email')";

 if(mysqli_query($con,$Sql_Query))
{
 echo 'Registration Successfully';
}
else
{
 echo 'Something went wrong';
 }
}
mysqli_close($con);
?>
0

When I remove the extra bracket, I get this "Parse error: syntax error, unexpected end of file".

I suggested you to move mysqli_close() inside the statement, not to remove the extra bracket. Otherwise you get the syntax error.

0

The page now shows empty and in the app, I still get "<br/>" when I hit the register button.

<?php
if($_SERVER['REQUEST_METHOD']=='POST'){

include 'DatabaseConfig.php';

 $con = mysqli_connect($localhost,$username,$password,$database);

 $username = $_POST['username'];
 $password = $_POST['password'];
 $email = $_POST['email'];

 $CheckSQL = "SELECT * FROM users WHERE email='$email'";

 $check = mysqli_fetch_array(mysqli_query($con,$CheckSQL));

 if(isset($check)){

 echo 'Email Already Exist';

 }
else{ 
$Sql_Query = "INSERT INTO users (username,password,email) values ('$username','$password','$email')";

 if(mysqli_query($con,$Sql_Query))
{
 echo 'Registration Successfully';
}
else
{
 echo 'Something went wrong';
 }
}
mysqli_close($con);
}
?>
0

Okay,

if the register request is sent to another script you have to redirect the client back to a page that can accept GET requests. Which can be the sign in page or the sign up in case the registration failed. So at the end of the script, right after mysqli_close() you would write:

header('Location: http://site/login');
exit;

You could work on the statements to define the header location string and redirect the user to the appropriated page, depending on the results, for example:

<?php

# use session to save the error message
session_start();

if($_SERVER['REQUEST_METHOD']=='POST')
{
    include 'DatabaseConfig.php';

    # default location
    $location = 'Location: http://site/sign_in';

    # default message
    $_SESSION['msg'] = 'Registration Successfully.';

    $con = mysqli_connect($localhost,$username,$password,$database);
    $username = $_POST['username'];
    $password = $_POST['password'];
    $email = $_POST['email'];
    $CheckSQL = "SELECT * FROM users WHERE email='$email'";
    $check = mysqli_fetch_array(mysqli_query($con,$CheckSQL));

    if(isset($check))
    {
        $_SESSION['msg'] = 'Email Already Exist.';
        $location = 'Location: http://site/sign_up';
    }

    else
    { 
        $Sql_Query = "INSERT INTO users (username,password,email) values ('$username','$password','$email')";

        if( ! mysqli_query($con,$Sql_Query))
        {
            $_SESSION['msg'] = 'Something went wrong.';
            $location = 'Location: http://site/sign_up';
        }
    }

    mysqli_close($con);
    header($location);

    # exit to force the redirect
    exit;
}

Then on the landing pages you start the session again, get the message if it exists and unset, so that next request does not carry the old message:

<?php

# initialize the session
session_start();

# initialize the variable
$msg = '';

if(TRUE === array_key_exists('msg', $_SESSION))
{
    $msg = $_SESSION['msg'];
    unset($_SESSION['msg']);
}

# print the message where needed...

What you still need to do, as suggested by Diafol, is to sanitize and use prepared statements.

0

My php script is connected to an android app I am making. I only have 3 php files. Database, Registration, and Login. The app is supposed to send the information entered in the registration form to my Mysql database. Instead, the app toasts a <br/> and doesnt send any information to the database table. I am not sure where to enter the additional php you provided. I am new to this so please explain to me in simple terms.

0

I am not sure where to enter the additional php you provided.

Do not consider it anymore, I thought the request and response was between PHP pages and I was suggesting you to move the client to a landing page. In this case you probably need more an header with a status code.

A question: are you sure you are sending a POST request to the script? This error:

"Warning: mysqli_close() expects parameter 1 to be mysqli, null given in"

with the code of your first post, can raise only if the request method is not POST.

Do this test: at the end of the POST statement print the request method:

<?php

if($_SERVER['REQUEST_METHOD']=='POST'){
    # your code here
}

echo 'Current request method: ' . $_SERVER['REQUEST_METHOD'];

And see what you get.

0

Nothing changed when I added the code. Do you think I has somehting to do with my android code?

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.