StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
text
Body
copied!<p>Your guess about the form is correct. There is a "NEW ACCOUNT FORM" that asks you a username, email and password. Probably earlier in that php code you should have something like this:</p> <pre><code>$username = $_POST['username'; $email = $_POST['email']; </code></pre> <p>This is, retrieve the values from the $_POST array that contains the values submitted in the "NEW ACCOUNT FORM". As for the insert part,</p> <p><code>if ($insert_stmt = $mysqli->prepare("INSERT INTO members (username, email, password, salt) VALUES (?, ?, ?, ?)"))</code></p> <p>This if condition is true if a valid value is assigned to $insert_stmt, I guess that it would be null if the conection to the database hasn't been established or something like that.</p> <p>$insert_smtp would have now something as a "template" of the insert query, it is missing the parameters. The "?" symbols, stands for a parameter you would be sending later.</p> <p>The instruction</p> <p><code>$insert_stmt->bind_param('ssss', $username, $email, $password, $random_salt);</code></p> <p>will bind the parameters marked "?" in the "template".</p> <p>The reason for not to putting directly the username , email, password in the INSERT statment is that, they could include SQL statements that may result in an SQL injection attack. By passing the parameters via "bind_param" the function takes care of cleaning the variables before putting them in the insert.</p> <p>The instruction</p> <p><code>$insert_stmt->execute();</code></p> <p>Finally executes the query on the database.</p>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload