I have a site that is to create a user account. The site currently works well, however i want to know how to improve and fix an issue i have. If the site sends the post to the server side php it creates the user correctly, however if someone loads the server php file without posting, it will create a user into the db with all values blank. I am doing some checking for users but please help me optimize my code. Thank you in advance.
/// HTML ///
<form id="form_customer">
// form stuff here, please note my button for submit is not in the form but outside
</form>
<button id="form_submit">Submit</button>
<button id="form_cancel">Cancel</button>
//Javascript jQuery
$("#form_cancel").click(function() {
window.location = 'index.php';
});
$("#form_submit").click(function() {
$.post("incl/server_register.php", payload, function(data) {
if(data == "500"){
alert("An Error has occured.");
}
if(data == "200"){
alert("Registration complete. Redirecting...");
indow.location = 'index.php';
}
if(data == "400")
alert("Username already exists. Please select another.");
},"json");
// And here is my server side PHP
$mysqli = new mysqli($dbHost, $dbUser, $dbPass);
$mysqli->select_db($dbDB);
// Check connection
if($mysqli->connect_error) {
die('Connection Error: (' .$mysqli->connect_errno .') ' .$mysqli->connect_error);
}
if(isset($_POST))
{
// Query DB
$check = "SELECT * FROM table WHERE Username='$sUsername'";
$result = $mysqli->query($check);
if($result->num_rows == 0)
{
$query = "INSERT into table (blah blah)
$result = $mysqli->query($query);
if($result == false)
echo json_encode("500");
else {
echo json_encode("200");
mail($to, $subject, $message, $headers);
}
}
else
echo json_encode("400");
}
}
Check if username and password isn’t empty (also don’t forgot about trim).