phpmysqlforms

Registration form creates 2 duplicate data row's and 2 empty rows with every submission

I have this problem with my website where the registration form submits 2 rows with the submitted data, then it also creates two empty rows underneath the submitted data. Can someone help me fix this please?

This is the coding I have for submitting the data after it has been posted from the registration form.

<?php
$dbc = mysqli_connect (DB_HOST, DB_USER, DB_PASSWORD, DB_NAME) OR die 
('Could not connect to MySQL: ' . mysqli_connect_error() );

$firstname = $_POST['firstname'];
$surname = $_POST['surname'];
$email = $_POST['email'];
$address = $_POST['address'];
$postcode = $_POST['postcode'];
$telephone = $_POST['telephone'];
$username = $_POST['username'];
$password = $_POST['password'];

$q = "INSERT INTO tbl_customers (firstname, surname, email, address, postcode, telephone, username, password)
VALUES ('$firstname', '$surname', '$email', '$address', '$postcode', '$telephone', '$username', '$password')";
$r = mysqli_query ($dbc, $q);

if ($dbc->query($q) === TRUE) {
    echo "New record created successfully";
} else {
    echo "Error: " . $q . "<br>" . $dbc->error;
}
?>

Any help is better than none. Thanks.

Solution

  • As @Sean said you're issuing the query twice. One here:

    $r = mysqli_query ($dbc, $q);

    and again here:

    if ($dbc->query($q) === TRUE) {
    echo "New record created successfully";
} else {
    echo "Error: " . $q . "<br>" . $dbc->error;
}

    Just do one or the other. Personally I'd opt for the OOP way, which is the latter.

    Now most importantly, you should use a prepared statement for this:

    <?php
$dbc = mysqli_connect (DB_HOST, DB_USER, DB_PASSWORD, DB_NAME) OR die 
('Could not connect to MySQL: ' . mysqli_connect_error() );

$firstname = $_POST['firstname'];
$surname = $_POST['surname'];
$email = $_POST['email'];
$address = $_POST['address'];
$postcode = $_POST['postcode'];
$telephone = $_POST['telephone'];
$username = $_POST['username'];
$password = $_POST['password'];

$q = "INSERT INTO tbl_customers (firstname, surname, email, address, postcode, telephone, username, password)
VALUES (?, ?, ?, ?, ?, ?, ?, ?)";

$stmt = $dbc->prepare($q);
$stmt->bind_param('ssssssss', $firstname, $surname, $email, $address, $postcode, $telephone, $username, $password);

$r = $stmt->execute();

if ($r === TRUE) {
    echo "New record created successfully";
} else {
    echo "Error: " . $q . "<br>" . $dbc->error;
}