I've tried a few ways of filtering and when I do I can only insert into the table once, the id is set to auto increment. This is how variables get defined.
<form action = "php/createaccount.php" method = "post">
First Name <br /> <input type ="text" placeholder="First name" name = "fname"><br />
Last Name <br /> <input type ="text" placeholder="Last name" name = "lname"><br />
User Name <br /> <input type ="text" placeholder="Username" name = "uname"><br />
Password <br /> <input type ="text" placeholder="Password" name = "pword"><br />
School Name <br /> <input type ="text" placeholder="School name" name = "sname"><br />
Email <br /> <input type ="text" placeholder="Email" name = "email"> <br />
<input type = "submit" value = "Create Account">
</form>
This is the createaccount.php page
<?php
error_reporting (-1); ini_set ("display_errors", "On");
$con = mysqli_connect("localhost" , "root" , "" , "epicreads");
//check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql = $con->prepare("INSERT INTO users (fname, lname, email, uname, sname)
VALUES
(?, ?, ?, ?, ?)");
$sql->bind_param('sssss', $fname, $lname, $email, $uname, $sname);
$sql->execute();
//Password and password security
//Set the cost
$cost = 10;
// Create a random salt
$salt = strtr(base64_encode(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM)), '+', '.');
// Hash the password with the salt
$hash = crypt($pword, $salt);
//Post into table
$pword = "INERT INTO users (pword)
values
('$_POST[pword]')";
//Echo
die('Error: ' . mysqli_error($con));
echo "1 record added";
mysqli_close($con);
?>
this is the updated createaccount.php page UPDATE: With error reporting on it is saying that column 'fname' cannot be null This is my table structure in mysqli