-1

The problem I am facing is that I am not able to take the users id and send it through. Here is the code.

if ($stmt = $con->prepare('INSERT INTO tblusers (user, password, token) VALUES (?, ?, ?)')) {
    // We do not want to expose passwords in our database, so hash the password and use password_verify when a user logs in.
    $token = password_hash($_POST['token'], CRYPT_BLOWFISH);
    $password = password_hash($_POST['password'],  CRYPT_BLOWFISH);
    $stmt->bind_param('sss', $_POST['username'], $password, $token);
    $stmt->execute();

    $stmt = $con->('SELECT id from tblusers where user=?');
    $user=$_POST['username'];
    $stmt->bind_param('s' $user);
    $stmt->execute();
    $stmt -> bind_result($id);

    $stmt = $con->prepare('INSERT INTO tblbtc (id) VALUES (?)');
    $stmt->bind_param('i', $id);
    $stmt->execute();

    header('location: ../../home/index.php');
} else {
    // Something is wrong with the sql statement, check to make sure accounts table exists with all 3 fields.
    echo ('Could not prepare statement!');
}
    }
    $stmt->close();
}

Here is also a error message I get

Parse error: syntax error, unexpected '(', expecting identifier (T_STRING) or variable (T_VARIABLE)

This code down below works without the two extra added mysql statements.

if ($stmt = $con->prepare('INSERT INTO tblusers (user, password, token) VALUES (?, ?, ?)')) {
    // We do not want to expose passwords in our database, so hash the password and use password_verify when a user logs in.
    $token = password_hash($_POST['token'], CRYPT_BLOWFISH);
    $password = password_hash($_POST['password'],  CRYPT_BLOWFISH);
    $stmt->bind_param('sss', $_POST['username'], $password, $token);
    $stmt->execute();



    header('location: ../../home/index.php');
} else {
    // Something is wrong with the sql statement, check to make sure accounts table exists with all 3 fields.
    echo ('Could not prepare statement!');
}
    }
    $stmt->close();
}

The expected results of this code it to create the user which works and then to take the users id and also create columns on the tblbtc with the userid/.

HK boy
  • 1,380
  • 11
  • 16
  • 21
Neiko
  • 1
  • 6
  • On first sight there is a syntax error in the line `$stmt->bind_param('s' $user);` - you missed a `,`. – janw Sep 17 '19 at 23:14
  • also you have a syntax error here: `$stmt = $con->('SELECT id...` should be `$stmt = $con->prepare('SELECT id...` – catcon Sep 17 '19 at 23:22

1 Answers1

1

You can get the inserted user id using mysqli::inserted_id

see the code below 

<?php
if ($stmt = $con->prepare('INSERT INTO tblusers (user, password, token) VALUES (?, ?, ?)')) {
    // We do not want to expose passwords in our database, so hash the password and use password_verify when a user logs in.
    $token = password_hash($_POST['token'], CRYPT_BLOWFISH);
    $password = password_hash($_POST['password'],  CRYPT_BLOWFISH);
    $stmt->bind_param('sss', $_POST['username'], $password, $token);
    $stmt->execute();
    $user_id = $stmt->insert_id;

    if($user_id)
    {
        $stmt = $con->prepare('INSERT INTO tblbtc (id) VALUES (?)');
        $stmt->bind_param('i', $user_id);
        $stmt->execute();
        header('location: ../../home/index.php');
    }
    else{
        echo ('Could not prepare statement!');

    }
} else {
    // Something is wrong with the sql statement, check to make sure accounts table exists with all 3 fields.
    echo ('Could not prepare statement!');
}

$stmt->close();
Mohd Alomar
  • 904
  • 11
  • 27