PHP processing page isn't working

Question

I'm attempting to make a login system, with page login.php and posting form action to processlogin.php

The system uses php/html and SQLite3.

The form works fine, the problem I have is when it actually redirects me to the processlogin.php page. I have a bunch of strings set up to output to show me where things are failing, the problem is that I don't even get the very first string on the page. I've been trying different hunches for over an hour now, and haven't gotten anywhere. The only thing I have found out, is that if I remove the entire 2nd if statement (Checking if post value register is set) I get the first output.

Here is my processlogin.php - if any other code is needed I would be more than happy to share it.

<?php

    session_start();

    class MyDB extends SQLite3 {
        function __construct() {
             $this->open('../db/tables.db');
        }
    }

    $db = new MyDB();
    if(!$db){
        echo $db->lastErrorMsg();
    } else {
        echo "<p style='display:none;'>Opened database successfully</p>\n";
    }

    if(isSet($_POST['login'])) {
        echo "<p style='display:none;'>login posted</p>\n";
        $loginNameFromPost = sqlite_escape_string($_POST['loginname']);
        $passwordFromPost = sqlite_escape_string($_POST['password']);

        $ret = $db->query("SELECT * from Users WHERE LoginName='$loginNameFromPost' LIMIT 1;");
        while($row = $ret->fetchArray(SQLITE3_ASSOC) ){
            $hashedPasswordFromDB = $row['Password'];
            $levelFromDB = $row['Level'];
            $usernameFromDB = $row['DisplayName'];
        }

        if (password_verify($passwordFromPost, $hashedPasswordFromDB)) {
            $_SESSION['Username'] = $usernameFromDB;
            $_SESSION['Level'] = $levelFromDB;
            echo "<META http-equiv=\"refresh\" content=\"0;URL=../index.php\">";
        } else {
            echo "<META http-equiv=\"refresh\" content=\"0;URL=../login.php?err=1\">";
        }

    }

    if(isSet($_POST['register'])) {
        echo "<p style='display:none;'>register posted</p>\n";
        $loginNameFromPost = sqlite_escape_string($_POST['loginname']);
        $passwordFromPost = sqlite_escape_string($_POST['password']);
        $emailFromPost = sqlite_escape_string($_POST['email']);
        $displayNameFromPost = sqlite_escape_string($_POST['displayname']);

        $options = [
            'cost' => 11,
        ];

        $hash = password_hash($passwordFromPost, PASSWORD_BCRYPT, $options);

        $sql ="INSERT INTO Users (uniqueID,DisplayName,LoginName,Level,Email,Password) VALUES (NULL,'$displayNameFromPost', '$loginNameFromPost',   '0', '$emailFromPost',  '$hash');"
        $ret = $db->exec($sql);
        if(!$ret){
            echo $db->lastErrorMsg();
            echo "<META http-equiv=\"refresh\" content=\"0;URL=../login.php?err=2\">";
        } else {
          echo "Successfully registered\n";
          echo "<META http-equiv=\"refresh\" content=\"0;URL=../login.php?msg=1\">";
        }

    }

?>

A side note: after a while I ran my code through PHP Code Checker, and it said $ret = $db->exec($sql); (pointing directly at the one inside the 2nd `if) which makes no sense to me, that code is needed!

Answer 1

Just add the semicolon ; on line 53

$sql ="INSERT INTO Users (uniqueID,DisplayName,LoginName,Level,Email,Password) VALUES (NULL,'$displayNameFromPost', '$loginNameFromPost',   '0', '$emailFromPost',  '$hash');";

Hope this helps!