Php 查询失败。。SQL语法中出现错误;。。检查MariaDB以了解使用near'';客户通行证';=';899b573719facc368f32770ea0b68e32和x27;
我正在尝试创建一个注册表单,它工作正常,直到我尝试将md5添加到密码字段集,我不确定为什么查询失败。任何帮助都将不胜感激Php 查询失败。。SQL语法中出现错误;。。检查MariaDB以了解使用near'';客户通行证';=';899b573719facc368f32770ea0b68e32和x27;,php,Php,我正在尝试创建一个注册表单,它工作正常,直到我尝试将md5添加到密码字段集,我不确定为什么查询失败。任何帮助都将不胜感激 function sign_up(){ if(isset($_POST['register'])){ $c_email = escape_string($_POST['c_email']); $c_name_first = escape_string($_POST['c_name_first']);
function sign_up(){
if(isset($_POST['register'])){
$c_email = escape_string($_POST['c_email']);
$c_name_first = escape_string($_POST['c_name_first']);
$c_name_last = escape_string($_POST['c_name_last']);
$c_pass = escape_string($_POST['c_pass']);
$c_image = escape_string($_FILES['c_image']['name']);
$c_image_tmp = escape_string($_FILES['c_image']['tmp_name']);
$c_address = escape_string($_POST['c_address']);
$c_address_details = escape_string($_POST['c_address_details']);
$c_city = escape_string($_POST['c_city']);
$c_state = escape_string($_POST['c_state']);
$c_zip = escape_string($_POST['c_zip']);
$c_contact = escape_string($_POST['c_phone']);
move_uploaded_file($c_image_tmp, "customer/customer_images/$c_image");
$query = query("SELECT customer_id FROM customers WHERE customer_email = '{$c_email}'");
confirm($query);
if(mysqli_num_rows($query) > 0){
set_message("This email or username is taken");
}else {
$insert_c = query("INSERT INTO customers (customer_firstname,customer_lastname,customer_address,c_addr_details,customer_email,customer_pass,customer_state,customer_city,customer_zip,customer_phone,customer_image) VALUES ('$c_name_first','$c_name_last','$c_address','$c_address_details','$c_email','$c_pass','$c_state','$c_city','$c_zip','$c_contact','$c_image')");
confirm($insert_c);
}
$query = "UPDATE user SET 'customer_pass' = '".md5(md5(last_id()).$c_pass)."' WHERE 'customer_id' = '".last_id()."'";
$send_update_query = query($query);
confirm($send_update_query);
set_message_success("Sign up successful!");
}
}
试一试
当您使用“或”时,请检查您的字符串。请不要使用您自己的密码哈希方案。PHP提供并请使用它们。以下是一些。如果您使用的是5.5之前的PHP版本。
$query = 'UPDATE user SET customer_pass = '.md5(md5(last_id()).$c_pass).' WHERE customer_id = '.last_id();