如何使用PDO准备的语句/位置占位符运行此PHP注册脚本?
我正在尝试使用带有位置占位符的PDO准备语句创建一个PHP注册脚本。但是MySQL查询不会执行<代码>变量转储()代码>不显示任何错误 我迫切需要有人仔细查看我的代码,并向我解释为什么查询无法执行 下面是对register.php的重写,如果某些预定义的条件不满足,它现在会显示错误。但是,当insert或select查询失败时,它不会显示任何错误。var_dump();即使PDO查询无法执行,也不会显示任何错误 拜托,我需要你的帮助来解决这个问题。提前感谢您的时间和投入。谢谢 register.php:如何使用PDO准备的语句/位置占位符运行此PHP注册脚本?,php,mysql,pdo,Php,Mysql,Pdo,我正在尝试使用带有位置占位符的PDO准备语句创建一个PHP注册脚本。但是MySQL查询不会执行变量转储()不显示任何错误 我迫切需要有人仔细查看我的代码,并向我解释为什么查询无法执行 下面是对register.php的重写,如果某些预定义的条件不满足,它现在会显示错误。但是,当insert或select查询失败时,它不会显示任何错误。var_dump();即使PDO查询无法执行,也不会显示任何错误 拜托,我需要你的帮助来解决这个问题。提前感谢您的时间和投入。谢谢 register.php: &l
<?php
// include configuration file
require ("includes/config.php");
//Class import for image uploading
//classes is the map where the class file is stored (one above the root)
include ("classes/upload/upload_class.php");
// define variables and set to empty values
$firstnameErr = $lastnameErr = $usernameErr = $genderErr = $passwordErr = $confirmationErr = $emailErr = $birthdayErr = $phoneErr = "";
$firstname = $lastname = $username = $gender = $password = $confirmation = $email = $birthday = $phone = "";
// if form was submitted
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
$firstname = student_input($_POST["firstname"]);
$lastname = student_input($_POST["lastname"]);
$username = student_input($_POST["username"]);
$gender = student_input($_POST["gender"]);
$password = student_input($_POST["password"]);
$confirmation = student_input($_POST["confirmation"]);
$email = student_input($_POST["email"]);
$birthday = student_input($_POST["birthday"]);
$phone = student_input($_POST["phone"]);
// validate submission
if (empty($_POST["firstname"]))
{
$firstnameErr = "First name is required.";
}
else
{
$firstname = student_input($_POST["firstname"]);
}
if(empty($_POST["lastname"]))
{
$lastnameErr = "Last name is required.";
}
else
{
$lastname = student_input($_POST["lastname"]);
}
if(empty($_POST["username"]))
{
$usernameErr = "Username is required.";
}
else if(!empty($_POST["username"]))
{
// validate username
if (!preg_match("/^[a-zA-Z0-9]*$/", $username))
{
$usernameErr = "Username must contain only letters and numbers.";
}
if (strlen($username) < 4 || strlen($username) > 10)
{
$usernameErr = "Username must be from 4 to 10 characters.";
}
}
else
{
$username = student_input($_POST["username"]);
}
if(empty($_POST["gender"]))
{
$genderErr = "Gender is required.";
}
else
{
$gender = student_input($_POST["gender"]);
}
if(empty($_POST["password"]))
{
$passwordErr = "Enter a password.";
}
else if(!empty($_POST["password"]))
{
// validate username
if (!preg_match("/^[a-zA-Z0-9]*$/", $password))
{
$passwordErr = "Password must contain letters, numbers and special characters.";
}
if (strlen($password) < 8 || strlen($password) > 20)
{
$passwordErr = "Password must be from 8 to 20 characters.";
}
}
else if (empty($_POST["confirmation"]))
{
$confirmationErr = "Confirm your password.";
}
else if ($_POST["password"] != $_POST["confirmation"])
{
$confirmationErr = "Password and confirmation don't match.";
}
else
{
$password = student_input($_POST["password"]);
}
if(empty($_POST["email"]))
{
$emailErr = "Your email address is required.";
}
else if(!filter_var($email, FILTER_VALIDATE_EMAIL))
{
$emailErr = "Invalid email format";
}
else
{
$email = student_input($_POST["email"]);
}
if(empty($_POST["birthday"]))
{
$birthdayErr = "Birthday is required.";
}
else if(!empty($_POST["birthday"]))
{
$today = date("d-m-Y");
$diff = date_diff(date_create($birthday), date_create($today));
if($diff->format('%y%') < 6)
{
$birthdayErr = "You must be at least 6 years old to register.";
}
else
{
$birthday = student_input($_POST["birthday"]);
}
}
if(empty($_POST["phone"]))
{
$phoneErr = "Phone number is required.";
}
else if(!empty($_POST["phone"]))
{
// Don't allow country codes to be included (assumes a leading "+")
if (preg_match('/^(\+)[\s]*(.*)$/',$phone))
{
$phoneErr = "You should not include the country code.";
}
// Remove hyphens - they are not part of a telephone number
$phone = str_replace ('-', '', $phone);
// Now check that all the characters are digits
if (!preg_match('/^[0-9]{10,11}$/',$phone))
{
$phoneErr = "Phone number should be either 10 or 11 digits";
}
// Now check that the first digit is 0
if (!preg_match('/^0[0-9]{9,10}$/',$phone))
{
$phoneErr = "The telephone number should start with a 0";
}
else
{
$phone = student_input($_POST["phone"]);
}
}
else if(!empty($_FILES["userimage"]))
{
//This is the directory where images will be saved
$max_size = 1024*250; // the max. size for uploading
$my_upload = new file_upload;
$my_upload->upload_dir = "images/user/"; // "files" is the folder for the uploaded files (you have to create this folder)
$my_upload->extensions = array(".png", ".gif", ".jpeg", ".jpg"); // specify the allowed extensions here
// $my_upload->extensions = "de"; // use this to switch the messages into an other language (translate first!!!)
$my_upload->max_length_filename = 50; // change this value to fit your field length in your database (standard 100)
$my_upload->rename_file = false;
$my_upload->the_temp_file = $_FILES['userimage']['tmp_name'];
$my_upload->the_file = $_FILES['userimage']['name'];
$my_upload->http_error = $_FILES['userimage']['error'];
$my_upload->replace = "y";
$my_upload->do_filename_check = "n"; // use this boolean to check for a valid filename
if ($my_upload->upload()) // new name is an additional filename information, use this to rename the uploaded file
{
$full_path = $my_upload->upload_dir.$my_upload->file_copy;
$imagename = $my_upload->file_copy;
}
else
{
$imagename = "";
}
}
else
{
try
{
$stmt = $pdo->prepare("SELECT * FROM users WHERE username = ?");
$stmt->execute(student_input($_POST["username"]));
$user = $stmt->fetch(); # get users data
if($user["username"]==$username)
{
$errorMsg[]="Sorry username already exists"; //check condition username already exists
}
else if($user["email"]==$email)
{
$errorMsg[]="Sorry email already exists"; //check condition email already exists
}
else if($user["phone"]==$phone)
{
$errorMsg[]="Sorry, the phone number already exists"; //check condition email already exists
}
else if(!isset($errorMsg)) //check no "$errorMs g" show then continue
{
$new_password = password_hash($password, PASSWORD_DEFAULT); //encrypt password using password_hash()
// insert form input into database
$stmt= $pdo->prepare("INSERT INTO users (firstname, lastname, username, gender, password, email, birthday, phone, userimage) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)")->execute($data);
// find out user's ID
$stmt = $pdo->query("SELECT LAST_INSERT_ID() AS user_id");
$user_id = $stmt[0]["user_id"];
// redirect to list users page
header("Location: userinfo.php");
}
}
catch(PDOException $e)
{
echo $e->getMessage();
}
}
}
// render the header template
include("templates/header.php");
// render add user template
include("templates/register-form.php");
// render the footer template
include("templates/footer.php");
?>
另一件事:如何在任何现有错误的输入字段正下方的register-form.php上打印错误
register form.php:
<?php
// include configuration file
require ("includes/config.php");
//Class import for image uploading
//classes is the map where the class file is stored (one above the root)
include ("classes/upload/upload_class.php");
// define variables and set to empty values
$firstnameErr = $lastnameErr = $usernameErr = $genderErr = $passwordErr = $confirmationErr = $emailErr = $birthdayErr = $phoneErr = "";
$firstname = $lastname = $username = $gender = $password = $confirmation = $email = $birthday = $phone = "";
// if form was submitted
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
$firstname = student_input($_POST["firstname"]);
$lastname = student_input($_POST["lastname"]);
$username = student_input($_POST["username"]);
$gender = student_input($_POST["gender"]);
$password = student_input($_POST["password"]);
$confirmation = student_input($_POST["confirmation"]);
$email = student_input($_POST["email"]);
$birthday = student_input($_POST["birthday"]);
$phone = student_input($_POST["phone"]);
// validate submission
if (empty($_POST["firstname"]))
{
$firstnameErr = "First name is required.";
}
else
{
$firstname = student_input($_POST["firstname"]);
}
if(empty($_POST["lastname"]))
{
$lastnameErr = "Last name is required.";
}
else
{
$lastname = student_input($_POST["lastname"]);
}
if(empty($_POST["username"]))
{
$usernameErr = "Username is required.";
}
else if(!empty($_POST["username"]))
{
// validate username
if (!preg_match("/^[a-zA-Z0-9]*$/", $username))
{
$usernameErr = "Username must contain only letters and numbers.";
}
if (strlen($username) < 4 || strlen($username) > 10)
{
$usernameErr = "Username must be from 4 to 10 characters.";
}
}
else
{
$username = student_input($_POST["username"]);
}
if(empty($_POST["gender"]))
{
$genderErr = "Gender is required.";
}
else
{
$gender = student_input($_POST["gender"]);
}
if(empty($_POST["password"]))
{
$passwordErr = "Enter a password.";
}
else if(!empty($_POST["password"]))
{
// validate username
if (!preg_match("/^[a-zA-Z0-9]*$/", $password))
{
$passwordErr = "Password must contain letters, numbers and special characters.";
}
if (strlen($password) < 8 || strlen($password) > 20)
{
$passwordErr = "Password must be from 8 to 20 characters.";
}
}
else if (empty($_POST["confirmation"]))
{
$confirmationErr = "Confirm your password.";
}
else if ($_POST["password"] != $_POST["confirmation"])
{
$confirmationErr = "Password and confirmation don't match.";
}
else
{
$password = student_input($_POST["password"]);
}
if(empty($_POST["email"]))
{
$emailErr = "Your email address is required.";
}
else if(!filter_var($email, FILTER_VALIDATE_EMAIL))
{
$emailErr = "Invalid email format";
}
else
{
$email = student_input($_POST["email"]);
}
if(empty($_POST["birthday"]))
{
$birthdayErr = "Birthday is required.";
}
else if(!empty($_POST["birthday"]))
{
$today = date("d-m-Y");
$diff = date_diff(date_create($birthday), date_create($today));
if($diff->format('%y%') < 6)
{
$birthdayErr = "You must be at least 6 years old to register.";
}
else
{
$birthday = student_input($_POST["birthday"]);
}
}
if(empty($_POST["phone"]))
{
$phoneErr = "Phone number is required.";
}
else if(!empty($_POST["phone"]))
{
// Don't allow country codes to be included (assumes a leading "+")
if (preg_match('/^(\+)[\s]*(.*)$/',$phone))
{
$phoneErr = "You should not include the country code.";
}
// Remove hyphens - they are not part of a telephone number
$phone = str_replace ('-', '', $phone);
// Now check that all the characters are digits
if (!preg_match('/^[0-9]{10,11}$/',$phone))
{
$phoneErr = "Phone number should be either 10 or 11 digits";
}
// Now check that the first digit is 0
if (!preg_match('/^0[0-9]{9,10}$/',$phone))
{
$phoneErr = "The telephone number should start with a 0";
}
else
{
$phone = student_input($_POST["phone"]);
}
}
else if(!empty($_FILES["userimage"]))
{
//This is the directory where images will be saved
$max_size = 1024*250; // the max. size for uploading
$my_upload = new file_upload;
$my_upload->upload_dir = "images/user/"; // "files" is the folder for the uploaded files (you have to create this folder)
$my_upload->extensions = array(".png", ".gif", ".jpeg", ".jpg"); // specify the allowed extensions here
// $my_upload->extensions = "de"; // use this to switch the messages into an other language (translate first!!!)
$my_upload->max_length_filename = 50; // change this value to fit your field length in your database (standard 100)
$my_upload->rename_file = false;
$my_upload->the_temp_file = $_FILES['userimage']['tmp_name'];
$my_upload->the_file = $_FILES['userimage']['name'];
$my_upload->http_error = $_FILES['userimage']['error'];
$my_upload->replace = "y";
$my_upload->do_filename_check = "n"; // use this boolean to check for a valid filename
if ($my_upload->upload()) // new name is an additional filename information, use this to rename the uploaded file
{
$full_path = $my_upload->upload_dir.$my_upload->file_copy;
$imagename = $my_upload->file_copy;
}
else
{
$imagename = "";
}
}
else
{
try
{
$stmt = $pdo->prepare("SELECT * FROM users WHERE username = ?");
$stmt->execute(student_input($_POST["username"]));
$user = $stmt->fetch(); # get users data
if($user["username"]==$username)
{
$errorMsg[]="Sorry username already exists"; //check condition username already exists
}
else if($user["email"]==$email)
{
$errorMsg[]="Sorry email already exists"; //check condition email already exists
}
else if($user["phone"]==$phone)
{
$errorMsg[]="Sorry, the phone number already exists"; //check condition email already exists
}
else if(!isset($errorMsg)) //check no "$errorMs g" show then continue
{
$new_password = password_hash($password, PASSWORD_DEFAULT); //encrypt password using password_hash()
// insert form input into database
$stmt= $pdo->prepare("INSERT INTO users (firstname, lastname, username, gender, password, email, birthday, phone, userimage) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)")->execute($data);
// find out user's ID
$stmt = $pdo->query("SELECT LAST_INSERT_ID() AS user_id");
$user_id = $stmt[0]["user_id"];
// redirect to list users page
header("Location: userinfo.php");
}
}
catch(PDOException $e)
{
echo $e->getMessage();
}
}
}
// render the header template
include("templates/header.php");
// render add user template
include("templates/register-form.php");
// render the footer template
include("templates/footer.php");
?>
登记
名字:*
姓氏:*
用户名:*
性别:*
选择你的性别
男性
女性
密码:*
确认密码:*
电子邮件:*
电话:*
出生日期:
护照照片:
登记
或
你使用了$stmt->execute(
插入两次,这是要发生的吗?@NigelRen,我不知道$stmt->execute(不能这样使用两次。我如何重写第二行代码?如果($stmt->execute([$firstname,$lastname,$username,$gender,$password,$birth,$phone,$imagename]))您使用了$stmt->execute(
插入两次,这是要发生的吗?@NigelRen,我不知道$stmt->execute(不能这样使用两次。我如何重写第二行代码?如果($stmt->execute([$firstname,$lastname,$username,$gender,$password,$birth,$phone,$imagename]))