Php 为什么';我的站点是否将用户输入的数据存储在我的数据库中?
您好,我是一名编程初学者,我正在尝试在我的Web站点上创建一个简单的注册函数,一个供用户填写的简单表单,然后它应该将数据存储在我的数据库中,问题是一切正常(我想):)但数据/用户信息不存储Php 为什么';我的站点是否将用户输入的数据存储在我的数据库中?,php,html,mysql,post,mysqli,Php,Html,Mysql,Post,Mysqli,您好,我是一名编程初学者,我正在尝试在我的Web站点上创建一个简单的注册函数,一个供用户填写的简单表单,然后它应该将数据存储在我的数据库中,问题是一切正常(我想):)但数据/用户信息不存储 <?php include ("./inc/header.inc.php") $reg = @$_POST['reg']; $fn = ""; //first name $ln = ""; //Last name $un = ""; //User name $em = ""; //Email $
<?php
include ("./inc/header.inc.php") $reg = @$_POST['reg'];
$fn = ""; //first name
$ln = ""; //Last name
$un = ""; //User name
$em = ""; //Email
$em2 = ""; //Email2
$pswd = ""; //Password
$pswd2 = ""; //Password 2
$d = ""; //sign up date
// registrering av nya användare
// ucheck kontrollerar om användaren redan finns
$fn = strip_tags(@$_POST['first_name']);
$ln = strip_tags(@$_POST['last_name']);
$un = strip_tags(@$_POST['Username']);
$em = strip_tags(@$_POST['Email']);
$em2 = strip_tags(@$_POST['Email2']);
$pswd = strip_tags(@$_POST['Password']);
$pswd2 = strip_tags(@$_POST['Password2']);
$d = date("Y-n-d");
if ($reg)
{
if ($em == $em2)
{
$u_check = mysqli_query($mysqli, "SELECT Username FROM users WHERE Username='$un'");
$check = mysqli_num_rows($u_check);
if ($check == 0)
{
if ($fn && $ln && $un && $em && $em2 && $pswd && $pswd2)
{
if ($pswd == $pswd2)
{
if (strlen($un) > 25 || strlen($fn) > 25 || strlen($ln) > 25)
{
echo "The maximum limit for Username/last name and first name is 25 characters :(";
}
else
{
if (strlen($pswd) > 30 || strlen($pswd) < 5)
{
echo " Your password must be more than 5 characters or less then 30 characters :(";
}
else
{
// kryptering av password 1 och 2 med hjälp av md5 innan det sätts i databasen
$pswd = md5($pswd);
$pswd2 = md5($pswd2);
$query = mysqli_query($mysqli, "INSERT INTO users VALUES (``,`$un`,`$fn`,`$ln`,`$em`,`$pswd`,`$d`,`0`)");
die("<h2>You are now a member of the village</h2> Login to get started...");
}
}
}
else
{
echo "Your passwords don´t match :(";
}
}
else
{
echo "Please fill in all of the fields";
}
}
else
{
echo "Username already taken ...";
}
}
else
{
echo "Your emails dont match :( ";
}
}
?>
<div style="width: 1000px; margin:0px auto 0px auto;">
<table>
<tr>
<td width="60%" valign="top">
<h2>Join Today!<h2>
</td>
<td width="40%" valign="top">
<h2>Enter Your information and sign up today!<h2>
<form action="#" method= "POST">
<input type="text" name="first_name" Size:"30" placeholder="Firstname"/><br/><br/>
<input type="text" name="last_name" Size:"30" placeholder="Lastname"/><br/><br/>
<input type="text" name="Username" Size:"30" placeholder="Username"/><br/><br/>
<input type="text" name="Password" Size:"30" placeholder="Password"/><br/><br/>
<input type="text" name="Password2" Size:"30" placeholder="Password Confirmation"/><br/><br/>
<input type="text" name="Email" Size:"30" placeholder="Email"/><br/><br/>
<input type="text" name="Email2" Size:"30" placeholder="Email Confirmation"/><br/><br/>
<input type="Submit" name="reg" Size:"30" placeholder="Sign-up!">
</form>
</td>
</tr>
<?php include ( "./inc/footer.inc.php" )?>
您必须检查mysqli数据库连接。
@是PHP中的错误抑制运算符
PHP支持一个错误控制操作符:at符号(@)。在PHP中,在表达式前面加上前缀时,将忽略该表达式可能生成的任何错误消息
见:
差错控制运算符
@运算符的错误用法
更新:
在您的示例中,它在变量名之前使用,以避免出现E_NOTICE错误。若在$\u POST数组中,并没有设置hn键,它将发送通知消息,但在那个里使用@来避免E\u通知
请注意,您也可以将这一行放在脚本顶部,以避免出现E_通知错误:
错误报告(E_全部^E_通知);
PHP6注:
因为@operator非常慢,所以它在ini_集(例如@ini_集)上不起作用
你应该尽量避免使用它
<?php
error_reporting(E_ALL ^ E_NOTICE);
include ("./inc/header.inc.php");
$reg = $_POST['reg'];
$fn = ""; //first name
$ln = ""; //Last name
$un = ""; //User name
$em = ""; //Email
$em2 = ""; //Email2
$pswd = ""; //Password
$pswd2 = ""; //Password 2
$d = ""; //sign up date
// registrering av nya användare
// ucheck kontrollerar om användaren redan finns
$fn = mysql_real_escape_string($_POST['first_name']);
$ln = mysql_real_escape_string($_POST['last_name']);
$un = mysql_real_escape_string($_POST['Username']);
$em = mysql_real_escape_string($_POST['Email']);
$em2 = mysql_real_escape_string($_POST['Email2']);
$pswd = mysql_real_escape_string($_POST['Password']);
$pswd2 = mysql_real_escape_string($_POST['Password2']);
$d = date("Y-n-d");
if ($reg)
{
if ($em == $em2)
{
$u_check = mysqli_query($mysqli, "SELECT Username FROM users WHERE Username='$un'");
$check = mysqli_num_rows($u_check);
if ($check == 0)
{
if ($fn && $ln && $un && $em && $em2 && $pswd && $pswd2)
{
if ($pswd == $pswd2)
{
if (strlen($un) > 25 || strlen($fn) > 25 || strlen($ln) > 25)
{
echo "The maximum limit for Username/last name and first name is 25 characters :(";
}
else
{
if (strlen($pswd) > 30 || strlen($pswd) < 5)
{
echo " Your password must be more than 5 characters or less then 30 characters :(";
}
else
{
// kryptering av password 1 och 2 med hjälp av md5 innan det sätts i databasen
$pswd = md5($pswd);
$pswd2 = md5($pswd2);
$query = mysqli_query($mysqli, "INSERT INTO users VALUES (``,`$un`,`$fn`,`$ln`,`$em`,`$pswd`,`$d`,`0`)");
die("<h2>You are now a member of the village</h2> Login to get started...");
}
}
}
else
{
echo "Your passwords don´t match :(";
}
}
else
{
echo "Please fill in all of the fields";
}
}
else
{
echo "Username already taken ...";
}
}
else
{
echo "Your emails dont match :( ";
}
}
?>
<div style="width: 1000px; margin:0px auto 0px auto;">
<table>
<tr>
<td width="60%" valign="top">
<h2>Join Today!<h2>
</td>
<td width="40%" valign="top">
<h2>Enter Your information and sign up today!<h2>
<form method= "POST">
<input type="text" name="first_name" Size:"30" placeholder="Firstname"/><br/><br/>
<input type="text" name="last_name" Size:"30" placeholder="Lastname"/><br/><br/>
<input type="text" name="Username" Size:"30" placeholder="Username"/><br/><br/>
<input type="text" name="Password" Size:"30" placeholder="Password"/><br/><br/>
<input type="text" name="Password2" Size:"30" placeholder="Password Confirmation"/><br/><br/>
<input type="text" name="Email" Size:"30" placeholder="Email"/><br/><br/>
<input type="text" name="Email2" Size:"30" placeholder="Email Confirmation"/><br/><br/>
<input type="Submit" name="reg" Size:"30" placeholder="Sign-up!">
</form>
</td>
</tr>
<?php include ( "./inc/footer.inc.php" )?>
删除值周围的记号并使用引号。另外,您正在使用@
抑制错误,这就是它的“at”;)这是事实,杰克。由于很多原因,没有给出答案。提示-由于您没有检查错误,请使用。欢迎来到StackOverflow!如果您是一名初学者,那么您很有可能不再学习使用那些不推荐的mysql_*函数。最好从PDO或MySQLi开始。从一开始就使用带有占位符的准备语句,将输入值绑定到这些占位符。你不会后悔的!好的,谢谢,我现在得到了@part,我试着用新的字符串运行你的代码,它告诉我应该使用mysqli,等等,现在我已经一切正常了,刚开始再次使用旧的strip_标记,但我仍然有一个问题,我的代码没有将数据存储在数据库中:/n这是因为strip标记还是我做了其他错误的事情?首先:仅在需要时使用转义方法。也就是说,如果你在数据库中插入了一些东西,只对数据库进行转义,即应用mysql_real_escape_string(或PDO->quote或你正在使用的任何数据库层)。但不要对输出应用任何转义。还没有带标签或类似标签。这是因为您可能希望在其他地方使用存储在数据库中的数据,在这些地方不需要HTML转义,只会使文本难看。