Fatal编程技术网
  • php/
  • 简单的PHP注册表-工作了几个月,没有任何更改,现在mysql插入失败

简单的PHP注册表-工作了几个月,没有任何更改,现在mysql插入失败

php

简单的PHP注册表-工作了几个月,没有任何更改,现在mysql插入失败,php,registration,Php,Registration,这张登记表有效地使用了好几个月。我什么也没变。现在,它通过了重复名称、电子邮件和密码检查的所有条件,然后无法插入mysql并返回“发生了错误。您的帐户没有创建。”我不明白为什么。语法改变了还是怎么了 <div id="backdrop"></div> <div id="register"> <img src="http://www.staketheclaim.com/wp-content/themes/retlehs-ro

这张登记表有效地使用了好几个月。我什么也没变。现在,它通过了重复名称、电子邮件和密码检查的所有条件,然后无法插入mysql并返回
“发生了错误。您的帐户没有创建。”
我不明白为什么。语法改变了还是怎么了

    <div id="backdrop"></div>
    <div id="register">    
    <img src="http://www.staketheclaim.com/wp-content/themes/retlehs-roots-c526a84/dropbox/2012/rotate/header<?php echo(rand(1,4)); ?>.png" style="margin-left: -25px;margin-top: -20px;" />
    <div id="regi" style="width:400px;float: right;">
    <?php 
        if ($username && $userid) {
         echo "<div id='log-re' style='margin-left: 6px;width: 413px;'><h2>You must logout to register a new account. Not your Account?</h2>" . "<br /><br /><div id='cta'><a href='http://www.staketheclaim.com/logout/' class='button' style='padding-left: 36px;font-size: 24px;top: 2px;right: -160px;'>Logout Now</a></div></div>";    
        }
         else {
    if ($_POST['registerbtn']) {
         $getuser = $_POST['user'];
         $getemail = $_POST['email'];
         $password = $_POST['pass'];
         $getretypepass = $_POST['retypepass'];
         if ($getuser) {
             if(strpos($getuser, ' ') > 0 == false ){
             if ($getemail) {
                   if ($password) {
                         if ($getretypepass) {
                                if ( $password === $getretypepass) {
                                      if ( (strlen($getemail) >= 7) && (strstr($getemail, "@")) && (strstr($getemail, "."))){
                                            require("base.php");
                                            $query = mysql_query("SELECT * FROM users WHERE username='$getuser'");
                                            $numrows = mysql_num_rows($query);
                                            if ($numrows == 0) {
                                                 $query = mysql_query("SELECT * FROM users WHERE email='$getemail'");
                                            $numrows = mysql_num_rows($query);
                                            if ($numrows == 0) {
                                                $password = md5(md5("ss3verds4g".$password."ss357rd5sg"));
                                                $date = date("F d Y");
                                                $code = md5(rand());
                                        $bio = "Bio";
                                    $location = "Location";
                                                mysql_query("INSERT INTO users VALUES (
                                                              '','$getuser', '$password', '$getemail', '0', '$code', '$date', '$bio', '$location', '1'
                                                         )");
                                                         $query = mysql_query("SELECT * FROM users WHERE username='$getuser'");
                                                         $numrows = mysql_num_rows($query);
                                                         if  ($numrows == 1){
                                                               $site = "http://www.staketheclaim.com";
                                                               $webmaster = "noreply <noreply@staketheclaim.com>";
                                                                $headers = "From: $webmaster";
                                                                 $subject = "Activate Your Account";
                                                                 $message  = "Thanks for registering. Click the link below to activate your account.\n";
                                                                 $message .= "$site/activate/?user=$getuser&code=$code\n";
                                                                 $message .= "You must activate your account to login.";
                                                                 if (mail($getemail, $subject, $message, $headers )) {
                                                                          $errormsg = "You have been registered. You must activate your account from the activition link send to <b>$getemail</b>.";
                                                                          $getuser = "";
                                                                          $getemail = "";
                                                                     }
                                                                        else 
                                                             else 
                                                                   $errormsg ="An error has occured. Your account was not created.";
                                            }
                                            else
                                                $errormsg ="Their is already a user with that email.";
                                            }
                                            else
                                                $errormsg ="Their is already a user with that username.";
                                            mysql_close;
                                            }
                                            else
                                                $errormsg = "You must enter a valid email address to register.";
                                  }
                                  else
                                     $errormsg = "Your passwords did not match.";
                      } else 
                              $errormsg = "You must retype you password to register.";
                } else 
                       $errormsg = "You must enter a password to register.";
            } else
                  $errormsg = "You must enter you email to register.";
         } else
              $errormsg = "Your username cannot have any spaces.<br />";
      } else
          $errormsg = "You must enter a username to register.<br />";
    } $form = "<form action='' method='post' style='margin-top:-20px;'>
    <h2>Sign up for StakeTheClaim™.<br /> It's free!</h2>
    <br />
    <font color='red'>$errormsg</font>
    <br />
    <br />
    Username:
    <br />
    <input type='text' name='user' value='$getuser' style='' />
    <br />
    <br />
    Email:
    <br />
    <input type='text' name='email' value='$getemail' />
    <br />
    <br />
    Password:
    <br />
    <input type='password' name='pass' value='' />
    <br />
    <br />
    Re-Password:
    <br />
    <input type='password' name='retypepass' value='' />
    <br />
    <input type='submit' name='registerbtn' value='Register' />
    </form>";
    echo $form;
    }
    ?></div></div>


.png“style=”左边距:-25px;利润上限:-20px;" />

这可能是mysql的数据类型问题(嗯,实际上是限制)。您说它在
update
上失败,但我只看到
insert
语句

运行insert的表
users
上的列类型是什么

基本上,如果达到列类型的限制,插入将失败。这与您所说的一致


编辑:另外,PHP正在贬低
mysql\u*
调用。换成
mysqli\u*
或另一种类似
PDO
的替代方法。换成
mysqli
这段代码很容易,但是你的代码需要全面检查,它充满了问题。你运行的是什么版本的PHP?
你的代码容易受到sql injection和xss…是的,这是一个非常基本的功能。有更好的代码/插件,我可以轻松实现吗?或者有什么东西可以在修复后保护此代码?我想首先要做的是了解代码中发生了什么。您对代码目前如何工作有任何疑问吗?您可能希望执行某种f更改为密码的双md5编码方法(实际上是非常蹩脚的方法)。首先查看
crypt()
。用户的输入列类型为VARCHAR(50)。列类型的“限制”是什么?比如VARCHAR(50)您输入了70个字符或其他您所指的内容?哎呀,我又多了一列,所以最后忘记了一个“”。至于加密,在这种情况下我如何使用crypt()。所有列都是VARCHAR(50)?是否有主键(通常是
id
列)。如果所有列都是VARCHAR(50),应该没有问题。对于
crypt()
,请尝试: