Php “字段列表”(加密密码)中的未知列“a9162e80e079a0051c8b7f88195a94da”
我已经检查并试图更改我的代码,但仍然是相同的错误,我已经尝试解决这个问题大约2天,每天大约2-3小时的思考和更改 我对此很陌生,找不到错误所在的线路。 我在这里研究过这个问题,但仍然找不到答案。试图添加仍然没有和我的mysql表存在太多,我肯定它 我需要一些帮助Php “字段列表”(加密密码)中的未知列“a9162e80e079a0051c8b7f88195a94da”,php,mysql,passwords,registration,password-encryption,Php,Mysql,Passwords,Registration,Password Encryption,我已经检查并试图更改我的代码,但仍然是相同的错误,我已经尝试解决这个问题大约2天,每天大约2-3小时的思考和更改 我对此很陌生,找不到错误所在的线路。 我在这里研究过这个问题,但仍然找不到答案。试图添加仍然没有和我的mysql表存在太多,我肯定它 我需要一些帮助 if(isset($_POST["register"])){ $username = protect($_POST['username']); $password = protect($_POST['password']
if(isset($_POST["register"])){
$username = protect($_POST['username']);
$password = protect($_POST['password']);
$email = protect($_POST['email']);
if(strlen($username) > 20){
echo "Username must be less than 20 characters!";
}elseif(strlen($email) > 100){
echo "E-mail must be less than 100 characters!";
}elseif(strlen($username) < 4){
echo "Username must be more than 4 characters!";
}elseif(strlen($password) < 4){
echo "Password must be more than 4 characters!";
}else{
$register1 = @mysql_query("SELECT id FROM user WHERE username = '$username' ") or die(@mysql_error());
$register2 = @mysql_query("SELECT id FROM user WHERE email = '$email' ") or die(@mysql_error());
if(@mysql_num_rows($register1) > 0){
echo "That username is already in use!";
}elseif(mysql_num_rows($register2) > 0){
echo "That e-mail address is already in use!";
}else{
$ins1 = @mysql_query("INSERT INTO stats (gold, attack, defense, food) VALUES (100,10,10,100)") or die(mysql_error());
$ins2 = @mysql_query("INSERT INTO unit (worker, farmer, warrior, defender, archer, longbowmen, phalanxmen, knight, cavalary) VALUES (5, 5, 0, 0, 0, 0, 0, 0, 0)") or die(mysql_error());
$ins3 = @mysql_query("INSERT INTO user (username, password, email) VALUES('$_POST[$username]', ".md5('$_POST[$password]')." ,'$_POST[$email]')") or die(mysql_error());
$ins4 = @mysql_query("INSERT INTO weapon(sword, shield, bow, longbow, towershield, longsword, pike, horse) VALUES (0, 0, 0, 0, 0, 0, 0, 0)") or die(mysql_error());
$ins5 = @mysql_query("INSERT INTO ranking (attack, defense, overall) VALUES (0,0,0)");
echo("Congratulations, You have registered!");
}
}
}
用于环绕密码值,否则mysql将文本解释为列的名称,而不是值:
$ins3 = @mysql_query("INSERT INTO user (username, password, email) VALUES('$_POST[$username]', '".md5('$_POST[$password]')."' ,'$_POST[$email]')") or die(mysql_error());
替换.md5“$\u POST[$password]”。使用“.md5”$\u POST[$password]”。添加引号后,找不到错误所在的行删除所有讨厌的错误抑制符号@,当然还有使用不推荐的方法的常见咆哮。改为使用mysqli/pdo,针对sql注入保护一切。请看一下函数,MD5算法不适合散列密码,因为它在普通硬件中每秒速度太快。