Fatal编程技术网
  • php/
  • php注册页面中输入的值未插入mysql数据库

php注册页面中输入的值未插入mysql数据库

php mysql

php注册页面中输入的值未插入mysql数据库,php,mysql,Php,Mysql,当我输入用户名、电子邮件和密码等详细信息时 注册页面中的密码确认未插入数据库。 这是我的密码: server.php <?php session_start(); // initializing variables $username = ""; $email = ""; $errors = array(); // connect to the database $db = mysqli_connect('127.0.

当我输入用户名、电子邮件和密码等详细信息时 注册页面中的密码确认未插入数据库。 这是我的密码:

server.php

<?php
    session_start();

    // initializing variables

    $username = "";
    $email    = "";
    $errors = array(); 

    // connect to the database

    $db = mysqli_connect('127.0.0.1', 'root', '', 'techdrive');

    // REGISTER USER

    if (isset($_POST['signup'])) {

      // receive all input values from the form

      $username = mysqli_real_escape_string($db, $_POST['username']);
      $email = mysqli_real_escape_string($db, $_POST['email']);
      $password_1 = mysqli_real_escape_string($db, $_POST['password_1']);
      $password_2 = mysqli_real_escape_string($db, $_POST['password_2']);

      // form validation: ensure that the form is correctly filled by adding (array_push()) corresponding error unto $errors array

      if (empty($username)) { array_push($errors, "Username is required"); }
      if (empty($email)) { array_push($errors, "Email is required"); }
      if (empty($password_1)) { array_push($errors, "Password is required"); }
      if ($password_1 != $password_2) {
        array_push($errors, "The two passwords do not match");
      }

      // first check the database to make sure a user does not already exist with the same username and/or email

      $user_check_query = "SELECT * FROM users WHERE username='$username' OR email='$email' LIMIT 1";
      $result = mysqli_query($db, $user_check_query);
      $user = mysqli_fetch_assoc($result);

      if ($user) { // if user exists
        if ($user['username'] === $username) {
          array_push($errors, "Username already exists");
        }

        if ($user['email'] === $email) {
          array_push($errors, "email already exists");
        }
      }

      // Register user if there are no errors in the form
      if (count($errors) == 0) {
        $password = md5($password_1); 

        //encrypt the password before saving in the database

        $query = "INSERT INTO users (username, email, password) 
                  VALUES('$username', '$email', '$password')";
        mysqli_query($db, $query);
        $_SESSION['username'] = $username;
        $_SESSION['success'] = "You are now logged in";
        header('location: ..\index.html');
      }
    }

    // LOGIN USER

    if (isset($_POST['login'])) {
      $username = mysqli_real_escape_string($db, $_POST['username']);
      $password = mysqli_real_escape_string($db, $_POST['password']);

      if (empty($username)) {
        array_push($errors, "Username is required");
      }
      if (empty($password)) {
        array_push($errors, "Password is required");
      }

      if (count($errors) == 0) {
        $password = md5($password);
        $query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
        $results = mysqli_query($db, $query);
        if (mysqli_num_rows($results) == 1) {
          $_SESSION['username'] = $username;
          $_SESSION['success'] = "You are now logged in";
          header('location: ..\index.html');
        }else {
          array_push($errors, "Wrong username/password combination");
        }
      }
    }

    ?>
然后使用echo$query;死亡 以检查您的查询。

检查您的数据库。 这段代码对我有用,所以问题应该在DB中。
可能您的用户名、电子邮件和密码字段中有一个没有正确的类型。

只要您使用准备好的和绑定的查询,您就不需要所有mysqli\u real\u escape内容。不要使用MD5作为密码。使用密码\u hash表示了解的语句。即使是这样也不安全!您真的不应该使用PHP来处理密码安全性。在散列之前,请确保对它们进行了清理或使用了任何其他清理机制。这样做会更改密码并导致不必要的额外编码。 
$dbName = "your database name"; 
$db = mysqli_connect('127.0.0.1', 'root', '', 'techdrive', $dbName);