Fatal编程技术网
  • php/
  • Php 如何在名称参数(?)中添加特定值

Php 如何在名称参数(?)中添加特定值

php authentication

Php 如何在名称参数(?)中添加特定值,php,authentication,admin,Php,Authentication,Admin,是否可以在名称参数中添加特定值?我给你举个例子 我想在数据库中添加一个特定值的用户,而不需要任何post方法或其他东西。我只想在数据库中添加一个特定的值 $sql = "INSERT INTO accounts (username, email, user_type, password) VALUES(?, users, ?, ?);"; 或者还有其他的工作吗 这是全部代码 // register user if there are no errors in the

是否可以在名称参数中添加特定值?我给你举个例子

我想在数据库中添加一个特定值的用户,而不需要任何post方法或其他东西。我只想在数据库中添加一个特定的值

$sql = "INSERT INTO accounts (username, email, user_type, password) VALUES(?, users, ?, ?);";
或者还有其他的工作吗

这是全部代码

    // register user if there are no errors in the form
    if (count($errors) == 0) {


    if (isset($_POST['user_type'])) {
        $user_type = e($_POST['user_type']);
        $sql = "INSERT INTO accounts (username, email, user_type, password) VALUES(?, ?, ?, ?);";
        // where going to initialize the new prepared statement using the connection to database
        $stmt = mysqli_stmt_init($db);
        //check of initialize
        if (!mysqli_stmt_prepare($stmt, $sql)) {
            header("location: index.php?error=stmtfailed");
            exit(0);
        }
        $hashedpwd = password_hash($password, PASSWORD_DEFAULT);

        mysqli_stmt_bind_param($stmt, "ssss", $username, $email, $user_type, $hashedpwd);
        mysqli_stmt_execute($stmt);
        mysqli_stmt_close($stmt);


        $_SESSION['add']  = "Added successfully";
        header('location: users.php');
        exit(0);
    }else{
        $sql = "INSERT INTO accounts (username, email, user_type, password) VALUES(?, ?, ?, ?);";
        // where going to initialize the new prepared statement using the connection to database
        $stmt = mysqli_stmt_init($db);
        //check of initialize
        if (!mysqli_stmt_prepare($stmt, $sql)) {
            header("location: index.php?error=stmtfailed");
            exit(0);
        }
        $hashedpwd = password_hash($password, PASSWORD_DEFAULT);

        mysqli_stmt_bind_param($stmt, "ssss", $username, $email, 'user', $hashedpwd);
        mysqli_stmt_execute($stmt);
        mysqli_stmt_close($stmt);

        // get id of the created user
        $logged_in_user_id = mysqli_insert_id($db);
        $_SESSION['user'] = getUserById($logged_in_user_id); // put logged in user in session
        $_SESSION['add']  = "You are now logged in and thank you!";

        header('location: index.php');
        exit(0);
    }
    }

    }
我还尝试在我的注册表单中添加一个隐藏的输入,但它只将用户重定向为管理员,我不希望发生这种情况

这部分代码是针对管理员的。当用户类型为isset时,它是管理员,因为管理员只能在用户或管理员时分配。另一个是给用户的

       if (isset($_POST['user_type'])) {
        $user_type = e($_POST['user_type']);
        $sql = "INSERT INTO accounts (username, email, user_type, password) VALUES(?, ?, ?, ?);";
        // where going to initialize the new prepared statement using the connection to database
        $stmt = mysqli_stmt_init($db);
        //check of initialize
        if (!mysqli_stmt_prepare($stmt, $sql)) {
            header("location: index.php?error=stmtfailed");
            exit(0);
        }
        $hashedpwd = password_hash($password, PASSWORD_DEFAULT);

        mysqli_stmt_bind_param($stmt, "ssss", $username, $email, $user_type, $hashedpwd);
        mysqli_stmt_execute($stmt);
        mysqli_stmt_close($stmt);


        $_SESSION['add']  = "Added successfully";
        header('location: users.php');
        exit(0);
    }
事实上,达曼回答了我的问题,我不知道如何报答。我只需要添加$user\u type=“user”

什么是函数
e()
?您可能应该删除它,因为它会损坏您的数据。如果该值是固定的,您可以在代码中对其进行硬编码,如
$user\u type='admin'你的问题是什么?它是转义字符串的函数吗?为什么要转义字符串?你逃避了什么?也谢谢你给我的参考开始我也在寻找那个!