Php 如何在名称参数(?)中添加特定值
是否可以在名称参数中添加特定值?我给你举个例子 我想在数据库中添加一个特定值的用户,而不需要任何post方法或其他东西。我只想在数据库中添加一个特定的值Php 如何在名称参数(?)中添加特定值,php,authentication,admin,Php,Authentication,Admin,是否可以在名称参数中添加特定值?我给你举个例子 我想在数据库中添加一个特定值的用户,而不需要任何post方法或其他东西。我只想在数据库中添加一个特定的值 $sql = "INSERT INTO accounts (username, email, user_type, password) VALUES(?, users, ?, ?);"; 或者还有其他的工作吗 这是全部代码 // register user if there are no errors in the
$sql = "INSERT INTO accounts (username, email, user_type, password) VALUES(?, users, ?, ?);";
或者还有其他的工作吗
这是全部代码
// register user if there are no errors in the form
if (count($errors) == 0) {
if (isset($_POST['user_type'])) {
$user_type = e($_POST['user_type']);
$sql = "INSERT INTO accounts (username, email, user_type, password) VALUES(?, ?, ?, ?);";
// where going to initialize the new prepared statement using the connection to database
$stmt = mysqli_stmt_init($db);
//check of initialize
if (!mysqli_stmt_prepare($stmt, $sql)) {
header("location: index.php?error=stmtfailed");
exit(0);
}
$hashedpwd = password_hash($password, PASSWORD_DEFAULT);
mysqli_stmt_bind_param($stmt, "ssss", $username, $email, $user_type, $hashedpwd);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
$_SESSION['add'] = "Added successfully";
header('location: users.php');
exit(0);
}else{
$sql = "INSERT INTO accounts (username, email, user_type, password) VALUES(?, ?, ?, ?);";
// where going to initialize the new prepared statement using the connection to database
$stmt = mysqli_stmt_init($db);
//check of initialize
if (!mysqli_stmt_prepare($stmt, $sql)) {
header("location: index.php?error=stmtfailed");
exit(0);
}
$hashedpwd = password_hash($password, PASSWORD_DEFAULT);
mysqli_stmt_bind_param($stmt, "ssss", $username, $email, 'user', $hashedpwd);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
// get id of the created user
$logged_in_user_id = mysqli_insert_id($db);
$_SESSION['user'] = getUserById($logged_in_user_id); // put logged in user in session
$_SESSION['add'] = "You are now logged in and thank you!";
header('location: index.php');
exit(0);
}
}
}
我还尝试在我的注册表单中添加一个隐藏的输入,但它只将用户重定向为管理员,我不希望发生这种情况
这部分代码是针对管理员的。当用户类型为isset时,它是管理员,因为管理员只能在用户或管理员时分配。另一个是给用户的
if (isset($_POST['user_type'])) {
$user_type = e($_POST['user_type']);
$sql = "INSERT INTO accounts (username, email, user_type, password) VALUES(?, ?, ?, ?);";
// where going to initialize the new prepared statement using the connection to database
$stmt = mysqli_stmt_init($db);
//check of initialize
if (!mysqli_stmt_prepare($stmt, $sql)) {
header("location: index.php?error=stmtfailed");
exit(0);
}
$hashedpwd = password_hash($password, PASSWORD_DEFAULT);
mysqli_stmt_bind_param($stmt, "ssss", $username, $email, $user_type, $hashedpwd);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
$_SESSION['add'] = "Added successfully";
header('location: users.php');
exit(0);
}
事实上,达曼回答了我的问题,我不知道如何报答。我只需要添加$user\u type=“user” 什么是函数
e()
?您可能应该删除它,因为它会损坏您的数据。如果该值是固定的,您可以在代码中对其进行硬编码,如$user\u type='admin'代码>你的问题是什么?它是转义字符串的函数吗?为什么要转义字符串?你逃避了什么?也谢谢你给我的参考开始我也在寻找那个!