PHP和MySQL注册表
我正在学习php和mysql,并试图创建一个带有注册和登录页面的表单,但在获取注册表单将数据写入数据库时遇到了困难。我没有收到与数据库连接有关的错误,但是当我尝试发布数据时,我的表仍然是空的。我发现了错误 “注册时出现了一些问题。请稍后再试 非常感谢您的帮助。PHP和MySQL注册表,php,mysql,Php,Mysql,我正在学习php和mysql,并试图创建一个带有注册和登录页面的表单,但在获取注册表单将数据写入数据库时遇到了困难。我没有收到与数据库连接有关的错误,但是当我尝试发布数据时,我的表仍然是空的。我发现了错误 “注册时出现了一些问题。请稍后再试 非常感谢您的帮助。 <?php //signup.php include 'connect.php'; echo '<h2>Register </h2>'; if($_SERVER['REQUEST_METHOD'] !=
<?php
//signup.php
include 'connect.php';
echo '<h2>Register </h2>';
if($_SERVER['REQUEST_METHOD'] != 'POST')
{
/*the form hasn't been posted yet, display it
note that the action="" will cause the form to post to the same page it is on */
echo '<form method="post" action="">
Username: <input type="text" name="Username" />
Password: <input type="password" name="Password">
Confirm Password: <input type="password" name="Confirm">
<input type="submit" value="Submit" />
</form>';
}
else
{
/* so, the form has been posted, we'll process the data in three steps:
1. Check the data
2. Let the user refill the wrong fields (if necessary)
3. Save the data
*/
$errors = array(); /* declare the array for later use */
if(isset($_POST['Username']))
{
//the user name exists
//if(!ctype_alnum($_POST['Username']))
if($_POST['Username'] == ['Username'])
{
$errors[] = 'The username is already in use.';
}
}
else
{
$errors[] = 'The username field must not be empty.';
}
if(isset($_POST['Password']))
{
if($_POST['Password'] != $_POST['Confirm'])
{
$errors[] = 'The two passwords did not match.';
}
}
else
{
$errors[] = 'The password field cannot be empty.';
}
if(!empty($errors)) /*check for an empty array, if there are errors, they're in this array (note the ! operator)*/
{
echo 'Uh-oh.. a couple of fields are not filled in correctly..';
echo '<ul>';
foreach($errors as $key => $value) /* walk through the array so all the errors get displayed */
{
echo '<li>' . $value . '</li>'; /* this generates a nice error list */
}
echo '</ul>';
}
else
{
//the form has been posted without errors, so save it
//notice the use of mysql_real_escape_string, keep everything safe!
//also notice the sha1 function which hashes the password
$sql = "INSERT INTO
Users(Username, Password)
VALUES('" . mysql_real_escape_string($_POST['Username']) . "',
'" . md5($_POST['Password']) . "',
NOW(),
0)";
$result = mysql_query($sql);
if(!$result)
{
//something went wrong, display the error
echo 'Something went wrong while registering. Please try again later.';
//echo mysql_error(); //debugging purposes, uncomment when needed
}
else
{
header ("location: index.htm"); //redirects to Index Page
}
}
}
?>
试试这个。我在
Users
表字段中添加了回勾号
$username = mysql_real_escape_string($_POST['Username']);
$password = md5($_POST['Password']);
$sql= "INSERT INTO Users(`Username`,`Password`) VALUES('$username', '$password')";
您现在正在插入()和0。2额外值
注意,调试SQL查询的第一步是首先在MySQL中运行它。因此,首先尝试在MySQL中使用
Username
和Password
的伪值运行SQL语句,看看它是否有效很简单:你没有检查错误,上帝只知道connect.php
中的内容。你告诉脚本只在用户中插入(用户名、密码)但是您现在也在解析另外两个值()和0),然后您就有了这段“我不知道是什么…”if($\u POST['Username']==['Username'])
。即使是这样也不安全!请已在PHP7中删除。了解有关使用PDO的语句,并考虑如何使用代码来检查用户名是否存在。使用mysqli或php更好吗?我建议您从一开始就使用mysqli而不是mysql。要检查用户是否存在,请使用mysql语句选择COUNT(user_id)FROM Users WHERE
username='$username'
如果结果大于0,则用户存在,否则如果结果为0,则无用户退出。实际上,正确的逻辑是,如果有一个用户使用该用户名,那么结果应该是1,而不是更多。要更改tpo mysqli,您应该从连接中将代码更改为mysqli