Php 使用pdo将表单值插入mysql数据库
嗨,我把我的mysql查询改成了pdo。现在的问题是我没有任何pdo的经验。我按自己的想法编辑了它,但没有任何效果。没有显示错误。有人能找到错误吗?谢谢你的阅读Php 使用pdo将表单值插入mysql数据库,php,mysql,pdo,Php,Mysql,Pdo,嗨,我把我的mysql查询改成了pdo。现在的问题是我没有任何pdo的经验。我按自己的想法编辑了它,但没有任何效果。没有显示错误。有人能找到错误吗?谢谢你的阅读 <?php session_start(); if(isset($_POST["submit"])){ $hostname='localhost'; $username='root'; $password=''; function generateRandomString(
<?php
session_start();
if(isset($_POST["submit"])){
$hostname='localhost';
$username='root';
$password='';
function generateRandomString($length = 8) {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
return $randomString;
}
$randomString = generateRandomString();
if ($_POST['password'] != $_POST['password_again']) {
$message['error'] = 'Die eingegebenen Passwörter stimmen nicht überein.';
} else {
unset($_POST['password_again']);
$salt = '';
for ($i = 0; $i < 22; $i++) {
$salt .= substr('./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789', mt_rand(0, 63), 1);
}
$_POST['password'] = crypt(
$_POST['password'],
'$2a$10$' . $salt
);
try {
$dbh = new PDO("mysql:host=$hostname;dbname=loginsystem",$username,$password);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // <== add this line
$sql = "INSERT INTO user2 (username, password, email, firstname, lastname, phone, town, street, zip, country, code)
VALUES ('".$_POST["username"]."','".$_POST["password"]."','".$_POST["email"]."','".$_POST["firstname"]."','".$_POST["lastname"]."','".$_POST["phone"]."','".$_POST["town"]."','".$_POST["street"]."','".$_POST["zip"]."','".$_POST["country"]."','".$_POST[$randomString]."')";
if ($dbh->query($sql)) {
echo "New Record Inserted Successfully";
}
else{
echo "Data not successfully Inserted.";
}
$dbh = null;
}
catch(PDOException $e)
{
echo $e->getMessage();
}
$new = rowCount();
if ($new == 1) {
$message['success'] = 'Neuer Benutzer (' . htmlspecialchars($_POST['f']['username']) . ') wurde angelegt, <a href="login.php">weiter zur Anmeldung</a>.';
header('Location: http://' . $_SERVER['HTTP_HOST'] . '//activation.php');
// $empfaenger = $_POST['f']['email'];
// $betreff = "Registration";
// $from = "From: Webmaster <webmaster@somediashout.de>";
// $text = "Thank you for your registration. Your code is : " + $randomString;
// mail($empfaenger, $betreff, $text, $from);
$_SESSION = array(
'login' => true,
'user' => array(
'username' => $row['username']
)
);
} else {
}
}
}
?>
试试这个,而不是
$dbh->query()$new=rowCount()$new=$dbh->rowCount()$dbh=nulltry{}<?php
session_start();
// Report all errors
error_reporting(E_ALL);
if(isset($_POST["submit"])){
$hostname='localhost';
$username='root';
$password='';
function generateRandomString($length = 8) {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
return $randomString;
}
$randomString = generateRandomString();
if ($_POST['password'] != $_POST['password_again']) {
$message['error'] = 'Die eingegebenen Passwörter stimmen nicht überein.';
}
else {
unset($_POST['password_again']);
$salt = '';
for ($i = 0; $i < 22; $i++) {
$salt .= substr('./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789', mt_rand(0, 63), 1);
}
$_POST['password'] = crypt(
$_POST['password'],
'$2a$10$' . $salt
);
$new = 0;
try {
$dbh = new PDO("mysql:host=$hostname;dbname=loginsystem",$username,$password);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // <== add this line
$sql = "INSERT INTO user2 (username, password, email, firstname, lastname, phone, town, street, zip, country, code)
VALUES ('".$_POST["username"]."','".$_POST["password"]."','".$_POST["email"]."','".$_POST["firstname"]."','".$_POST["lastname"]."','".$_POST["phone"]."','".$_POST["town"]."','".$_POST["street"]."','".$_POST["zip"]."','".$_POST["country"]."','".$_POST[$randomString]."')";
if ($dbh->query($sql)) {
echo "New Record Inserted Successfully";
}
else{
echo "Data not successfully Inserted.";
}
$new = $dbh->rowCount();
$dbh = null;
}
catch(PDOException $e)
{
echo $e->getMessage();
}
if ($new == 1) {
$message['success'] = 'Neuer Benutzer (' . htmlspecialchars($_POST['f']['username']) . ') wurde angelegt, <a href="login.php">weiter zur Anmeldung</a>.';
//header('Location: http://' . $_SERVER['HTTP_HOST'] . '//activation.php');
// $empfaenger = $_POST['f']['email'];
// $betreff = "Registration";
// $from = "From: Webmaster <webmaster@somediashout.de>";
// $text = "Thank you for your registration. Your code is : " + $randomString;
// mail($empfaenger, $betreff, $text, $from);
$_SESSION = array(
'login' => true,
'user' => array(
'username' => $row['username']
));
} else {
}
}
}
print('<pre> Message :: ');
print_r($message);
print('</pre>');
print('<pre> POST values from submitted form :: ');
print_r($_POST);
print('</pre>');
print('<pre> ACTIVE SESSION :: ');
print_r($_SESSION);
print('</pre>');
?>
谢谢 深吸一口气…,好的,PDO的要点是要有一个最新的api,它允许您轻松地使用准备好的语句来避免sql注入,您没有准备任何东西,您只是连接一个可以轻松注入的字符串。检查现有的解决方案。注意:第44行的C:\xampp\htdocs\socialad\registerpdo9.php中的未定义索引:XR8KYXM成功插入新记录致命错误:第51行的C:\xampp\htdocs\socialad\registerpdo9.php中调用未定义的方法PDO::rowCount()。谢谢,变量在我的数据库中,但重定向到activation.php无效,有什么提示吗?:)非常感谢您的关注,但我得到了一个错误:解析错误:语法错误,意外的“提交”(T_字符串),在第4行的C:\xampp\htdocs\socialad\registerpdo9.php中应为“]”,如果我在第4行上做了两个“提交”,那么就会出现:解析错误:语法错误,意外的“mysql”(T_字符串)在第38行的C:\xampp\htdocs\socialad\registerpdo9.php中,它可以工作,谢谢你,伙计!!:)祝你的企业好运:)很高兴知道我们的输入工作完美无瑕。如果遇到任何进一步的问题,请随时与我们联系。:)
<?php
session_start();
// Report all errors
error_reporting(E_ALL);
if(isset($_POST["submit"])){
$hostname='localhost';
$username='root';
$password='';
function generateRandomString($length = 8) {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
return $randomString;
}
$randomString = generateRandomString();
if ($_POST['password'] != $_POST['password_again']) {
$message['error'] = 'Die eingegebenen Passwörter stimmen nicht überein.';
}
else {
unset($_POST['password_again']);
$salt = '';
for ($i = 0; $i < 22; $i++) {
$salt .= substr('./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789', mt_rand(0, 63), 1);
}
$_POST['password'] = crypt(
$_POST['password'],
'$2a$10$' . $salt
);
$new = 0;
try {
$dbh = new PDO("mysql:host=$hostname;dbname=loginsystem",$username,$password);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // <== add this line
$sql = "INSERT INTO user2 (username, password, email, firstname, lastname, phone, town, street, zip, country, code)
VALUES ('".$_POST["username"]."','".$_POST["password"]."','".$_POST["email"]."','".$_POST["firstname"]."','".$_POST["lastname"]."','".$_POST["phone"]."','".$_POST["town"]."','".$_POST["street"]."','".$_POST["zip"]."','".$_POST["country"]."','".$_POST[$randomString]."')";
if ($dbh->query($sql)) {
echo "New Record Inserted Successfully";
}
else{
echo "Data not successfully Inserted.";
}
$new = $dbh->rowCount();
$dbh = null;
}
catch(PDOException $e)
{
echo $e->getMessage();
}
if ($new == 1) {
$message['success'] = 'Neuer Benutzer (' . htmlspecialchars($_POST['f']['username']) . ') wurde angelegt, <a href="login.php">weiter zur Anmeldung</a>.';
//header('Location: http://' . $_SERVER['HTTP_HOST'] . '//activation.php');
// $empfaenger = $_POST['f']['email'];
// $betreff = "Registration";
// $from = "From: Webmaster <webmaster@somediashout.de>";
// $text = "Thank you for your registration. Your code is : " + $randomString;
// mail($empfaenger, $betreff, $text, $from);
$_SESSION = array(
'login' => true,
'user' => array(
'username' => $row['username']
));
} else {
}
}
}
print('<pre> Message :: ');
print_r($message);
print('</pre>');
print('<pre> POST values from submitted form :: ');
print_r($_POST);
print('</pre>');
print('<pre> ACTIVE SESSION :: ');
print_r($_SESSION);
print('</pre>');
?>
<?php
session_start();
if(isset($_POST["submit"])){
$hostname='localhost';
$username='root';
$password='';
function generateRandomString($length = 8) {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
return $randomString;
}
$randomString = generateRandomString();
if ($_POST['password'] != $_POST['password_again']) {
$message['error'] = 'Die eingegebenen Passwörter stimmen nicht überein.';
}
else {
unset($_POST['password_again']);
$salt = '';
for ($i = 0; $i < 22; $i++) {
$salt .= substr('./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789', mt_rand(0, 63), 1);
}
$_POST['password'] = crypt(
$_POST['password'],
'$2a$10$' . $salt
);
$new = 0;
try {
$dbh = new PDO("mysql:host=$hostname;dbname=loginsystem",$username,$password);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // <== add this line
$sql = "INSERT INTO user2 (username, password, email, firstname, lastname, phone, town, street, zip, country, code)
VALUES ('".$_POST["username"]."','".$_POST["password"]."','".$_POST["email"]."','".$_POST["firstname"]."','".$_POST["lastname"]."','".$_POST["phone"]."','".$_POST["town"]."','".$_POST["street"]."','".$_POST["zip"]."','".$_POST["country"]."','".$randomString."')";
if ($dbh->query($sql)) {
echo "New Record Inserted Successfully";
}
else{
echo "Data not successfully Inserted.";
}
$new = $dbh->lastInsertId();
$dbh = null;
}
catch(PDOException $e)
{
echo $e->getMessage();
}
if ($new > 0) {
$message['success'] = 'Neuer Benutzer (' . htmlspecialchars($_POST['f']['username']) . ') wurde angelegt, <a href="login.php">weiter zur Anmeldung</a>.';
header('Location: http://' . $_SERVER['HTTP_HOST'] . '//activation.php');
// $empfaenger = $_POST['f']['email'];
// $betreff = "Registration";
// $from = "From: Webmaster <webmaster@somediashout.de>";
// $text = "Thank you for your registration. Your code is : " + $randomString;
// mail($empfaenger, $betreff, $text, $from);
$_SESSION = array(
'login' => true,
'user' => array(
'username' => $row['username']
));
} else {
}
}
}
?>