我的网站上有一个注册表单,每当新用户注册时,以下代码都应运行:
$sql = "SELECT * FROM users WHERE uidUsers=?;";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt)) {
header("Location: ../signup.php?error=sqlerror");
exit();
}
else {
mysqli_stmt_bind_param($stmt, "s", $username);
mysqli_stmt_execute($stmt);
$resultCheck = mysqli_stmt_num_rows($stmt);
if ($resultCheck > 0) {
header("Location: ../signup.php?error=usertaken");
exit();
}
else {
$hashedPwd = password_hash(PASSWORD_DEFAULT, $password);
$sql = "INSERT INTO users (`uidUsers`, `pwdUsers`, `phraseUsers`) VALUES(?,
?, ?)";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt)) {
header("Location: ../signup.php?error=sqlerror");
exit();
}
else {
mysqli_stmt_bind_param($stmt, "sss", $username, $hashedPwd,
$securityphrase);
mysqli_stmt_execute($stmt);
header("Location: ../login.php?signup=success");
exit();
}
!mysqli_stmt_prepare错误处理程序在不应该提供数据库环境以及正确的INSERT语句时被触发。因此,我不明白为什么会触发它,而是在问为什么?
Stack Overflow上有一个类似的问题
答案 0 :(得分:2)
感谢您的帮助,password_hash命令出现的问题应该像这样password_hash($var, PASSWORD_DEFAULT);。我犯的第二个错误是$sql中没有包含我的mysqli_stmt_prepare语句,应该像这样的!mysqli_stmt_prepare($stmt, $sql)。