mysql查询插入错误

时间:2011-11-28 00:26:40

标签: mysql

INSERT into staffprofiles mysql查询(靠近代码底部)正在触发“或死”语句。谁能明白为什么?第一个进入员工用户是好的。我是否通过2个插入命令或其他东西来打破规则?如果是这样,是否有另一种方法来编码我想要做的事情?提前感谢您的帮助。

此外,我将很快解决SQL注入和其他项目。我只想先弄明白这个想法。感谢。

<html>
<head>
  <title>XXXXXXX</title>
  <link rel="stylesheet" type="text/css" href="style.css" />
</head>

      <body>
         <div id="back">
         </div>


        <div id="wrapper">

                <div id="header">
                 <div id="logout">
                <?php
              include 'header.php';
                ?>


                 </div>
                  <span><b>XXXXXXX</b>XXXXXX</span>
                </div>

                <?php
                include 'menu.php';

if (isset ($_POST['submit']))

{
}

else

{
echo "not set";
}


$user=$_POST['username'];
$pass1=$_POST['pass1'];
$pass2=$_POST['pass2'];
$email=$_POST['email'];
$user=strip_tags($user);
$email=strip_tags($email);
$pass1=strip_tags($pass1);

$isemail = "SELECT * from staffusers where email ='$email'";
$isemail2 = mysql_query($isemail) or die ("could not query email in table");
$isemail3 = mysql_fetch_array($isemail2);

if ($isemail3)
{
echo "That email address is already registered.<br>";
echo "<a href='forgotpassword.php'>Forgot passsword.</a><br>";
echo "<a href='staffregisterform.php'>Go back to register under a different email address.</a>";
exit;
}

if ($email == "" || $user == "" || $pass1 == ""  || $pass2 == "")
{
echo "please complete all fields before submitting<br>";
echo "<a href='staffregisterform.php'>Go Back</a>";
exit;
}

if (strlen($pass1)<6)
{
echo "Your password must be at least 6 characters in length.<br>";
echo "<a href='staffregisterform.php'>Go Back</a>";
exit;
}

if ($pass1 == $pass2)
{
$isplayer = "SELECT * from staffusers where username ='$user'";
$isplayer2 = mysql_query($isplayer) or die ("could not query user in table");
$isplayer3 = mysql_fetch_array($isplayer2);

if ($isplayer3)
{
echo "The username ''$user'' is already taken. Please try another username.<br>";
echo "<a href='staffregisterform.php'>Go Back</a>";
exit;
}

if (strlen($user)>16 || strlen($user)<2)
{
echo "Your username must be be at 2 two characters and at most, 16 characters.<br>";
echo "<a href='staffregisterform.php'>Go Back</a>";
exit;
}
}

else
{
echo "The passwords do not match.<br>";
echo "<a href='staffregisterform.php'>Go Back</a>";
exit;
}

$pass1=MD5($pass1);

$register = "INSERT INTO staffusers (username, password, email) VALUES ('$user', '$pass1', '$email')";
mysql_query($register) or die ("staffusers.");

$profile = "INSERT INTO staffprofiles (username, email) VALUES ('$user', '$email')";
mysql_query($profile) or die ("staffprofiles.");

echo "Thank you for registering, $user.<br>";
echo "<a href='index.php'>Login</a>";

?>

1 个答案:

答案 0 :(得分:0)

如果您有有效的字段名和表名,请尝试; 

$profile = mysql_query("INSERT INTO staffprofiles (username, email) VALUES ('$user', '$email')");

// use some value directly to check as:
$user = "Tester";
$email= "something@test.com";
$profile = mysql_query("INSERT INTO staffprofiles (username, email) VALUES ('$user', '$email')");

//if this value gets inserted then you have problem in $user variables value

希望有所帮助

相关问题
最新问题