我可以连接到mysql数据库,但我的表没有更新

时间:2013-04-25 09:35:21

标签: php phpmyadmin

我可以连接到mysql db,我在其中创建了一个名为attorney_users的表。我想知道我错过了什么或做错了什么?我在下面发布了我的功能代码。当我注册用户时,它确认成功,但表格没有更新。

<?php
  require_once('appvars.php');
  require_once('connectvars.php');

  // Connect to the database
  $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);

  if (isset($_POST['submit'])) {
    // Grab the profile data from the POST
    $username = mysqli_real_escape_string($dbc, trim($_POST['username']));
    $firstname = mysqli_real_escape_string($dbc, trim($_POST['firstname']));
    $lastname = mysqli_real_escape_string($dbc, trim($_POST['lastname']));
    $firmname = mysqli_real_escape_string($dbc, trim($_POST['firmname']));
    $email = mysqli_real_escape_string($dbc, trim($_POST['email']));
    $password = mysqli_real_escape_string($dbc, trim($_POST['password']));
    $password2 = mysqli_real_escape_string($dbc, trim($_POST['password2']));

    if (!empty($username) && !empty($password) && !empty($password2) && ($password == $password2)) {
      // Make sure someone isn't already registered using this username
      $query = "SELECT * FROM attorney_users WHERE username = '$username'";
      $data = mysqli_query($dbc, $query);
      if (mysqli_num_rows($data) == 0) {
        // The username is unique, so insert the data into the database
        $query = "INSERT INTO attorney_users (username, firstname, lastname, firmname, email, password, date) VALUES ('$username', '$firstname', '$lastname', $firmname, $email, SHA('$password'), NOW())";
        mysqli_query($dbc, $query);

        // Confirm success with the user
        echo '<p>Your new account has been successfully created. You\'re now ready to <a href="index.php">log in</a>.</p>';

        mysqli_close($dbc);
        exit();
      }
      else {
        // An account already exists for this username, so display an error message
        echo '<p class="error">An account already exists for this username. Please use a different username.</p>';
        $username = "";
      }
    }
    else {
      echo '<p class="error">You must enter all of the sign-up data, including the desired password twice.</p>';
    }
  }

  mysqli_close($dbc);
?>
<div id="main-wrapper">
            <div id="register-wrapper">
                <form method="post" action = "<?php echo $_SERVER['PHP_SELF'];?>">
                <fieldset>
                    <ul>
                         <label for="username">Username : </label>
                         <input type="text" id="username" name = "username" value = "<?php if (!empty($username)) echo $username; ?>"  />

                         <label for="firstname">First Name : </label>
                         <input type="text" id="firstname"  name = "firstname"  />

                         <label for="lastname">Last Name : </label>
                         <input type="text" id="lastname"  name = "lastname" />

                         <label for="firmn">Firm Name : </label>
                         <input type="text" id="firmname"  name = "firmname" />

                         <label for="email">Email : </label>
                         <input type="text" id="email"  name = "email"  />

                         <label for="password">Password : </label>
                         <input type="password" id="password"  name="password" />

                         <label for="password2">Verify Password : </label>
                         <input type="password" id="password2"  name="password2" />

                        </li>
                        <li class="buttons">
                         <input type="submit" value="Register" name="submit"  />
                            <input type="button" name="cancel" value="Cancel" onclick="location.href='index.php'" />
                     </li>
                    </ul>
                </fieldset>
                </form>
            </div>
        </div>

    </body>
</html>  

2 个答案:

答案 0 :(得分:0)

date保留在mysql中,使用`围绕列名

$query = "INSERT INTO attorney_users (`username`, `firstname`, 
`lastname`, `firmname`, `email`, `password`, `date`) 
VALUES ('$username', '$firstname', '$lastname', $firmname, 
$email, SHA('$password'), NOW())";

为什么使用mysqli_real_escape_string进行转义,你可以在这里使用预备语句。

修改

用于检查查询中的错误

$data = mysqli_query($dbc, $query) or die(mysqli_error());

答案 1 :(得分:0)

更改您的$查询
$query = "INSERT INTO attorney_users (username, firstname, lastname, firmname, email, password, date) VALUES ('$username', '$firstname', '$lastname', $firmname, $email, SHA('$password'), NOW())";

$password = SHA1($password);  
$query = "INSERT INTO attorney_users (`username`, `firstname`, `lastname`, `firmname`, `email`, `password`, `date`) VALUES ('{$username}', '{$firstname}', '{$lastname}', '{$firmname}', '{$email}', '{$password}', NOW())";