我正在努力从mysql掌握PDO,这是我的注册表。
我收到的错误对我来说不太合理,有人可以帮我填写我的注册表吗?
<? include 'includes/overall/head.php';
include 'core/init.php';?>
<div id="page" class="container">
<div id="box1">
<h2 class="title"><? echo $welcome; ?></h2>
<div style="clear: both;"> </div>
<div class="entry">
<form method="POST" action="process_user.php">
Username*: <br/>
<input type="text" name="username" /><br/>
Password*: <br/>
<input type="password" name="password" /><br/>
Confirm Password*: <br/>
<input type="password" name="password_confirm" /><br/>
Email*: <br/>
<input type="text" name="email" /><br/>
Confirm Email*: <br/>
<input type="text" name="email_confirm" /><br/>
<?require_once('recaptchalib.php');
$publickey = "*****";
echo recaptcha_get_html($publickey);?>
<input type="submit" name="submit" value="Register">
</form>
</div>
</div>
<? include 'includes/overall/footer.php'; ?>
这是prcess_user.php
<? include 'includes/overall/head.php';
include 'core/init.php';?>
<div id="page" class="container">
<div id="box1">
<h2 class="title"><? echo $welcome; ?></h2>
<div style="clear: both;"> </div>
<div class="entry">
<?
require_once('recaptchalib.php');
$privatekey = "*****";
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
die ("The reCAPTCHA wasn't entered correctly. Go back and try it again.");
} else {
if (empty($_POST) === false) {
$required_fields = array('username', 'password', 'password_confirm', 'email', 'email_confirm');
foreach($_POST as $key=>$value) {
if (empty($value) && in_array($key, $required_fields) === true) {
$errors[] = 'Fields marked with an asterisk are required.';
break 1;
}
}
}
if (empty($errors) === true) {
if(user_exists($_POST['username'] === true)) {
$errors[] = 'Sorry, the username \''.$_POST['username'].'\' is already taken.';
}
if (preg_match("/\\s/", $_POST['username'] == true)) {
$errors[] = 'Your username cannot contain any spaces';
}
if (strlen($_POST['password']) < 6 || strlen($_POST['password'] > 32)) {
$errors[] = 'Your password must be between 6 and 32 characters';
}
if ($_POST['password'] !== $_POST['password_confirm']) {
$errors[] = 'Your passwords did not match';
}
if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false) {
$errors[] = 'Please enter a valid email address.';
}
if (email_exists($_POST['email']) === true) {
$errors[] = 'The email address \''.$_POST['email'].'\' is arealdy registered.';
}
}
}
if (isset($_GET['success']) && empty($_GET['success'])) {
echo 'You\'ve been successfully registered, please check your email inbox to activate your account';
} else {
if (empty($_POST) === false && empty($errors) === true) {
$register_data = array(
'username' => $_POST['username'],
'password' => $_POST['password'],
'email' => $_POST['email'],
'email_code' => md5($_POST['username'] + microtime())
);
register_user($register_data);
header('location: register.php?success');
exit();
} else if(empty($errors) === false) {
echo output_errors($errors);
}
//LINK TO GO BACK AND TRY AGAIN
}
?>
</div>
</div>
<? include 'includes/overall/footer.php'; ?>
最后,与他们一起去的功能
<?php
function user_exists($username) {
$username = sanitize($username);
$query = "SELECT COUNT(`user_id`) FROM `users` WHERE `username` = `$username`";
$stmt = $dbh->prepare($query);
$stmt->execute();
return ($stmt->rowCount() == 1) ? true : false;
}
function email_exists($email) {
$email = sanitize($email);
$query = "SELECT COUNT (`user_id`) FROM `users` WHERE `email` = $email";
$stmt = $dbh->prepare($query);
$stmt->execute();
return ($stmt->rowCount() == 1) ? true : false;
}
function register_user($register_data) {
array_walk($register_data, 'array_sanitize');
$register_datapw = $register_data['password'];
require ('../../includes/blowfish.class.php');
$bcrypt = new Bcrypt(4);
$register_data['password'] = $bcrypt->hash($_POST['password']);
$fields = '`' . implode('`, `', array_keys($register_data)) . '`';
$data = '\'' . implode('\', \'', $register_data) . '\'';
$query = "INSERT INTO `USERS` ($fields) VALUES ($data)";
$stmt->prepare($query);
$stmt->execute();
}
?>
这是我收到的错误
[08-May-2013 09:44:52 America/Denver] PHP Parse error: syntax error, unexpected '$' in .../process_user.php on line 50
这是
if (isset($_GET['success']) && empty($_GET['success'])) {
答案 0 :(得分:1)
PHP中的empty()
函数有一些非常奇怪的语义。每the fine manual:
在PHP 5.5之前,
empty()
仅支持变量;其他任何东西都会导致解析错误。换句话说,以下内容不起作用:empty(trim($name))
。相反,请使用trim($name) == false
。
同样,您需要使用$_GET['success'] == false
代替empty($_GET['success'])
。
顺便说一句:您正在使用PDO,这很好,但您仍在将用户输入插入到SQL查询中,这非常非常非常糟糕。在继续之前,了解如何正确使用PDO和绑定变量。