此脚本在2天前工作。但现在在每次注册时都会给我一些错误,即没有定义用户名。密码未定义,电子邮件未定义。
似乎$ username,$ password和$ email变量不是isset。
这来自我的error_log:
PHP警告:mysql_real_escape_string()[function.mysql-real-escape-string]:第52行/registerScr.php中用户'root'@'localhost'(使用密码:NO)拒绝访问 PHP警告:mysql_real_escape_string()[function.mysql-real-escape-string]:无法在第52行的/registerScr.php中建立到服务器的链接
在第52行,我有mysql_real_escape_string函数。我在stackoverflow上搜索有关解决方案但没有一个能解决我的问题。
代码是:
<?
/* Include Files *********************/
session_start();
include("db.php"); //Database connection
include("lScr.php"); // check if I am connected
/*************************************/
?>
<!DOCTYPE html>
<html>
................
<?
function protect($string){
$string = mysql_real_escape_string($string);
$string = strip_tags($string);
$string = addslashes($string);
return $string;
}
echo " <br>
<form class=\"form-horizontal\" action=\"\" method=\"post\">
<fieldset>
<div class=\"control-group\">
<label class=\"control-label\" for=\"input01\">Username </label>
<div class=\"controls\">
<input type=\"text\" class=\"input-xlarge\" id=\"input01\" name=\"username\" maxlength=\"30\" placeholder=\"Your username\">
</div>
</div>
<div class=\"control-group\">
<label class=\"control-label\" for=\"input01\">Password </label>
<div class=\"controls\">
<input type=\"password\" class=\"input-xlarge\" id=\"input01\" name=\"password\" maxlength=\"30\" placeholder=\"Your password\">
</div>
</div>
<div class=\"control-group\">
<label class=\"control-label\" for=\"input01\">Confirm Password </label>
<div class=\"controls\">
<input type=\"password\" class=\"input-xlarge\" id=\"input01\" name=\"passconf\" maxlength=\"30\" placeholder=\"Your password,again!\">
</div>
</div>
<div class=\"control-group\">
<label class=\"control-label\" for=\"input01\">E-mail </label>
<div class=\"controls\">
<input type=\"text\" class=\"input-xlarge\" id=\"input01\" name=\"email\" placeholder=\"Your e-mail\">
</div>
</div>
<div class=\"control-group\">
<label class=\"control-label\" for=\"input01\">Enter Captcha </label>
<div class=\"controls\">";
require_once('recaptchalib.php');
$publickey = "examplekey******"; // you got this from the signup page
echo recaptcha_get_html($publickey);
echo"
</div>
</div>
<br/><div class=\"control-group\">
<div class=\"controls\">
<input type=\"submit\" class=\"btn btn-primary\" name=\"submit\" value=\"Register\">
</div>
</div>
</fieldset>
</form>";
?>
</div>
<div class="span4">
<? if (isset($_POST['submit'])) {
$username = protect($_POST['username']);
$password = protect($_POST['password']);
$confirm = protect($_POST['passconf']);
$email = protect($_POST['email']);
$errors = array();
if(!$username){
$errors[] = "Username is not defined!";
}
if(!$password){
$errors[] = "Password is not defined!";
}
if($password){
if(!$confirm){
$errors[] = "Confirmation password is not defined!";
}
}
if(!$email){
$errors[] = "E-mail is not defined!";
}
if($username){
$aValid = array('-', '_');
if(!ctype_alnum(str_replace($aValid, '', $username))){
$errors[] = "Username can only contain numbers, letters and symbols like \"-\" or \"_\"!";
}
$range = range(1,32);
if(!in_array(strlen($username),$range)){
$errors[] = "Username must be between 1 and 32 characters!";
}
}
if($password && $confirm){
if($password != $confirm){
$errors[] = "Passwords do not match!";
}
}
if($email){
$checkemail = "/^[a-z0-9]+([_\\.-][a-z0-9]+)*@([a-z0-9]+([\.-][a-z0-9]+)*)+\\.[a-z]{2,}$/i";
if(!preg_match($checkemail, $email)){
$errors[] = "E-mail is not valid, must be name@server.tld!";
}
}
if($username){
$sql = "SELECT * FROM `users` WHERE `username`='".$username."'";
$res = mysql_query($sql) or die(mysql_error());
if(mysql_num_rows($res) > 0){
$errors[] = "The username you supplied is already in use!";
}
}
if($email){
$sql2 = "SELECT * FROM `users` WHERE `email`='".$email."'";
$res2 = mysql_query($sql2) or die(mysql_error());
if(mysql_num_rows($res2) > 0){
$errors[] = "The e-mail address you supplied is already in use of another user!";
}
}
require_once('recaptchalib.php');
$privatekey = "examplekey*****";
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
// What happens when the CAPTCHA was entered incorrectly
$errors[] = "Wrong Captcha. Please re-write Captcha!";
}
if(count($errors) > 0){
foreach($errors AS $error){
echo "<div class=\"alert alert-block alert-error fade in\">
<h4 class=\"alert-heading\"><li>$error</li></h4></div>";
}
}else {
$sql4 = "INSERT INTO `users`
(`username`,`password`,`email`)
VALUES ('".$username."','".$password."','".$email."')";
$res4 = mysql_query($sql4) or die(mysql_error());
echo "Registed";
}
}
?>
db.php代码:
$conn = mysql_connect($dbhost, $dbuser, $dbpassword);
if (!$conn)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("db_example", $conn);
答案 0 :(得分:0)
如果没有先连接数据库,请不要使用此功能。没有数据库连接。
答案 1 :(得分:0)
您从日志中重新打印的错误消息
PHP警告:mysql_real_escape_string()[function.mysql-real-escape-string]:拒绝访问用户'root'@'localhost'(使用密码:NO)i
是一个很好的线索。
出于某些非直观原因,您必须先使用数据库连接才能使用mysql_real_escape_string()功能。
要解决您的问题,您必须在调用mysql_connect()之前检查包含文件中的protect() 并且该连接有效(您有权利)密码,用户名和主机名。)