我是PDO的新手并且一直遇到致命错误。我试图首先检查空字段,然后检查重复的电子邮件,然后如果通过,则将用户数据插入数据库。在搜索和搜索之后,我绝对迷失在哪里我出错了。这是我的代码:
<?php
session_start();
require_once('includes/db_connect.php');
include('functions/email-inject-function.php');
$first_name = trim($_POST['first_name']);
$last_name = trim($_POST['last_name']);
$email = trim($_POST['email']);
$company = trim($_POST['company']);
$phone = trim($_POST['phone']);
$password = trim($_POST['password']);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if(empty($_POST["first_name"])) {
$first_name_err = "<p>What is your first name?</p>";
$errorflag = 1;
}
if(empty($_POST["last_name"])) {
$last_name_err = "<p>What is your last name?</p>";
$errorflag = 1;
}
//checks email
if(empty($_POST["email"])) {
$email_err = "<p>What is your email address?</p>";
$errorflag = 1;
}
if(empty($_POST["company"])) {
$company_err = "<p>What is your company name?</p>";
$errorflag = 1;
}
if(empty($_POST["phone"])) {
$phone_err = "<p>What is your phone number?</p>";
$errorflag = 1;
}
if(empty($_POST["password"])) {
$pass_err = "<p>Please enter a password</p>";
$errorflag = 1;
}
else {
$injected = IsInjected($email);
if ($injected == true) {
$email_valid_err = "<p>Please enter a valid email.</p>";
$errorflag = 1;
}
}
try {
// Check if email is taken
$stmt = $dbh->prepare("SELECT * FROM `admins` WHERE `email` = :email");
$stmt->execute(array('email' => $email));
if ($stmt->fetchColumn() > 0) {
throw new Exception("That email is already taken.");
}
$sql="INSERT INTO admins (first_name, last_name, email, company, phone, password, reg_date) VALUES (:first_name, :last_name, :email, :company, :phone, SHA1('$password'), NOW())";
$query = $dbh->prepare($sql);
$result->execute(array(':first_name'=>$first_name, ':last_name'=>$last_name, ':email'=>$email, ':company'=>$company, ':phone'=>$phone, ':password'=>$password ));
echo $result;
//catch any errors from try()
}
catch(PDOException $e)
{
echo $e->getMessage();
}
}
?>
答案 0 :(得分:3)
这是一个简单的错误:
将$result
替换为$query
....
所以:
$result->execute(array(':first_name'=>$first_name, ':last_name'=>$last_name, ':email'=>$email, ':company'=>$company, ':phone'=>$phone, ':password'=>$password ));
echo $result;
应该是:
$query->execute(array(':first_name'=>$first_name, ':last_name'=>$last_name, ':email'=>$email, ':company'=>$company, ':phone'=>$phone, ':password'=>$password ));
echo $query;
查询也是错误的:
$sql="INSERT INTO admins (first_name, last_name, email, company, phone, password, reg_date) VALUES (:first_name, :last_name, :email, :company, :phone, SHA1('$password'), NOW())";
应该是
$sql="INSERT INTO admins (first_name, last_name, email, company, phone, password, reg_date) VALUES (:first_name, :last_name, :email, :company, :phone, SHA1(:password), NOW())";
请注意:密码:密码