我使用以下website的代码为我的网站提供添加用户功能。我以前用它,效果很好。但是现在我已经改变它并根据我的需要进行了修改。但它似乎没有工作。我得到的错误信息是“请输入正确的表格”,这是我已设置的信息,以防各个字段尚未发送(请参阅下面粘贴的代码)。我认为这可能是我可能搞砸了,所以我尝试了网站的代码,它不起作用。它是wamp服务器设置的原因吗?还是cz
由于我是php授权和验证的新手,我无法想到我可以调试的任何内容。任何帮助将非常感激。我发布了我的html表单,以及下面的php代码。我的sql表看起来有以下列:userid,firstname,lastname,username,password,emailid,teamname,money,total,points
html表单 -
<?php
/*** begin our session ***/
session_start();
/*** set a form token ***/
$form_token = md5( uniqid('auth', true) );
/*** set the session form token ***/
$_SESSION['form_token'] = $form_token;
?>
<form class="form-inline" method="post" action="useradd.php" name="login_form">
<p><input type="text" class="span2" name="firstname" id="firstname" placeholder="First Name"></p>
<p><input type="text" class="span2" name="lastname" id="Last Name" placeholder="Last Name"></p>
<p><input type="text" class="span2" name="username" id="username" placeholder="Username"></p>
<p class="help-block" style="font-size:12px"> Username should be between 4-20 characters long.</p>
<p><input type="Password" class="span2" name="Password" placeholder="Password"></p>
<p class="help-block" style="font-size:12px"> Password must be between 4-20 characters long. Must be alpha-numeric</p>
<p><input type="Password" class="span2" name="Password" placeholder="Re-Enter Password"></p>
<p><input type="text" class="span4" name="emailid" id="emailid" placeholder="Emaid ID - example@example.com"></p>
<p><input type="text" class="span2" name="teamname" id="teamname" placeholder="Team name"></p>
<p class="help-block" style="font-size:12px"> Select your Unique team name.</p>
<p>
<select class="selectpicker">
<option>The name of the city where you were born</option>
<option>The name of your first pet</option>
<option>What is your mother's maiden name</option>
</select>
</p>
<p><input type="text" class="span2" name="secretanswer" id="secretanswer" placeholder="Secret Answer"></p>
<p>
<input type="hidden" name="form_token" value="<?php echo $form_token; ?>" /><br />
<p><button type="submit" class="btn btn-primary">Register</button></p>
</form>
php代码 - 文件名为 - useradd.php
<?php
/*** begin our session ***/
session_start();
/*** first check that both the username, password, form token etc have been sent ***/
if(!isset( $_POST['username'], $_POST['password'], $_POST['form_token']))
{
$message = 'work for the love of god';
}
/*** check the form token is valid ***/
elseif( $_POST['form_token'] != $_SESSION['form_token'])
{
$message = 'Invalid form submission';
}
/*** check the username is the correct length ***/
elseif (strlen( $_POST['username']) > 20 || strlen($_POST['username']) < 4)
{
$message = 'Incorrect Length for Username';
}
/*** check the password is the correct length ***/
elseif (strlen( $_POST['password']) > 20 || strlen($_POST['password']) < 4)
{
$message = 'Incorrect Length for Password';
}
/*** check the username has only alpha numeric characters ***/
elseif (ctype_alnum($_POST['username']) != true)
{
/*** if there is no match ***/
$message = "Username must be alpha numeric";
}
/*** check the password has only alpha numeric characters ***/
elseif (ctype_alnum($_POST['password']) != true)
{
/*** if there is no match ***/
$message = "Password must be alpha numeric";
}
else
{
/*** if we are here the data is valid and we can insert it into database ***/
$firstname = filter_var($_POST['firstname'], FILTER_SANITIZE_STRING);
$lastname = filter_var($_POST['lastname'], FILTER_SANITIZE_STRING);
$username = filter_var($_POST['username'], FILTER_SANITIZE_STRING);
$password = filter_var($_POST['password'], FILTER_SANITIZE_STRING);
$emailid = filter_var($_POST['emailid'], FILTER_SANITIZE_STRING);
$teamname = filter_var($_POST['teamname'], FILTER_SANITIZE_STRING);
$secret_question = filter_var($_POST['secret_question'], FILTER_SANITIZE_STRING);
$secret_answer = filter_var($_POST['secret_answer'], FILTER_SANITIZE_STRING);
/*** now we can encrypt the password ***/
$password = sha1( $password );
/*** connect to database ***/
/*** mysql hostname ***/
$mysql_hostname = 'localhost';
/*** mysql username ***/
$mysql_username = 'root';
/*** mysql password ***/
$mysql_password = 'imagination';
/*** database name ***/
$mysql_dbname = 'adb project';
try
{
$dbh = new PDO("mysql:host=$mysql_hostname;dbname=$mysql_dbname", $mysql_username, $mysql_password);
/*** $message = a message saying we have connected ***/
/*** set the error mode to excptions ***/
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
/*** prepare the insert ***/
$stmt = $dbh->prepare("INSERT INTO users (firstname,lastname,username,password,emailid,teamname, secret_question,secret_answer ) VALUES (:firstname,:lastname,:username,:password, :emailid,:teamname,:secret_question,:secret_answer)");
/*** bind the parameters ***/
$stmt->bindParam(':firstname', $firstname, PDO::PARAM_STR);
$stmt->bindParam(':lastname', $lastname, PDO::PARAM_STR);
$stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->bindParam(':password', $password, PDO::PARAM_STR, 40);
$stmt->bindParam(':emailid', $emailid, PDO::PARAM_STR);
$stmt->bindParam(':teamname', $teamname, PDO::PARAM_STR);
$stmt->bindParam(':secret_question', $secret_question, PDO::PARAM_STR);
$stmt->bindParam(':secret_answer', $secret_answer, PDO::PARAM_STR);
/*** execute the prepared statement ***/
$stmt->execute();
/*** unset the form token session variable ***/
unset( $_SESSION['form_token'] );
/*** if all is done, say thanks ***/
$message = 'New user added';
}
catch(Exception $e)
{
/*** check if the username already exists ***/
if( $e->getCode() == 23000)
{
$message = 'Username already exists';
}
else
{
/*** if we are here, something has gone wrong with the database ***/
$message = 'We are unable to process your request. Please try again later"';
}
}
}
?>
<html>
<head>
<title>Login</title>
</head>
<body>
<p><?php echo $message; ?>
</body>
</html>
答案 0 :(得分:1)
这可能吗?
在表单中,name="Password"上有一个大写'P'但在useradd.php中你的isset()测试$ _POST [“password”](小p)
有了这些类型的问题,我立即尝试找出进程失败的确切位置,因此我通常会在一堆echo "got to here 1";和echo "got to here 2";中加入,以便我知道脚本是它 here ,没有了。
答案 1 :(得分:0)
您已在表单中定义了名称=“密码”两次