所以我只是想做一个简单的注册页面,但无论我做什么,我都无法将任何信息插入到数据库中,任何人都可以看到我做错了吗?
没有错误被抛出。它也没有像我想要的那样将我引导到listings.php
页面,而是将它带回index.php
页面。
// include configuration file
include('config.php');
// connect to the database
$dbc = mysqli_connect ($db_host, $db_user, $db_password, $db_name) OR die ('Could not connect to MySQL: ' . mysqli_connect_error());
// continue session
session_start();
// if the form has been submitted
if(isset($_POST['submit']))
{
// create an empty error array
$error = array();
// check for a firstname
if(empty($_POST['firstname']))
{
$error['firstname'] = 'Required field';
}
// check for a lastname
if(empty($_POST['lastname']))
{
$error['lastname'] = 'Required field';
}
// check for a email
if(empty($_POST['email']))
{
$error['email'] = 'Required field';
} else {
// check to see if email address is unique
$query = "SELECT user_id FROM users WHERE email = '{$_POST['email']}'";
$result = mysqli_query($dbc, $query);
if(mysqli_num_rows($result) > 0)
{
$error['email'] = 'You already have an account';
}
}
// check for a password
if(empty($_POST['userpass']))
{
$error['userpass'] = 'Required field';
}
// if there are no errors
if(sizeof($error) == 0)
{
// insert user into the users table
"INSERT INTO users (
user_id,
firstname,
lastname,
email,
userpass,
signupdate
) VALUES (
null,
'{$_POST['firstname']}',
'{$_POST['lastname']}',
'{$_POST['email']}',
sha1('{$_POST['userpass']}'),
NOW()
)";
$result = mysqli_query($dbc, $query);
// obtain user_id from table
$user_id = mysqli_insert_id($dbc);
// send a signup e-mail to user
$message = "Dear {$_POST['firstname']} {$_POST['lastname']},\n";
$message = $message . "Thank you for signing up!\n";
mail($_POST['email'], 'Sign up confirmation', $message, "From: admin@designingsocialplatforms.com");
// append user_id to session array
$_SESSION['user_id'] = $user_id;
$_SESSION['firstname'] = $_POST['firstname'];
$_SESSION['lastname'] = $_POST['lastname'];
// redirect user to profile page
header("Location: listings.php");
exit();
}
}
答案 0 :(得分:1)
您需要设置$query
变量:
if(sizeof($error) == 0)
{
// insert user into the users table
$query = "INSERT INTO users (
user_id,
firstname,
lastname,
email,
userpass,
signupdate
) VALUES (
null,
'{$_POST['firstname']}',
'{$_POST['lastname']}',
'{$_POST['email']}',
sha1('{$_POST['userpass']}'),
NOW()
)";
另外,请注意......我会使用这样的准备语句:
<?php
// include configuration file
require('config.php');
// connect to the database
$mysqli = new mysqli($db_host, $db_user, $db_password, $db_name);
// Checking for mysqli errors
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
// continue session
session_start();
// if the form has been submitted
if(isset($_POST['submit']))
{
// create an empty error array
$error = array();
// check for a firstname
if(empty($_POST['firstname']))
{
$error['firstname'] = 'Required field';
}
// check for a lastname
if(empty($_POST['lastname']))
{
$error['lastname'] = 'Required field';
}
// check for a email
if(empty($_POST['email']))
{
$error['email'] = 'Required field';
} else {
// check to see if email address is unique
$query = "SELECT user_id FROM users WHERE email = ?";
if($stmt = $mysqli->prepare($query)){
$stmt->bind_param('s',$_POST['email']);
$stmt->execute();
$stmt->store_result();
$returned_amount = $stmt->num_rows;
$stmt->free_result();
$stmt->close();
}else die("Query failed to prepare!");
if($returned_amount > 0)
{
$error['email'] = 'You already have an account';
}
}
// check for a password
if(empty($_POST['userpass']))
{
$error['userpass'] = 'Required field';
}
// if there are no errors
if(sizeof($error) == 0)
{
// insert user into the users table
$query = "INSERT INTO users (
user_id,
firstname,
lastname,
email,
userpass,
signupdate
) VALUES (
null,
?,
?,
?,
sha1(?),
NOW()
)";
$result = mysqli_query($dbc, $query);
if($stmt = $mysqli->prepare($query)){
$stmt->bind_param('ssss', $_POST['firstname'], $_POST['lastname'], $_POST['email'], $_POST['userpass']);
$stmt->excute();
// obtain user_id from table
$user_id = $mysqli->insert_id;
$stmt->close();
}else die("Query failed to prepare itself");
// send a signup e-mail to user
$message = "Dear {$_POST['firstname']} {$_POST['lastname']},\n";
$message = $message . "Thank you for signing up!\n";
mail($_POST['email'], 'Sign up confirmation', $message, "From: admin@designingsocialplatforms.com");
// append user_id to session array
$_SESSION['user_id'] = $user_id;
$_SESSION['firstname'] = $_POST['firstname'];
$_SESSION['lastname'] = $_POST['lastname'];
// redirect user to profile page
header("Location: listings.php");
exit();
}
}
?>