我试图在我的数据库注册表单中添加更多字段。我想添加“firstname”和“lastname”,并且已经添加了数据库中的列以及注册表单上的字段。但是我不知道在连接到数据库的实际表单上要改变什么(register.inc.php)任何想法都将不胜感激!
<?php
include_once 'db_connect.php';
include_once 'psl-config.php';
$error_msg = "";
if (isset($_POST['username'], $_POST['email'], $_POST['p'])) {
$username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
$email = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL);
$email = filter_var($email, FILTER_VALIDATE_EMAIL);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error_msg .= '<p class="error">The email address you entered is not valid</p>';
}
$password = filter_input(INPUT_POST, 'p', FILTER_SANITIZE_STRING);
if (strlen($password) != 128) {
$error_msg .= '<p class="error">Invalid password configuration.</p>';
}
$prep_stmt = "SELECT id FROM members WHERE email = ? LIMIT 1";
$stmt = $mysqli->prepare($prep_stmt);
if ($stmt) {
$stmt->bind_param('s', $email);
$stmt->execute();
$stmt->store_result();
if ($stmt->num_rows == 1) {
$error_msg .= '<p class="error">A user with this email address already exists.</p>';
}
} else {
$error_msg .= '<p class="error">Database error</p>';
}
if (empty($error_msg)) {
$random_salt = hash('sha512', uniqid(openssl_random_pseudo_bytes(16), TRUE));
$password = hash('sha512', $password . $random_salt);
// Insert the new user into the database
if ($insert_stmt = $mysqli->prepare("INSERT INTO members (username, email, password, salt) VALUES (?, ?, ?, ?)")) {
$insert_stmt->bind_param('ssss', $username, $email, $password, $random_salt);
// Execute the prepared query.
if (! $insert_stmt->execute()) {
header('Location: ../error.php?err=Registration failure: INSERT');
exit();
}
}
header('Location: ./register_success.php');
exit();
}
}
答案 0 :(得分:2)
你需要:
更新您的PHP代码以使用
读取这些值$firstname = filter_input(INPUT_POST, 'firstname', FILTER_SANITIZE_STRING);
$lastname = filter_input(INPUT_POST, 'lastname', FILTER_SANITIZE_STRING);
更新MYSQLi准备包含firstname和lastname(注意额外的标签和?)
$insert_stmt = $mysqli->prepare("INSERT INTO members (username, email, password, salt, firstname, lastname) VALUES (?, ?, ?, ?, ?, ?)"))
更新绑定以添加名字和姓氏
$insert_stmt->bind_param('ssssss', $username, $email, $password, $random_salt, $firstname, $lastname);
答案 1 :(得分:0)
我会把它放到一个数组中,所以如果我需要添加更多列,它将节省我的时间。
<?php
include_once 'db_connect.php';
include_once 'psl-config.php';
$error_msg = "";
$arr=['username','email','p','firstname','lastname','salt'];
$arrvalues=new Array(arr.length())
for($i=0;$i<$array.length();$i=$i+1){
if (isset($_POST[$arr[$i]]&& !empty($_POST[$arr[$i])) {
$arrvalues[$i] = filter_input(INPUT_POST,$arr[$i], FILTER_SANITIZE_STRING);
if($arr[$i]=="email"){
$arrvalues[$i]=filter_var($arrvalues[$i], FILTER_VALIDATE_EMAIL);
if (!filter_var($arrvalues[$i], FILTER_VALIDATE_EMAIL)) {
$error_msg .= '<p class="error">The email address you entered is not valid</p>';
}
}
if($arr[$i]=="password"){
if (strlen($arrvalues[$i]) != 128) {
$error_msg .= '<p class="error">Invalid password configuration.</p>';
}
}
}
}
$prep_stmt = "SELECT id FROM members WHERE email = ? LIMIT 1";
$stmt = $mysqli->prepare($prep_stmt);
if($stmt){
$stmt->bind_param('s', $arrvalues[1]);
$stmt->execute();
$stmt->store_result();
if ($stmt->num_rows == 1) {
$error_msg .= '<p class="error">A user with this email address already exists.</p>';
}
} else {
$error_msg .= '<p class="error">Database error</p>';
}
if (empty($error_msg)) {
$arrvalues[5] = hash('sha512', uniqid(openssl_random_pseudo_bytes(16), TRUE));
$arrvalues[2] = hash('sha512', $arrvalues[2] . $arrvalues[5]);
// Insert the new user into the database
for($i=0;$i<$array.length();$i=$i+1){
if ($insert_stmt = $mysqli->prepare("INSERT INTO members (".$arrvalues[$i].") VALUES (?)")) {
$insert_stmt->bind_param('ssss', $arrvalues[$i]);
// Execute the prepared query.
if (! $insert_stmt->execute()) {
header('Location: ../error.php?err=Registration failure: INSERT');
exit();
}
}
}
header('Location: ./register_success.php');
exit();
}