我有网站注册,起初我只使用电子邮件和用户名进行注册,但我意识到我还想要全名和工作组。
我的问题是,当我将这些注册功能添加到注册功能时,注册将无法正常工作。我得到了“注册成功”但没有任何内容插入数据库。
注册表单的代码:
<form method="post" name="registration_form" action="<?php echo esc_url($_SERVER['PHP_SELF']); ?>">
<!-- Username -->
<input type='text'
name='username'
id='username'/>
<!-- Full Name -->
<input type='text'
name='fullname'
id='fullname'/>
<!-- Group -->
<input type='text'
name='group'
id='group'/>
<!-- Email -->
<input type="text"
name="email"
id="email"/>
<!-- Password -->
<input type="password"
name="password"
id="password"/>
<!-- Confirm Password -->
<input type="password"
name="confirmpwd"
id="confirmpwd"/>
<input type="button"
value="Register"
onclick="return regformhash(this.form,
this.form.username,
this.form.fullname,
this.form.group,
this.form.email,
this.form.password,
this.form.confirmpwd);" />
</form>
将数据插入数据库的代码:
<?php
include_once 'db_connect.php';
include_once 'psl-config.php';
$error_msg = "";
if (isset($_POST['username'], $_POST['fullname'], $_POST['group'], $_POST['email'], $_POST['p'])) {
$username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
$email = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL);
$email = filter_var($email, FILTER_VALIDATE_EMAIL);
$fullname = filter_input(INPUT_POST, 'fullname', FILTER_SANITIZE_STRING);
$group = filter_input(INPUT_POST, 'group', FILTER_SANITIZE_STRING);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
// Not a valid email
$error_msg .= '<p class="error">The email address you entered is not valid</p>';
}
$password = filter_input(INPUT_POST, 'p', FILTER_SANITIZE_STRING);
if (strlen($password) != 128) {
$error_msg .= '<p class="error">Invalid password configuration.</p>';
}
$prep_stmt = "SELECT id FROM members WHERE email = ? LIMIT 1";
$stmt = $mysqli->prepare($prep_stmt);
if ($stmt) {
$stmt->bind_param('s', $email);
$stmt->execute();
$stmt->store_result();
if ($stmt->num_rows == 1) {
// A user with this email address already exists
$error_msg .= '<p class="error">A user with this email address already exists.</p>';
}
} else {
$error_msg .= '<p class="error">Database error</p>';
}
if (empty($error_msg)) {
$random_salt = hash('sha512', uniqid(openssl_random_pseudo_bytes(16), TRUE));
$password = hash('sha512', $password . $random_salt);
if ($insert_stmt = $mysqli->prepare("INSERT INTO members (username, email, password, salt, group, name) VALUES (?, ?, ?, ?, ?, ?)")) {
$insert_stmt->bind_param('ssssss', $username, $email, $password, $random_salt, $group, $fullname);
if (! $insert_stmt->execute()) {
header('Location: ../error.php?err=Registration failure: INSERT');
}
}
header('Location: ./register_success.php');
exit();
}
}
包含的db-connect.php和psl-config.php正确连接到数据库,因为它们之前没有变化,然后工作。
用于验证的javascript应该是无关紧要的,但如果请求,我会发布它。
答案 0 :(得分:3)
我获得了“注册成功”但没有插入任何内容 数据库中。
这是因为group是reserved word,您需要在查询中使用反引号将其包围。检查您的INSERT声明并进行此更改。
TO members (username, email, password, salt, `group`, name) VALUES (?,
^^^^^