我创建了一个简单的表单来为我正在开发的系统创建新用户但是由于某种原因,当处理表单时,“password”字段没有存储在数据库中,或者至少看起来是这样的因为表格中的其他字段都填写了“密码”字段。
表格的代码如下:
<form action="create_admin.php" method="post" enctype="multipart/form-data">
<div style="float:left; width:45%">
<!-- username -->
<p>
<label>Username:</label><br/>
<input type="text" class="text small" name="username" id="username" value="" />
<span class="note">*required</span>
</p>
<!-- password -->
<p>
<label>Password:</label><br/>
<input type="text" class="text small" name="password" id="password" value="" />
<span class="note">*required</span>
</p>
<!-- other comments -->
</div>
<div style="width:45%;float:right">
<!-- user_id_account -->
<p>
<label>Position:</label><br/>
<select name="position" class="styled" style="width:240px">
<option value="0">n/a</option>
<option value="Design" >Design</option>
<option value="Development" >Development</option>
<option value="Sales" >Sales</option>
<option value="Management" >Management</option>
</select>
</p>
</div>
<p>
<input type="submit" class="submit long" value="Save and Return" name="submit" />
</p>
</form>
表格处理代码如下:
<?php require_once("includes/db_connection.php"); ?>
<?php require_once("includes/functions.php"); ?>
<?php
if (isset($_POST['submit'])) {
//Process the form
$username = mysql_prep($_POST["username"]);
$password = $_POST["password"];
$position = $_POST["position"];
$query = "INSERT INTO admin (";
$query .= " username, password, position";
$query .= " ) VALUES (";
$query .= " '{$username}', '{$password}', '{$position}' ";
$query .= ")";
echo $query;
try { $result = mysqli_query($connection, $query);
} catch (Exception $e) {
return 'Caught exception: '+ $e->getMessage()+ "\n";
}
//Test if there was a query error
if ($result) {
//Success
// would normally use a redirect ie redirect_to("somepage.php");
//$message = "Subject created.";
redirect_to("list_admins.php");
}else {
//failure
//$message = "Subject creation failed.";
//redirect_to("add_project.php");
echo $query;
}
} else {
// This is probably a GET request
redirect_to("add_admin.php");
}?>
<?php
// Close database connection
if(isset($connection)){ mysqli_close($connection); }
?>
我想也许这个问题是我的SQL语句但是我已经在phpMyAdmin中尝试了它,看起来很好。谁能解释一下我在哪里可能会出错?
*注意:我意识到我没有将密码输入设置为密码,因为我只是暂时将其保存为明文,直到我得到所有工作,并在稍后阶段添加加密。
答案 0 :(得分:2)
你的try-catch块不会抛出任何东西。尝试这样的方法来正确插入插件。另请注意,如果您在无法重定向之前回显。
$query = "INSERT INTO admin ( username, password, position ) VALUES ( ?, ?, ? )";
echo $query; // <-- If you echo this, your php redirect won't work, unless you use Javascript
if($stmt = $connection->prepare($query)){
$stmt->bind_param('sss', $username, $password, $position);
$result = $stmt->execute();
$stmt->close();
}else die("Failed to prepare!");
答案 1 :(得分:0)
如果只有你的密码问题。请验证
如果mysql数据库中的密码字段的数据类型与输入值不匹配。
在第一步验证后,如果问题仍然存在,请尝试在处理页面中回显密码值,如果显示正确,则使用语法执行试验。