我正在尝试插入名字,姓氏等等。但是,我觉得我的价值观有些不对劲。任何有关价值观的帮助都应该措辞?
$query="INSERT INTO `users` (`firstname`, `lastname`,`email`, `password`, `gender`, `country`, `state`) VALUES('".mysqli_real_escape_string($link, $_POST['email'])."', '".md5(md5($_POST['email']).$_POST['password'])."')";
mysqli_query($link, $query);
$_SESSION['id']=mysqli_insert_id($link);
header("Location: dashboard.php");
}
}
}
如果需要,这就是整件事......
if ($_POST['submit']=="Sign Up") {
if (!$_POST['firstname']) $error.="<br />Please enter your first name";
if (!$_POST['lastname']) $error.="<br />Please enter your last name";
if (!$_POST['email']) $error.="<br />Please enter your email";
else if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) $error.="<br />Please enter a valid email address";
if (!$_POST['password']) $error.="<br />Please enter your password";
else {
if (strlen($_POST['password'])<8) $error.="<br />Please enter a password with at least 8 characters";
if (!preg_match('`[A-Z]`', $_POST['password'])) $error.="<br />Please enter at least 1 capital letter";
}
if ($_POST['password'] !== $_POST['confirmpassword'])
$error.="<br />Your passwords do not match.";
if (!$_POST['gender']) $error.="<br />Please enter your gender";
if (!$_POST['country']) $error.="<br />Please enter your country";
if (!$_POST['state']) $error.="<br />Please enter your state";
if ($error) $error = "There were error(s) in your signup details:".$error;
else {
$query = "SELECT * FROM `users` WHERE email='".mysqli_real_escape_string($link, $_POST['email'])."'";
$result = mysqli_query($link, $query);
$results = mysqli_num_rows($result);
if ($results) $error = "That email address is already registered";
else {
$query="INSERT INTO `users` (`firstname`, `lastname`,`email`, `password`, `gender`, `country`, `state`) VALUES('".mysqli_real_escape_string($link, $_POST['email'])."', '".md5(md5($_POST['email']).$_POST['password'])."')";
mysqli_query($link, $query);
$_SESSION['id']=mysqli_insert_id($link);
header("Location: dashboard.php");
}
}
}
答案 0 :(得分:0)
你的查询是这样的;代码重新格式化为多行以更好地显示问题:
$query = "INSERT INTO `users` (`firstname`, `lastname`,`email`, `password`, `gender`, `country`, `state`)"
. " VALUES('".mysqli_real_escape_string($link, $_POST['email'])."', '".md5(md5($_POST['email']).$_POST['password'])."')"
;
因此,您有七(7)个插入值,但您的实际VALUES只有两(2)个项目。这就是你的问题。快速查看我的意思是只添加如下的空值:
$query = "INSERT INTO `users` (`firstname`, `lastname`,`email`, `password`, `gender`, `country`, `state`)"
. " VALUES('','','".mysqli_real_escape_string($link, $_POST['email'])."', '".md5(md5($_POST['email']).$_POST['password'])."','','','')"
;
但我相信您想要插入所有$POST数据,如下所示:
$query = "INSERT INTO `users` (`firstname`, `lastname`,`email`, `password`, `gender`, `country`, `state`)"
. " VALUES('".mysqli_real_escape_string($link, $_POST['firstname'])."','".mysqli_real_escape_string($link, $_POST['lastname'])."','".mysqli_real_escape_string($link, $_POST['email'])."', '".md5(md5($_POST['email']).$_POST['password'])."','".mysqli_real_escape_string($link, $_POST['gender'])."','".mysqli_real_escape_string($link, $_POST['country'])."','".mysqli_real_escape_string($link, $_POST['state'])."')"
;
但更大的问题是,如果没有真正的过滤,您将直接将$POST数据插入MySQL数据库。所以你应该考虑做一些更好的验证。但就你的直接数据库问题而言,这应该立即解决问题。
答案 1 :(得分:0)
您可以使用假定的&#34;值&#34;指定要插入的7列,但只在值中放入3个参数。而且,当您在此处向表中插入值时,您应该按正确的顺序将它们放在
中"INSERT INTO `users` (`firstname`, `lastname`,`email`, `password`, `gender`, `country`, `state`) VALUES('firstname','lastname','".mysqli_real_escape_string($link, $_POST['email'])."', '".md5(md5($_POST['email']).$_POST['password'])."','gender','country')";
好吧,考虑到你只是忘了在firstname,lastname等中输入凭据。或者如果你不愿意在你的程序中,你可以用NULL替换那些凭证。