PHP,PDO,MySQLi函数不要插入数据库

时间:2014-10-11 22:31:23

标签: php mysql web-services pdo mysqli

我创建了使用pdo将信息插入数据库并获得XSS保护的代码。 现在我几天看代码,并没有看到使代码不插入requird信息的问题。 这是我的代码:

if ($register = $mysqli->prepare("INSERT INTO `accounts`(`id`, `username`, `email`, `password`, `salt`, `fullname`, `birthdate`, `gender`, `secure question`, `secure answer`, `asked`, `answered`, `lastlogin`) VALUES (NULL, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)")) {
                    $register->bind_param("ssssssddsdds", $username, $email, $password, $random_salt, $fullname, $birthdate, $gender, $question, $answer, $z, $z, $lastlogin);
                    // Execute the prepared query.
                    if (! $register->execute()) {
                        echo "אירעה שגיאה";
                        $register->close();
                    }else{
                    echo 'אתם נרשמתם בהצלחה!. לחצו <a href="http://shaloti.com/users/login/">כאן</a>';}
                    $register->close();
                }

连接代码:

$mysqli = new mysqli(HOST, USER, PASSWORD, DATABASE);

谢谢。

1 个答案:

答案 0 :(得分:0)

使用mysqli_affected_rows获取插入的行数,如果有任何函数失败,请使用mysqli_error检查错误

$sql = "INSERT INTO `accounts`(`id`, `username`, `email`, `password`, `salt`, `fullname`, `birthdate`, `gender`, `secure question`, `secure answer`, `asked`, `answered`, `lastlogin`) VALUES (NULL, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
if ($register = $mysqli->prepare($sql)) {
    $register->bind_param("ssssssddsdds", $username, $email, $password, $random_salt, $fullname, $birthdate, $gender, $question, $answer, $z, $z, $lastlogin);
    // Execute the prepared query.
    if (!$register->execute()) {
        echo "אירעה שגיאה";
        die("execute() failed: ". mysqli_error($mysqli));
    }

    if(mysqli_affected_rows($register) > 0){
        echo 'אתם נרשמתם בהצלחה!. לחצו <a href="http://shaloti.com/users/login/">כאן</a>';
    }else{
        echo 'Did not inser any row';
    }
}else{
    die("prepare() failed: ". mysqli_error($mysqli));
}
相关问题
最新问题