我在youtube上关注本教程,制作社交网络。我必须注册我的用户。但是当我注册时,数据库上没有任何内容。我的文件是:
的index.php
<?php include ("./inc/header.inc.php");?>
<?php
date_default_timezone_set('UTC');
$reg = @$_POST['reg'];
//declaring variables
$fn = "";//First name
$ln ="";//Last name
$un = "";//Username
$em = "";//Email
$em2 = "";//Email 2
$pswd = "";//Password
$pswd2 = "";//Password 2
$d = "";//Sign Up Date
$u_check = ""; // Check if username exists
//registration form
$fn = strip_tags(@$_POST['fname']);
$ln = strip_tags(@$_POST['lname']);
$un = strip_tags(@$_POST['username']);
$em = strip_tags(@$_POST['email']);
$em2 = strip_tags(@$_POST['email2']);
$pswd = strip_tags(@$_POST['password']);
$pswd2 = strip_tags(@$_POST['password2']);
$d = date("Y-m-d"); // Year - Month - Day
if ($reg) {
if ($em==$em2) {
// Check if user already exists
$u_check = mysqli_query("SELECT username FROM users WHERE username='$un'");
// Count the amount of rows where username = $un
$check = mysqli_num_rows($u_check);
//Check whether Email already exists in the database
$e_check = mysqli_query("SELECT email FROM users WHERE email='$em'");
//Count the number of rows returned
$email_check = mysqli_num_rows($e_check);
if ($check == 0) {
if ($email_check == 0) {
//check all of the fields have been filed in
if ($fn&&$ln&&$un&&$em&&$em2&&$pswd&&$pswd2) {
// check that passwords match
if ($pswd==$pswd2) {
// check the maximum length of username/first name/last name does not exceed 25 characters
if (strlen($un)>25||strlen($fn)>25||strlen($ln)>25) {
echo "The maximum limit for username/first name/last name is 25 characters!";
}
else
{
// check the maximum length of password does not exceed 25 characters and is not less than 5 characters
if (strlen($pswd)>30||strlen($pswd)<5) {
echo "Your password must be between 5 and 30 characters long!";
}
else
{
//encrypt password and password 2 using md5 before sending to database
$pswd = md5($pswd);
$pswd2 = md5($pswd2);
$query = mysqli_query("INSERT INTO users VALUES ('','$un','$fn','$ln','$em','$pswd','$d','0','Write something about yourself.','','','no')");
die("<h2>Welcome to findFriends</h2>Login to your account to get started ...");
}
}
}
else {
echo "Your passwords don't match!";
}
}
else
{
echo "Please fill in all of the fields";
}
}
else
{
echo "Sorry, but it looks like someone has already used that email!";
}
}
else
{
echo "Username already taken ...";
}
}
else {
echo "Your E-mails don't match!";
}
}
?>
<?
//Login Script
if (isset($_POST["user_login"]) && isset($_POST["password_login"])) {
$user_login = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["user_login"]); // filter everything but numbers and letters
$password_login = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["password_login"]); // filter everything but numbers and letters
$md5password_login = md5($password_login);
$sql = mysqli_query("SELECT id FROM users WHERE username='$user_login' AND password='$md5password_login' AND closed='no' LIMIT 1"); // query the person
//Check for their existance
$userCount = mysqli_num_rows($sql); //Count the number of rows returned
if ($userCount == 1) {
while($row = mysqli_fetch_array($sql)){
$id = $row["id"];
}
$_SESSION["id"] = $id;
$_SESSION["user_login"] = $user_login;
$_SESSION["password_login"] = $password_login;
exit("<meta http-equiv=\"refresh\" content=\"0\">");
} else {
echo 'That information is incorrect, try again';
exit();
}
}
?>
<div style="float: left;">
<h2>Already a Memeber? Login below ...</h2>
<form action="index.php" method="post" name="form1" id="form1">
<input type="text" size="40" name="user_login" id="user_login" class="auto-clear" title="Username ..." /><p />
<input type="text" size="40" name="password_login" id="password_login" value="Password ..." /><p />
<input type="submit" name="button" id="button" value="Login to your account">
</form>
</div>
<div style="float: right; width: 240px;">
<h2>Sign up Below ...</h2>
<form action="#" method="post">
<input type="text" size="40" name="fname" class="auto-clear" title="First Name" value="<? echo $fn; ?>"><p />
<input type="text" size="40" name="lname" class="auto-clear" title="Last Name" value="<? echo $ln; ?>"><p />
<input type="text" size="40" name="username" class="auto-clear" title="Username" value="<? echo $un; ?>"><p />
<input type="text" size="40" name="email" class="auto-clear" title="Email" value="<? echo $em; ?>"><p />
<input type="text" size="40" name="email2" class="auto-clear" title="Repeat Email" value=" <? echo $em2; ?>"><p />
<input type="password" size="40" name="password" value="Password ..."><p />
<input type="password" size="40" name="password2" value="Password ..."><p />
<input type="submit" name="reg" value="Sign Up!">
</form>
</div>
connect.inc.php:
<?php
$con = mysqli_connect("localhost", "root", "password") or die("Unable to connect");
mysqli_select_db($con, "socialnetworkdatabase") or die("Could not open the db");
mysqli_close($con);
?>
当我在phpmyadmin上打开数据库时,它显示:MySQL返回一个空结果集(即零行)。 (查询耗时0.0000秒。)
我编写了代码index.php,它看起来像这样:
<?php include ("./inc/header.inc.php");?>
<?php include("./inc/connect.inc.php");?>
<?php
$con = mysqli_connect("localhost" ,"root" ,"iamanasian", "theworlddatabase" );
date_default_timezone_set('UTC');
if(isset($_POST['reg'])){
$reg = $_POST['reg'];
//declaring variables
$fn = "";//First name
$ln ="";//Last name
$un = "";//Username
$em = "";//Email
$em2 = "";//Email 2
$pswd = "";//Password
$pswd2 = "";//Password 2
$d = "";//Sign Up Date
$u_check = ""; // Check if username exists
//registration form
$fn = stripslashes($_POST['fname']);
$fn = mysqli_real_escape_string($con,$_POST['fname']);
$ln = stripslashes($_POST['lname']);
$ln = mysqli_real_escape_string($con,$_POST['lname']);
$un = stripslashes($_POST['username']);
$un = mysqli_real_escape_string($con,$_POST['username']);
$em = stripslashes($_POST['email']);
$em = mysqli_real_escape_string($con,$_POST['email']);
$em2 = stripslashes($_POST['email2']);
$em2 = mysqli_real_escape_string($con,$_POST['email2']);
$pswd = stripslashes($_POST['password']);
$pswd = mysqli_real_escape_string($con,$_POST['password']);
$pswd2 = stripslashes($_POST['password2']);
$pswd2 = mysqli_real_escape_string($con,$_POST['password2']);
$d = date("Y-m-d"); // Year - Month - Day
if ($reg) {
if ($em==$em2) {
// Check if user already exists
$u_check = mysqli_query($con, "SELECT username FROM users WHERE username='$un'");
// Count the amount of rows where username = $un
$check = mysqli_num_rows($u_check);
//Check whether Email already exists in the database
$e_check = mysqli_query($con,"SELECT email FROM users WHERE email='$em'");
//Count the number of rows returned
$email_check = mysqli_num_rows($e_check);
if ($check == 0) {
if ($email_check == 0) {
//check all of the fields have been filed in
if ($fn&&$ln&&$un&&$em&&$em2&&$pswd&&$pswd2) {
// check that passwords match
if ($pswd==$pswd2) {
// check the maximum length of username/first name/last name does not exceed 25 characters
if (strlen($un)>25||strlen($fn)>25||strlen($ln)>25) {
echo "The maximum limit for username/first name/last name is 25 characters!";
}
else
{
// check the maximum length of password does not exceed 25 characters and is not less than 5 characters
if (strlen($pswd)>30||strlen($pswd)<5) {
echo "Your password must be between 5 and 30 characters long!";
}
else
{
//encrypt password and password 2 using md5 before sending to database
$pswd = md5($pswd);
$pswd2 = md5($pswd2);
$query = mysqli_query($con,"INSERT INTO users (id, username, first_name, last_name, email, password, sign_up_date, activated ) VALUES ('','$un','$fn','$ln','$em','$pswd','$d','0','Write something about yourself.','','','no')");
die("<h2>Welcome to findFriends</h2>Login to your account to get started ..." ) or die(mysqli_error($con));
}
}
}
else {
echo "Your passwords don't match!";
}
}
else
{
echo "Please fill in all of the fields";
}
}
else
{
echo "Sorry, but it looks like someone has already used that email!";
}
}
else
{
echo "Username already taken ...";
}
}
else {
echo "Your E-mails don't match!";
}
}
}
?>
<div style="width: 800px; margin: 0px auto 0px auto;">
<table>
<tr>
<td width="60%" valign="top">
<h2>Enter the New World Today!</h2>
</td>
<td width="40%" valign="top">
<h2>Sign Up Below!</h2>
<form action="#" method="POST">
<input type="text" name="fname" size="25" placeholder="First Name"><br/> <br/>
<input type="text" name="lname" size="25" placeholder="Last Name"><br/><br/>
<input type="text" name="username" size="25" placeholder="Username"><br/><br/>
<input type="text" name="email" size="25" placeholder="Email"><br/><br/>
<input type="text" name="email2" size="25" placeholder="Re-enter Email"><br/><br/>
<input type="password" name="password" size="25" placeholder="Password"><br/><br/>
<input type="password" name="password2" size="25" placeholder="Re-enter Password"><br/><br/>
<input type="submit" name="reg" value="Enter The World!">
</form>
</td>
</tr>
</table>
<?php include ("./inc/footer.inc.php");?>
它还没有工作
答案 0 :(得分:1)
首先,您没有将数据库连接变量$con传递给任何查询,是必需的。
$u_check = mysqli_query("SELECT username FROM users WHERE username='$un'");
$e_check = mysqli_query("SELECT email FROM users WHERE email='$em'");
$query = mysqli_query("INSERT INTO users VALUES ('','$un','$fn','$ln','$em','$pswd','$d','0','Write something about yourself.','','','no')");
$sql = mysqli_query("SELECT id FROM users WHERE username='$user_login' AND password='$md5password_login' AND closed='no' LIMIT 1"); // query the person
像这样使用它并为其他人做同样的事情:
mysqli_query($con, "SELECT ...
mysqli_query($con, "INSERT ...
关于INSERT的旁注:最好在执行INSERT时包含实际列。
即:INSERT INTO table (column_x, column_y) VALUES ('value_x', 'value_y')
由于您使用的是sessions,因此您可能还缺少session_start();,这是必需的,并且使用sessions放置在每个文件的顶部。
您应该使用or die(mysqli_error($con))至mysqli_query()以获取错误(如果有)。
另外,将其添加到文件顶部:
error_reporting(E_ALL);
ini_set('display_errors', 1);
旁注:错误报告应仅在暂存时完成,而不是生产。
从POST变量中删除@个符号;它们可以抑制潜在的错误。
另外,使用mysqli_real_escape_string()和stripslashes()
strip_tags()。
即:
$fn = stripslashes($_POST['fname']);
$fn = mysqli_real_escape_string($con,$_POST['fname']);
并为其他人做同样的事。
使用mysqli with prepared statements或PDO with prepared statements。
对于密码存储,请使用以下任何一项,不要使用MD5,它已经过时并被认为已损坏。
password_hash()功能
对于PHP&lt; 5.5使用password_hash() compatibility pack。修改
放置以下内容并将大括号括在您要执行的代码中:
// This is related to your named submit button
if(isset($_POST['reg'])){
// code to execute
}
这就是您收到Undefined index: reg通知的原因。
编辑#2:
放置以下内容并将大括号括在您要执行的代码中:
<?php include ("./inc/header.inc.php");?>
<?php
date_default_timezone_set('UTC');
if(isset($_POST['reg'])){
$reg = $_POST['reg'];
//declaring variables
$fn = "";//First name
$ln ="";//Last name
// put the rest of your code
}
}
} // closing brace for if(isset($_POST['reg']))
?>
<div style="float: left;">
// rest of your code
解析错误:语法错误,意外'{
很可能是由未设置短标签引起的。
变化
<?
//Login Script
到
<?php
//Login Script