插入查询有时不起作用

时间:2014-12-06 09:40:43

标签: php mysql prepared-statement sql-insert

要插入数据库的PHP代码。代码有时不起作用。大部分时间它确实有效。

<?php
    include 'connection.php';
    if (isset($_POST['docsignup']))
     {

        // prepare and bind
        $stmt = $link->prepare("INSERT INTO doctor_details(firstname, lastname, license_num, zip_code, city, state, email, password, speciality) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)");
        $stmt->bind_param("ssissssss", $docfname, $doclname, $docid, $doczipcode, $city, $state, $docemail, $hash, $speciality);

        // set parameters and execute
        $docfname = $_POST['docfname']; 
        $doclname = $_POST['doclname']; 
        $docemail = $_POST['docemail']; 
        $docloginpassword = $_POST['docloginpassword']; 
        $docid = $_POST['docId']; 
        $speciality = $_POST['speciality']; 
        $city = $_POST['city']; 
        $state = $_POST['state']; 
        $doczipcode = $_POST['doczipcode']; 

        // A higher "cost" is more secure but consumes more processing power
        $cost = 10;

        // Create a random salt
        $salt = strtr(base64_encode(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM)), '+', '.');

        // Prefix information about the hash so PHP knows how to verify it later.
        // "$2a$" Means we're using the Blowfish algorithm. The following two digits are the cost parameter.
        $salt = sprintf("$2a$%02d$", $cost) . $salt;

        // Value:
        // $2a$10$eImiTXuWVxfM37uY4JANjQ==

        // Hash the password with the salt
        $hash = crypt($docloginpassword, $salt);    

        $stmt->execute();

        echo "New records created successfully";

        $stmt->close();
        $link->close();

     }
    ?>

connection.php

<?php
$link = mysqli_connect("localhost","root","","cl10-doctor");
?>

我注意到当我在密码字段中使用大写字母时代码不起作用。

我做错了吗?

1 个答案:

答案 0 :(得分:1)

不要让它区分大小写。让用户输入他/她想要的内容,但在后台将其转换为大写或小写。

密码以不可读的格式存储在数据库中,因此无论是大写还是小写,它都不会产生任何影响。

使用php strtolower()以小写形式转换密码并将其存储在数据库中

登录重复时,请执行与上述相同的操作。