Question

Goodday house，我正在开发这个网站，它有一个注册/登录页面作为我的第一个项目，我现在正在努力。我在我的注册表单中添加了php验证，但是数据库插入语句拒绝工作，虽然所有条件语句都已完成，但我尝试在insert语句后立即执行重定向循环，但我的脚本会自动（以某种方式）跳转＆＃34; Insert语句＆＃34;并处理重定向代码.. 这是下面的代码

<!-- Php validation-->
<?php
include 'var.php';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    $errors = array(); // Starts an  array to store errors. 
    //Validation rules involves trimming,validating and sanitizating            

    $name = trim($_POST['name']);
    $strippedname = mysqli_real_escape_string($con, strip_tags($name)) ;
    $length = mb_strlen($strippedname, 'utf-8') ;
    if ($length < 8 ) {
        $errors[]= 'Your full name shouldn\'t be less than 8 letters' ;
    } else {
        $name = $strippedname ;
    }

    $email = FALSE ;
    if (empty($_POST['email'])) {
        $errors[] = 'You didn\'t provide any email address' ;
    } // Next is removal of spaces and validation.
    if (filter_var((trim($_POST['email'])), FILTER_VALIDATE_EMAIL)) {
        $email = mysqli_real_escape_string($con, (trim($_POST['email'])));
    }
    else {
        $errors[] = 'Email address was provided in the wrong format';
    }
    $pho = trim($_POST['phone']) ; // next line of code removes all characters that aren't digits
    $phon = preg_replace('/\D+/', '', ($_POST['phone']));
    $strippedphone = mysqli_real_escape_string($con, strip_tags($phon));
    $length = mb_strlen($strippedphone, 'utf-8') ;
    if ($length <> 11 ) {
        $errors[] = 'Phone number should contain only eleven digits';
    }
    else {
        $phone = $strippedphone ;
    }

    $add = trim($_POST['address']) ;
    $strippedadd = mysqli_real_escape_string($con, strip_tags($add)) ;
    $length = mb_strlen($strippedadd, 'utf-8') ;
    if ($length < 15) {
        $errors[]= 'Address should not be lesser than 15 letters' ;
    } else {
        $address = $strippedadd ;
    }


    if (empty($_POST['gender'])) {
        $errors[] = 'You didn\'t select a gender';
    } else {
        $gend = trim($_POST['gender']);
    }

    $user = trim($_POST['username']);
    $strippeduser = mysqli_real_escape_string($con, strip_tags($user)) ;
    $length = mb_strlen($strippeduser, 'utf-8') ;
    if ($length < 6) {
        $errors[] = 'Username should contain a minimum of 6 letters and maximum of 18';
    } else {
        $confirmeduser = $strippeduser ;
    }
    if (empty($_POST['password'])){ 
        $errors[] ='Please enter a valid password';
    }
    if(!preg_match('/^\w{10,40}$/', $_POST['password'])) { 
        $errors[] = 'Invalid password, use 10 to 40 characters without applying spacing.';
    } else{
        $password = $_POST['password'];
    } 


    if($_POST['password'] == $_POST['confirm_password']) { 
        $pass = mysqli_real_escape_string($con, trim($password));
        $newpass = password_hash($pass, PASSWORD_DEFAULT) ;
    }else{
        $errors[] = 'passwords don\'t match.';
    }


    if(empty($errors)) { // If no problems occurred
        //Determine whether the email address has already been registered for a user


        $query = mysqli_query($con, "INSERT INTO `customer`(`name`, `email`, 
                                                                                                        `phone`, `address`, `gender`, `username`, `password`) VALUES($name,$email,$phone,
                                                                                                        $address,$gend,$confirmeduser,$newpass)") ;
        echo "Done";



        // end of mysqli_num_Rows

    } // End of if (empty($errors))
    else{ // Display the errors if any are found.
        echo '
                                                                                <p class="error">The following error(s) were found in the submitted form :<br>';
            foreach ($errors as $msg) { // Echo each error
                echo " $msg<br>";
            }
    }
}
?>

这是html表单

<form action="register.php" method="POST" class="form-horizontal" style="margin-top:30px" id="signup"> 
<fieldset> <div class="form-group">
      <legend> Customer Details </legend>
    </div>
    <div class="form-group">
      <label for="name" class="control-label"> Full Name : </label>
      <input type="text" value="<?php if (isset($_POST['name'])) echo $_POST['name'];  ?>" 
             name="name" placeholder="Your Full Name" class="required" title="Please type in your name" >
    </div>

    <div class="form-group">
      <label for="email" class="control-label"> Email address  </label>
      <input type="text" name="email" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" 
             placeholder="someone@example.com">
    </div>

    <div class="form-group">
      <label for="phone" class="control-label"> Phone Number :</label>
      <input type="tel" name="phone" value="<?php if (isset($_POST['phone'])) echo $_POST['phone']; ?>" 
             placeholder="08137871320" class="required digits">
    </div>

    <div class="form-group">
      <label for="address" class="control-label"> Contact Address : </label>
      <input type="text" name="address" value="<?php if (isset($_POST['address'])) echo $_POST['address']; ?>" 
             placeholder="No 4,street name,ikeja" 
             class="required" title="Please type in contact address plus your city's name">

    </div> 
    <!--<div class="form-group">
        Drop down menu for selecting a state from the 36 states to be provided 

        </div>-->       

    <div class="form-group"> 
      <label for="name">Select Your gender :</label> 
      <select name="gender" class="form-control"> 
        <option value="male" > Male </option>
        <option value="female">Female </option>
      </select> 
    </div>


  </fieldset>

  <fieldset> <div class="form-group">
      <legend> Login Information </legend>
    </div>
    <div class="form-group">
      <label for="username" class="control-label"> Username : </label>
      <input type="text" name="username" placeholder="e.g Lords" value="<?php if (isset($_POST['username']))
                                                                        echo $_POST['username'];  ?>">
    </div>

    <div class="form-group">
      <label for="password" class="control-label"> Password : </label>
      <input type="password" name="password" id="password" placeholder="Your Password Here"> 
    </div>
    <div class="form-group">
      <label for="cpassword" class="control-label">Confirm Password : </label>
      <input type="password" name="confirm_password" placeholder="Confirm Your Password Here">
    </div>

  </fieldset>
</div>
</div>
</div>

<div class="form-group" style="text-align:center">
  <button type="submit" class="btn btn-success" name="submit"> REGISTER </button>
  <button type="reset" id="fat-btn" class="btn btn-danger" data-loading-text="Loading..."> RESET </button> <br>
  <p class="lead">
    Already a registered user ?,do make use of the 
    <a href="login.php" class="navbar-link" data-toggle="tooltip" title="When clicked upon,
                                                                         a page requesting for your username and password is generated,allowing you to book orders">
      login page </a>
  </p>

</div>

</form>

非常感谢您的回复

Answer 1

由于我们很可能处理字符串，这些变量在您的VALUES

中

($name,$email,$phone,$address,$gend,$confirmeduser,$newpass)

需要引用：

('$name','$email','$phone','$address','$gend','$confirmeduser','$newpass')

您是否使用or die(mysqli_error($con))至mysqli_query()

检查了错误

会发出引号错误的信号。

旁注：

您应该使用prepared statements或PDO with prepared statements，他们更安全。

另外注意到Barmar发现：

<?phpinclude 'var.php';

php和include

之间需要有空格

<?php include 'var.php';

除非是复制/粘贴错误或拼写错误。

再次

和>?，另一个应该是?>

的发现错误

在PHP方面：

将error reporting添加到文件的顶部，这有助于查找错误。

<?php 
error_reporting(E_ALL);
ini_set('display_errors', 1);

// rest of your code

旁注：错误报告应仅在暂存时完成，而不是生产。

添加php验证后，Mysqli插入不工作

1 个答案: