我写了几个包含PHP代码的文件,如下所示:创建了一个登录页面,输入了你的用户名,密码和名称,你的cookie被盐渍和散列,所以没有人可以编辑你的cookie。输入您的详细信息后,您应该能够看到您的数据显示在“用户”表中。但是,我在MySQL中获得的是“MySQL返回一个空结果集(即零行)。(查询耗时0.0000秒。)”
我将文件命名为“connect2000.php”:
<?php
$dbserver = "localhost";
$dbuser = "root";
$dbpassword = "";
$dbname = "tutorial";
$dbcon = mysqli_connect($dbserver, $dbuser, $dbpassword, $dbname);
if(!$dbcon) {
die("Error connecting to database: " . mysqli_error());
}
echo "You have connected successfully";
mysqli_select_db($dbcon, $dbname) or die("Unable to select database: " .
mysqli_error());
$query = "CREATE TABLE users (
Username VARCHAR(30) NOT NULL,
Password VARCHAR(100) NOT NULL,
ID INT NOT NULL,
Name VARCHAR (30) NOT NULL,
Salt VARCHAR(100) NOT NULL,
PRIMARY KEY (ID))";
$result = mysqli_query($dbcon, $query);
if(!result) die("Database access failed: " . mysqli_error());
?>
我将文件命名为“register2000.php”:
<?php
require_once 'connect2000.php';
$connection = mysqli_connect("localhost", "root", "", "tutorial") or
die("Couldn't connect
to the server!");
//error reporting(0);
if(isset($_POST['register'])){
if(isset($_POST['username']) && isset($_POST['password'])) {
$username = mysqli_real_escape_string($_POST['username']);
$password = mysqli_real_escape_string(hash("sha512",
$_POST['password']));
$name = "";
if(isset($_POST['name'])) {
$name = mysqli_real_escape_string(strip_tags($_POST['name']));
}
$check = mysqli_fetch_array(mysqli_query("SELECT * FROM `users` WHERE
`username` = '$username'"));
if($check != '0') {
die("That username already exists! Try <i>$username" .rand(1, 50).
"</i> instead
<a href = 'register2000.php'>← Back</a>");
}
if(!ctype_alnum($username)) {
die("Username contains special characters! Only numbers and letters
are permitted!
<a href = 'register.php'>← Back</a>");
}
if(strlen($username)>20) {
die("Username must not contain more than 20 characters! <a href =
'register2000.php'>← Back</a>");
}
$salt = hash("sha512", rand().rand().rand());
mysqli_query("INSERT INTO `users` (`username`, `password`, `name`,
`salt`) VALUES ('$username',
'$password', '$name', '$salt')");
setcookie("c_user", hash("sha512", $username), time() + 24 * 60 * 60,
"/");
setcookie("c_salt", $salt, time() + 24 * 60 * 60, "/");
die("Your account has been created and you are now logged in.");
}
}
echo "
<body style = 'font-family : verdana, sans-serif'>
<div style = 'width: 80%; padding: 5px 15px 5px; border: 1px solid
#e3e3e3;
background-color: #fff; color: #000; margin-left: auto;>
<h1>Register<h1>
<br />
<form action = '' method = 'post'>
<table>
<tr>
<td>
<b>Username:</b>
</td>
<td>
<input type = 'text' name = 'username' style = 'padding: 4px;'
/>
</td>
</tr>
<tr>
<td>
<b>Password:</b>
</td>
<td>
<input type = 'password' name = 'password' style = 'padding:
4px;' />
</td>
</tr>
<tr>
<td>
<b>Name:</b>
</td>
<td>
<input type = 'text' name = 'name' style = 'padding: 4px;' />
</td>
</tr>
<tr>
<td>
<input type = 'submit' name = 'register' value = 'Register' />
</td>
</tr>
</table>
</form>
<br />
<h6>
No account? <a href='register2000.php'>Register!</a>
</h6>
</div>
</body>
";
还有另外两个文件,“index2000.php”和另一个逃脱盐渍饼干的文件。这两个文件与这个讨论无关。我的问题是,你们当中有人可以告诉我为什么我的数据库中没有出现任何数据吗?已创建表“users”,但没有任何属性。
答案 0 :(得分:1)
代码的问题是mysqli_real_escape_string()需要在该函数中传递DB连接参数。
参考手册:
mysqli_query()函数也是如此。
检查错误会发出信号:
脚注: