我有一个HTML注册表单,允许新用户注册到该站点。:
<form action="register.php" method="POST" class="register-form">
<h1>Create Account</h1>
<label>
<span>First Name :</span>
<input id="firstname" type="text" name="firstname" placeholder="Your First Name" autocomplete="off" required/>
</label>
<label>
<span>Surname :</span>
<input id="surname" type="text" name="surname" placeholder="Your Surname" autocomplete="off" required/>
</label>
<label>
<span>Username :</span>
<input id="username" type="text" name="username" placeholder="Your Chosen Username" autocomplete="off" required/>
</label>
<label>
<span>Email :</span>
<input id="email" type="email" name="email" placeholder="Your Email Address" autocomplete="off" required/>
</label>
<label>
<span>Password :</span>
<input id="password" type="password" name="password" placeholder="Your Chosen Password" autocomplete="off" required/>
</label>
<hr>
<input name="action" type="hidden" value="signup" />
<input type="submit" class="btn register btn-success btn-lg" name="submit" value="Register">
</form>
哪个去了register.php:
<?php
$connection = mysql_connect('localhost', 'root', 'password');
if (!$connection) {
die("Database Connection Failed" . mysql_error());
}
$select_db = mysql_select_db('gmaps1');
if (!$select_db) {
die("Database Selection Failed" . mysql_error());
}
// If the values are posted, insert them into the database.
if (isset($_POST['username']) && isset($_POST['password'])) {
$firstname = $_POST['firstname'];
$surname = $_POST['surname'];
$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
$query = "INSERT INTO `users` (firstname, surname, username, password, email) VALUES ('$firstname', '$surname', '$username', '$password', '$email')";
$result = mysql_query($query);
if ($result) {
header("Location: thank_you.html");
} else {
echo 'User Not Created';
}
}
?>
但是当我点击“注册”按钮时,它不会保存数据并返回“#Not; User Not Created&#34;”。使用MySQLi而不是MySQL会更好吗?还是有更好的方法可以使用它?
答案 0 :(得分:1)
错误检查解决了我的问题 - “字段'有效'没有默认值”
表'用户'中有一个非活动字段。我摆脱了它,它工作正常。它必须是错误添加的。
答案 1 :(得分:1)
mysql_real_escape
和trim()
,但这只是安全性的起点echo $query
,打开phpMyAdmin(例如)并将输出复制粘贴到SQL字段中并发送 - &gt;您可能会收到可以分析的MySQL错误最好存储密码哈希值。尝试插入MD5($password)
(有更好的选择!)并在登录时进行比较:
if(MD5($ inputPassword)== $ passwordhashFromDatabase){}