我遇到了问题" INSERT INTO"用MySQL。我正在尝试创建一个userData表,用户可以在其中输入新的用户名和密码,然后确认他们的用户已添加到数据库中。目前这只是一个演示,所以如果有重复的用户等并不重要。这是我现在的代码。
<? include("header.php"); ?>
<form name="form" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<!-- Username input -->
<p><label for="txtusername" class="text-center">Username:</label>
<br><input type="text" title="Enter your new username" name="txtPassword" /></p>
<!-- Password input -->
<p><label for="txtpassword" class="text-center">Password:</label>
<br><input type="password" title="Enter your password" name="txtPassword" /></p>
<!-- Password confirmation -->
<p><label for="txtpasswordconfirm" class="text-center">Confirm Password:</label>
<br><input type="password" title="Confirm your password" name="txtPassword" /></p>
<p><input type="submit" name="Submit" value="Submit" /></p>
</form>
<?
//Connect to the user content database
$con = mysql_connect("localhost","my_username","my_password") or die(mysql_error());
mysql_select_db("userData") or die(mysql_error());
// Define a variable for the user input
$input_username = $_POST['txtpassword'];
$input_password = hash("md5", $_POST['txtusername']);
$input_password_confirm = hash("md5", $_POST['txtpasswordconfirm']);
echo "Input username: " . $input_username . "<br>";
echo "Input password hash: " . $input_password;
echo "Input password confirmation hash: " . $input_password_confirm;
echo "Are the hashes equal: " . hash_equals($input_password, $input_password_confirm);
if($input_password == $input_password_confirm) {
$sql = "INSERT INTO nickpalm_userData (username, passwordHash)
VALUES
('$input_username', '$input_password')";
//Attempt to create a new user and show a success message
if(mysql_query($sql)) {
echo "<script type=\"text/javascript\">alert('Thank you! Your data has been submitted');</script>";
}
//If there is an error creating the user, then show an error
else {
echo "ERROR: " . $user_query . "<br>" . mysql_error($con);
}
}
?>
当我访问网页并尝试此操作时,没有消息表明用户已按照我的意图添加到数据库中,只需单击“提交”按钮即可刷新页面。我的表单有问题还是仅仅是我缺乏MySql的经验?以下是该页面的链接:http://nick-palmer-design.com/projects/CTF/newuser.php
答案 0 :(得分:0)
除非我遗漏了某些内容,否则这应该是您转换为MySQLi的确切代码 - 它应该也能正常工作。
<p><label for="txtpasswordconfirm" class="text-center">Confirm Password:</label>
<br><input type="password" title="Confirm your password" name="txtPassword" /></p>
<p><input type="submit" name="Submit" value="Submit" /></p>
</form>
<?
//Connect to the user content database
$con = mysqli_connect("localhost", "my_username", "my_password", "userData") or die("Error " . mysqli_error($con));
// Define a variable for the user input
$input_username = mysqli_real_escape_string($con, $_POST['txtpassword']);
$input_password = password_hash($_POST['txtusername'], PASSWORD_DEFAULT);
$input_password_confirm = password_hash($_POST['txtpasswordconfirm'], PASSWORD_DEFAULT);
echo "Input username: " . $input_username . "<br>";
echo "Input password hash: " . $input_password;
echo "Input password confirmation hash: " . $input_password_confirm;
echo "Are the hashes equal: " . hash_equals($input_password, $input_password_confirm);
if($input_password == $input_password_confirm) {
$sql = "INSERT INTO `userData` (`username`, `passwordHash`) VALUES ('$input_username', '$input_password')";
//Attempt to create a new user and show a success message
if($sql) {
echo "<script type=\"text/javascript\">alert('Thank you! Your data has been submitted');</script>";
}
//If there is an error creating the user, then show an error
else {
echo "ERROR: " . $user_query . "<br>" . mysqli_error($con);
}
}
?>