我是PHP的新手,我正在尝试为用户构建注册表单并将用户输入保存到数据库,但用户数据不保存到数据库。有人请帮忙!
cofiguration.php
<?php
define('HOST','localhost');
define('USER','root');
define('PASSWORD_HOST','');
define('DATABASE','test_db');
if (defined('HOST') && defined('USER') && defined('PASSWORD_HOST') && defined('DATABASE')){
$conn=mysqli_connect(HOST,USER,PASSWORD_HOST,DATABASE);
}else{
die("connection failed:" .mysqli_connect_error());
}
?>
这里我正在更新我的整个index.php文件。
的index.php
<!DOCTYPE html>
<html>
<style>
.error {color: #FF0000;}
</style>
<?php
require_once "configuration.php";
//set trigger for login form
$registereduserValidInput=true;
if (isset($_POST['RegisterSubmitButton']))
{
//if firstname field is empty
if (empty($_POST["firstname"]))
{
$firstnameErr="Let us know your first name";
$registereduserValidInput=false;
}else
{
$firstname = test_input($_POST["firstname"]);
if (!preg_match("/^[a-zA-Z ]*$/",$firstname))
{
$firstnameErr1="please provide letters only";
$registereduserValidInput=false;
}
}
/*.................................................................................................
...................................................................................................*/
//if last name field is empty
if (empty($_POST["lastname"]))
{
$lastnameErr="Please provide last name";
$registereduserValidInput=false;
}else
{
$lastname=test_input($_POST["lastname"]);
if (!preg_match("/^[a-zA-Z ]*$/",$lastname))
{
$lastnameErr1="Please provide letters only";
$registereduserValidInput=false;
}
}
/*.................................................................................................
...................................................................................................*/
//check email field
if (empty($_POST["useremail"]))
{
$emailErrA = "Email is required";
$registereduserValidInput = false;
}else
{
$email = test_input($_POST["useremail"]);
//email validation
if (!filter_var($email, FILTER_VALIDATE_EMAIL))
{
$emailErr1A = "Invalid email format";
}
}
/*.................................................................................................
...................................................................................................*/
//check password field
if(empty($_POST["userpassword"]))
{
$passwordErr="Password is required";
$registereduserValidInput = false;
}else {
$password = test_input($_POST["userpassword"]);
}
/*.................................................................................................
...................................................................................................*/
//password verification field
if(empty($_POST["verifypassword"]))
{
$verifypasswordErr="Re-enter your Password";
$registereduserValidInput = false;
}else {
$verifypassword = test_input($_POST["verifypassword"]);
}
/*.................................................................................................
...................................................................................................*/
//script to check whether the two password fields matches or not
if (strcmp($password, $verifypassword) !== 0)
{
$passwordnotmatch="Password do no match"; //if passwords do not match generate error to user
$registereduserValidInput = false;
}else {
$passwordmatch="password match";
}
/*.................................................................................................
...................................................................................................*/
/*.................................................................................................
...................................................................................................*/
// if all inputs are provided by user run sql query to check whether email is already registered or not
if($registereduserValidInput==true){
$sql1=mysqli_query($conn, "SELECT * FROM registereduser WHERE useremail='$_POST[email]'");
$rows1 = mysqli_num_rows($sql1);
if($rows1==0)
{
//insert user input to "registeredUser" table
$sqlTable ="INSERT INTO registereduser (firstname, lastname, useremail, userpassword) VALUES ('".$firstname."', '".$lastname."', '".$email."','".$password."')";
mysqli_query($conn, $sqlTable);
}else{
echo "This email ID is already registered with us. kindly login again!";
die;
}
}
}
?>
<body>
<form method="post" action="index.php">
<h2>Registration Form</h2><br><br>
Enter Your First Nmae:<br><br>
<input type="text" name="firstname" placeholder="First Name" value="">
<span class="error"> <?php echo $firstnameErr; ?> </span>
<span class="error"> <?php echo $firstnameErr1; ?> </span><br><br>
Enter Your Last Name:<br><br>
<input type="text" name="lastname" placeholder="Last Name" value="">
<span class="error"> <?php echo $lastnameErr; ?> </span>
<span class="error"> <?php echo $lastnameErr1; ?> </span><br><br>
Enter Your Email:<br><br>
<input type="text" name="useremail" value="" >
<span class="error"> <?php echo $emailErrA;?></span>
<span class="error"> <?php echo $emailErr1A;?></span><br><br>
Enter Your Password:<br><br>
<input type="password" name="userpassword" value="">
<span class="error"> <?php echo $passwordErr;?></span><br><br>
Re-enter Your Password:<br><br>
<input type="password" name="verifypassword" value="">
<span class="error"> <?php echo $verifypasswordErr;?></span>
<span class="error"> <?php echo $passwordmatch;?></span><br><br>
<input type="submit" name="RegisterSubmitButton" value="Click here to Register">
</form>
</body>
</html>
答案 0 :(得分:0)
执行数据库查询和插入的代码应为:
if($registereduserValidInput==true){
$sql1=mysqli_query($conn, "SELECT * FROM registereduser WHERE useremail='$_POST[email]'") or die(mysqli_error($conn));
$rows1 = mysqli_num_rows($sql1);
if($rows1==0)
{
//insert user input to "registeredUser" table
$sqlTable ="INSERT INTO registereduser (firstname, lastname, useremail,userpassword) VALUES ('".$firstname."', '".$lastname."', '".$email."','".$password."')";
mysqli_query($conn, $sqlTable) or die(mysqli_error($conn));
}else{
echo "This email ID is already registered with us. kindly login again!";
die;
}
}
您错过了$conn查询中的SELECT参数(您在SQL末尾有变量),而您从未在mysqli_query()上调用$sqlTable
您还应该查看如何使用预准备语句和bind_param。将变量替换为查询会使您对SQL注入开放。
答案 1 :(得分:0)
我找到的错误很少..
表格中没有密码字段或$ password的任何变量。
未获取任何方法名称 test_input
$sql1=mysqli_query("SELECT * FROM registereduser WHERE useremail='$_POST[email]',$conn");
should be like
$sql1=mysqli_query($conn, "SELECT * FROM mdm_users WHERE school_name='$_POST[useremail]'");
和大多数
$sqlTable ="INSERT INTO 'registereduser' ('firstname', 'lastname', 'useremail','userpassword') VALUES ('".$firstname."', '".$lastname."', '".$email."','".$password."')";
行应该像
$sqlTable ="INSERT INTO registereduser (firstname, lastname, useremail,userpassword) VALUES ('".$firstname."', '".$lastname."', '".$email."','".$password."')";
mysqli_query($conn, $sqlTable);
请删除表名和列名中的单引号。