某些表单数据未显示/保存到数据库

时间:2015-05-19 01:36:23

标签: php mysql

首先,我已经被告知我在这里问了一个重复的问题,但没有。同样的代码是的,但我遇到了一个不同的问题。其次,生病也添加我的HTML表单,我认为可能不会导致我的错误。 当我通过wamp服务器SQL控制台查看时,除了fname / lname之外,我的表单数据都没有保存/显示在我的数据库中。另外,我只允许向我的表添加一行数据,然后当我尝试添加更多行时,我的表查询会不断死亡。我出错了什么建议?

<?php 

 require_once 'log.php';

 $salt1 = "qm&h*";
 $salt2 = "pg!@";

 $user = isset($_POST['user']) ? $_POST['user'] : '';
 $password = isset($_POST['password']) ? $_POST['password'] : '';
 $vpassword = isset($_POST['vpassword']) ? $_POST['vpassword'] : '';
 $email = isset($_POST['email']) ? $_POST['email'] : '';
 $fname = isset($_POST['fname']) ? $_POST['fname'] : '';
 $lname =isset($_POST['lname']) ? $_POST['lname'] : '';
 $gend = isset($_POST['gend']) ? $_POST['gend'] : '';

 $token  = md5("$salt1$password$salt2");

$query = "INSERT INTO members(user,password,vpassword,fname,lname,email,gend) VALUES('$user','$password','$vpassword','$fname','$lname','$email','$gend')";
$result = mysqli_query($conn, $query);
if (!$result) die ("Database access failed: " . mysql_error());
echo "You have been successfully registered";
echo '<br /> <br /><a href ="index.php" >Return to home page</a>';

mysqli_close($conn);

?>

HTML页面

      <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>

  <title>Registration</title>
  <link type="text/css" rel="stylesheet" href="style.css" />
  <script type="text/javascript" src="twitch_val.js"></script>
</head>
<body>
 <div id="d1">
         <img src="bann.png" style="float:right;" alt="ban"/><br/>
         <h1>Chaguramas <br/>Twitchers <br/>Collective</h1>
    </div>
 <div id="d4">
  <ul>
  <li><a href="index.php">Home</a></li>
  <li><a href="Login.php">Login</a></li>
  <li><a href="Regis.php">Register</a></li>
  <li><a href="contact.php">Contact Us</a></li>
  <li> <form method="post" action="" name="Search" id="search" ><fieldset>
  <input type="text" name="sitesearch"/></fieldset><!--Search bar included in ul to keep inline with div container-->
</form></li>
</ul>
 </div> 
 <div id="d5">
         <div id="f4"> <h1>Register  <img src="fea2.png" alt="fe"/></h1></div>
         <form method="post" action="Regis_populate.php" name="Regis" id="regis" onsubmit="validation();"><fieldset>
         <br/>
         <h2>Account Information</h2>   <!--Registration split between account items and personal items-->
Username:<input type="text" name="user" id="user"/>
<br/><br/>
Password:<input type="password" name="password" id="password"/>
<br/><br/>
Verify Password:<input type="password" name="vpassword" id="vpassword"/>
<br/><br/>
Email:<input type="text" name="email" id="email"/>
<br/><br/></fieldset>
</form>
    </div>
<div id="d6">
       <form method="post" action="Regis_populate.php" name="Regis" id="regis" onsubmit="validation();"><fieldset>
         <h2>Personal Information</h2>
First name:<input type="text" name="fname" id="fname"/> Last name:<input type="text" name="lname" id="lname"/>
<br/><br/>
Gender:<input type="radio" name="sex1" id="gend"/>Male
<input type="radio" name="sex2" id="gend"/>Female
<br/><br/>


<img src="cap.jpg" id="captchaimg" alt="cpa"/>  <!--CAPCHA code borrowed from  http://webdesignpub.com/html-contact-form-captcha/-->
<br/>
<label for="message">Enter the code above here to complete registration:</label><br/>
<input id="letters_code" name="letters_code" type="text"/>
<br/><br/>
<input type="submit" value="Submit" id="Submit" onclick="validation();"/>
<br/><br/></fieldset>
 </form>
</div>





</body>
</html>

的Javascript

function validation(){

    var us = document.getElementById("user").value; 
    var ps = document.getElementById("password").value;
    var vps = document.getElementById("vpassword").value;
    var em = document.getElementById("email").value;    
    var fn = document.getElementById("fname").value;
    var ln = document.getElementById("lname").value;


    var us_names= new RegExp (/[a-zA-Z0-9._-]$/);
    var pass = new RegExp (/[a-zA-Z0-9._-]$/);
    var names = new RegExp (/[a-zA-Z]$/);
    var email = new RegExp (/[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/);

    var u = document.forms["Regis"]["user"].value;
    if (u == null || u == "") {
        alert("Please enter a user name");
        return false;
    }
    var user = us_names.test(us);
    if (user == false){
        alert("Invalid user name. Please re-enter.");
        return false;
    }

    var p = document.forms["Regis"]["password"].value;
    if (p == null || p == "") {
        alert("Please enter a password");
        return false;
    }
    var passwrd = pass.test(ps);
    if (passwrd == false){
        alert("Invalid password. Please re-enter.");
        return false;   
    }

    var vp = document.forms["Regis"]["vpassword"].value;
    if (vp == null || vp == "") {
        alert("Please enter identical password");
        return false;
    }
    if (vps != ps){
        alert("Passwords not identical. Please re-enter");
        return false;   
    }

    var e = document.forms["Regis"]["email"].value;
    if (e == null || e == "") {
        alert("Please enter an email address");
        return false;
    }


    var f = document.forms["Regis"]["fname"].value;
    if (f == null || f == ""){
        alert("Please enter your first name");
        return false;
    }
    var fname = names.test(fn);
    if (fname == false){
        alert(" First name entered cannot be recorded. Please re-enter");
        return false;
    }

    var l = document.forms["Regis"]["lname"].value;
    if (l == null || l == ""){
        alert("Please enter your last name");
        return false;
    }
    var lname = names.test(nn);
    if (lname == false){
        alert("Last name entered cannot be recorded. Please re-enter");
        return false;
    }
    if(document.Regis.sex1.checked == false && document.Regis.sex2.checked == false){
        alert("Please select a gender. Either male or female");
        return false;
    }
}

1 个答案:

答案 0 :(得分:2)

在这段时间之后,我终于发现了问题所在。

您正在使用两种单独的表单( 3技术上),其中一些元素正在丢失,这是一个超出范围的问题。

将所有表单元素放在一个一组<form></form>标记内。

  • 您还使用mysql_error()混合API,该mysqli_error($conn)应为table,并且无法查看可能发生的数据库错误。
  • 如果您在某处设置了约束,那么这就是您无法添加更多行的原因。

旁注:您目前的代码向SQL injection开放。使用mysqli with prepared statementsPDO with prepared statements他们更安全

关于密码存储:

我注意到你正在使用MD5。这种散列方法很旧并且被认为是破碎的,不再被认为是安全的。

我建议您使用CRYPT_BLOWFISH或PHP 5.5&#39 {s} password_hash()功能。对于PHP&lt; 5.5使用password_hash() compatibility pack