基本注册表格

时间:2015-05-22 11:01:56

标签: php mysql

我已创建一个接收用户名,电子邮件和密码的注册表单。 我这样编码:

$(".sort_paginate_ajax").on("click", ".pagination a", function(){

最后,它给了我这个错误:

  

解析错误:语法错误,意外' $ userName'第17行的G:\ XAMPP \ htdocs \ Project EVO 1.0 \ signup.php中的(T_VARIABLE)

我已经看了好几个小时,仍然没有找到任何解决方案。请帮忙!

5 个答案:

答案 0 :(得分:2)

只有当你的字符串用双引号括起来时,PHP才会评估字符串中的变量值。

改变这个:

$dbINSERTuser = 'INSERT INTO user_info (Username, Email, Password, Time)
        VALUE ('$userName', '$eMail', '$passWord', '$time')';

对此:

$dbINSERTuser = "INSERT INTO user_info (Username, Email, Password, Time)
        VALUE ('$userName', '$eMail', '$passWord', '$time')";

但请注意 - 此代码易受SQL注入攻击!

更新: 了解如何使用PHP的PDOprepared statements来确保您的查询安全。

答案 1 :(得分:1)

只需在插入查询中将'替换为"

即可 
$dbINSERTuser = "INSERT INTO user_info (Username, Email, Password, Time)
        VALUE ('$userName', '$eMail', '$passWord', '$time')";

要防止sql注入使用

$dbINSERTuser = "INSERT INTO user_info (Username, Email, Password, Time)
        VALUE ('".$userName."', '".$eMail."', '".$passWord."', '".$time."')";

在mysqli中你可以这样使用

<?php

$link = new mysqli("localhost", "my_user", "my_password", "world");

/* check connection */
if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
}
$userName = $_POST['userName'];
$eMail = $_POST['eMail'];
$passWord = $_POST['passWord'];
$day = date("d-m-Y");
$time = date("h:i:sa");

$dbINSERTuser = "INSERT INTO user_info (Username, Email, Password, Time)
        VALUE ('".$userName."', '".$eMail."', '".$passWord."', '".$time."')";
mysqli_query($link, $query);

阅读mysqli manual

答案 2 :(得分:0)

你忘记了concat字符串 变化

$dbINSERTuser = 'INSERT INTO user_info (Username, Email, Password, Time)
    VALUE ('$userName', '$eMail', '$passWord', '$time')';


$dbINSERTuser = 'INSERT INTO user_info (Username, Email, Password, Time)
    VALUE (' . $userName . ', ' . $eMail . ', ' . $passWord . ', ' . $time .')';

答案 3 :(得分:0)

$dbINSERTuser = 'INSERT INTO user_info (Username, Email, Password, Time)
    VALUE (''.$userName.'', ''.$eMail.'', ''.$passWord.'', ''.$time.'')';

按上述方式更改

答案 4 :(得分:0)

试试这个。

<?php
  $userName = mysql_real_escape_string($_POST['userName']);
  $eMail = mysql_real_escape_string($_POST['eMail']);
  $passWord = mysql_real_escape_string($_POST['passWord']);
  $day = mysql_real_escape_string(date("d-m-Y"));
  $time = mysql_real_escape_string(date("h:i:sa"));

?>
相关问题
最新问题