connect_error什么也不返回,但代码不起作用

时间:2015-10-08 15:48:44

标签: php mysql

它始终返回空connect_error值。它正确连接到mySQL。我想在我的页面上创建简单的注册系统。我是PHP和HTML的新手,所以我不知道这段代码有什么问题。我认为MySQL可以正常工作,所以我的SQL代码可能有问题吗?

这是我的PHP代码:

<?php
$link = @new mysqli('valid localhost', 'valid user', 'valid password', 'valid database');
if ($link->connect_error!=0) {
    die('Could not connect: ' . $link->connect_error); 
}

$login = $_POST['login'];
$password = $_POST['password'];
$confirm = $_POST['confirmpassword'];
$email = $_POST['email'];

$result = mysql_query($sql, "SELECT COUNT(*) AS num_rows FROM `users` WHERE username='{$login}' LIMIT 1;");
$row = mysql_fetch_array($sql, $result);
if($row["num_rows"] < 0){
    header('Location: index.php');
    return;
}

if($password != $confirm) {
    header('Location: index.php');
    return;
}


$login = htmlentities($login, ENT_QUOTES, "UTF-8");
$password = htmlentities($password, ENT_QUOTES, "UTF-8");
$email = htmlentities($email, ENT_QUOTES, "UTF-8");

$sql = sprintf("INSERT INTO `users` (`username`, `password`, `email`) VALUES
('%s', '%s', '%s');",
mysqli_real_escape_string($link, $login),
mysqli_real_escape_string($link, $password),
mysqli_real_escape_string($link, $email));
if (mysql_query($sql, $link)) {
    echo "User created successfully!\n";
} else {
    echo 'Error creating user: ' . $link->connect_error . "\n";
}
?>

HTML code:

<!DOCTYPE HTML>
<html lang="en">
<head>
    <meta charset="utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
    <title>Awesome title</title>
</head>

<body>

    Register<br /><br />

    <form action="register.php" method="post">

        Login: <br /> <input type="text" name="login" /> <br />
        Email: <br /> <input type="email" name="email" /> <br />
        Password: <br /> <input type="password" name="password" /> <br />
        Confirm password: <br /> <input type="password" name="confirmpassword" /> <br /><br />
        <input type="submit" value="Register" />

    </form>
</body>
</html>

和MySQL表:

CREATE TABLE IF NOT EXISTS `users` (
  `username` text collate utf8_polish_ci NOT NULL,
  `password` text collate utf8_polish_ci NOT NULL,
  `email` text collate utf8_polish_ci NOT NULL
) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_polish_ci;

这就是我得到的:

  

创建用户时出错:

3 个答案:

答案 0 :(得分:0)

更改

echo 'Error creating user: ' . $link->connect_error . "\n";

echo 'Error creating user: ' . $link->error . "\n";

另外,你将mysql和mysqli混合在一起,并将面向对象与程序混合。

试试这个:

<?php
$link = @new mysqli('valid localhost', 'valid user', 'valid password', 'valid database');
if ($link->connect_error) {
    die('Could not connect: ' . $link->connect_error); 
}

$login = $_POST['login'];
$password = $_POST['password'];
$confirm = $_POST['confirmpassword'];
$email = $_POST['email'];

$result = $link->query("SELECT COUNT(*) AS num_rows FROM `users` WHERE username='{$login}' LIMIT 1;");
$row = $result->fetch();
if($result->num_rows < 0){
    header('Location: index.php');
    return;
}

if($password != $confirm) {
    header('Location: index.php');
    return;
}


$login = htmlentities($login, ENT_QUOTES, "UTF-8");
$password = htmlentities($password, ENT_QUOTES, "UTF-8");
$email = htmlentities($email, ENT_QUOTES, "UTF-8");

$sql = sprintf("INSERT INTO `users` (`username`, `password`, `email`) VALUES
('%s', '%s', '%s');",
$link->real_escape_string($login),
$link->real_escape_string($password),
$link->real_escape_string($email));
if ($link->query($sql)) {
    echo "User created successfully!\n";
} else {
    echo 'Error creating user: ' . $result->error . "\n";
}
?>

答案 1 :(得分:0)

此代码导致您遇到麻烦。首先,您正在混合API。这里有mysql_*(不推荐使用),而你的连接是OOP MySQLi(你不能混合MySQL API)。

if (mysql_query($sql, $link)) {
    echo "User created successfully!\n";
} else {
    echo 'Error creating user: ' . $link->connect_error . "\n";
}

你应该有这样的东西,用一种风格坚持纯粹:正如我推荐的(你开始做的)与OOP MySQLi。

if ($link->query($sql)) {
    echo "User created successfully!\n";
} else {
    echo 'Error creating user: ' . $link->connect_error . "\n";
}

这段代码编写得很糟糕。它会使您的SQL查询被破坏。

$sql = sprintf("INSERT INTO `users` (`username`, `password`, `email`) VALUES
('%s', '%s', '%s');",
mysqli_real_escape_string($link, $login),
mysqli_real_escape_string($link, $password),
mysqli_real_escape_string($link, $email));

您似乎正在尝试阻止SQL注入?我可以建议使用准备好的语句吗?这是现代标准,看起来更好。

if (!$stmt = $link->prepare("INSERT INTO users (username, password, email) VALUES (?, ?, ?)")) {
    // Something went wrnog, here handle it
    return false;
}
$stmt->bind_param('sss', $login, $password, $email)
$stmt->execute();
$stmt->close();

pind_param中,第一个参数是sss - 这代表字符串,字符串,字符串 - 因为您的$login, $password, $email都是字符串。请注意,此数字必须与prepare中的问号数相匹配。您也应该对第一个查询执行相同的操作,您可以选择

答案 2 :(得分:0)

变化

if (mysql_query($sql, $link)) {
    echo "User created successfully!\n";
} else {
    echo 'Error creating user: ' . $link->connect_error . "\n";
}

if ($link->query($sql)) {
    printf("User created successfully!\n");
}

这应该适合你。