我有一个网页表单,我想连接到数据库,以便将新用户注册到表单中,并在成功时将它们重定向到登录的主页。我的PHP代码不起作用,下面是我得到的PHP代码: -
<?php
$fname = $sname = $schname = $uname = $email = $pword = $pwordconf = "";
if (isset ($_POST ['forename']))
$fname = fix_string ($_POST ['forename']);
if (isset ($_POST ['surname']))
$sname = fix_string ($_POST ['surname']);
if (isset ($_POST ['schoolname']))
$schname = fix_string ($_POST ['schoolname']);
if (isset ($_POST ['username']))
$uname = fix_string ($_POST ['username']);
if (isset ($_POST ['email']))
$email = fix_string ($_POST ['email']);
if (isset ($_POST ['password']))
$pword = fix_string ($_POST ['password']);
$fail = validate_forename($fname);
$fail .= validate_surname($sname);
$fail .= validate_schoolname($schname);
$fail .= validate_email($email);
$fail .= validate_username($uname);
$fail .= validate_password($pword);
if($fail!=""):
?>
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN'
'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en'>
<head>
....web page content....
</html>
<?php
else:
?>
<?php
$servername = "localhost";
$username = "Username";
$password = "password";
$dbname = "mydb";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "INSERT INTO mydb (Forename, Surname, School Name, Email, Username, Password)";
if ($conn->query($sql) === TRUE) {
?>
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN'
'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en'>
<head>
...web page content ...
</body>
</html>
<?php
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
endif;
?>
<?php
else:
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
...web page content ...
</body><!--end of body div-->
</html><!--end of html div-->
<?php
endif;
function validate_forename($fname){
return ($fname == "")? "No forename was entered<br>": "";
}
function validate_surname($sname){
return ($sname == "")? "No surename was entered<br>": "";
}
function validate_schoolname($schname){
return ($schname == "")? "No Primary School was entered<br>": "";
}
function validate_username($uname){
if ($uname == "")
return "No Username was entered<br>";
else if (strlen($uname) < 5)
return "Usernames must be at least 5 character in length<br>" ;
else if (preg_match("/[^a-z A-Z 0-9_-]/", $uname))
return "Only letters, numbers, - and _ allowed in the username<br>";
return "";
}
function validate_password($pword){
if ($pword == "")
return "No password was entered<br>";
else if (strlen($pword) < 6)
return "Passwords must be at least 6 characters in length<br>";
}
function validate_email($email){
if ($email == "")
return "No email was entered<br>";
else if (!((strpos($email, ".") > 0) && (strpos($email, "@") > 0)) || preg_match ("/[^a-z A-Z 0-9.@_-]/", $email))
return "The Email address is invalid<br>";
return "";
}
function fix_string($string){
if (get_magic_quotes_gpc()) $string = stripslashes($string);
return htmlentities ($string);
}
?>
任何人都可以告诉我哪里出错了
编辑:
这是表格的HTML: -
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<link href="myelearningtool.css" rel="stylesheet" type="text/css" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Registration Page for e-Learning Tool Prototype</title><!--this is the title of the page, I have chosen this title as it states exactly what the web page is -->
</head>
<body>
<div class="page">
<div class="header"><!--start of the header which will contain the banner and navigation-->
<ul id="navigation" style="text-align: center">
<li><a href="http://myelearningtool.html">Return To Home Page</a></li>
<li><a href="http://myelearningtoolContactUs.html">Contact Us</a></li>
</ul>
<div id="logo" style="text-align: center">
<img src="images/BS_kids_ELearningToollogo.png" alt="E-Learning Tool Prototype v1" /><!--logo created in photoshop-->
</div><!--end of logo div-->
</div><!--end of header div -->
<div class="content"><!--start of page content -->
<h1>Registration</h1>
<p>Just fill out the form below and register to be able to access the other resources page</p>
<p>Note: - * indicates which fields must be completed</p>
<form method="post" action="php/myelearningtoolregconfirmation.php" onsubmit="return validation(this)" ><!-- Start of the form to be submitted -->
<div class="details">
<fieldset><!--details section-->
<legend><b>Your Details</b></legend>
<label for="fname"> Forename*:</label> <input type="text" name="forename" id="fname" maxlength="20" size="30" tabindex="1" accesskey="q" />
<label for="sname">Surname*:</label><input type="text" name="surname" id="sname" maxlength="20" size="30" tabindex="2" accesskey="w" />
<label for="schname"> School Name*: </label><input type="text" name="schoolname" id="schname" maxlength="20" size="30" tabindex="3" accesskey="e" />
<label for="email">Email Address*: </label><input type="text" name="email" id="email" maxlength="20" size="30" tabindex="9" />
</fieldset>
</div><!--end of details-->
<div class="login_details">
<fieldset><!--conact information-->
<legend><b>Login Details</b></legend>
<label for="uname">Username*:</label><input type="text" name="username" id="uname" tabindex="a" />
<label for="pword">Password*: </label><input type="text" name="password" id="pword" tabindex="b" />
</fieldset>
<p><input type="submit" value="Enter" /></p>
</div><!--end of login details-->
</form><!--end of form div -->
</div><!--end of page content div-->
<div class="footer">
</div><!--end of footer div-->
</div>
</body><!--end of body div-->
</html><!--end of html div-->
第二次编辑
将sql insert查询更正为: -
$sql = "INSERT INTO ELearningTool ($fname, $sname, $schname, $uname, $email, $pword, $pwordconf)";
答案 0 :(得分:2)
您的解决方案很难阅读。
首先,我更喜欢声明这样的变量。
$fname = "";
$sname = "";
$schname = "";
$uname = "";
$email = "";
$pword = "";
$pwordconf = "";
您应该将您的函数声明与HTML块分开。在单独的文件中或至少在文档的顶部。
FUNTIONS
function validate_forename($fname){
return ($fname == "")? "No forename was entered<br>": "";
}
function validate_surname($sname){
return ($sname == "")? "No surename was entered<br>": "";
}
function validate_schoolname($schname){
return ($schname == "")? "No Primary School was entered<br>": "";
}
function validate_username($uname){
if ($uname == "")
return "No Username was entered<br>";
else if (strlen($uname) < 5)
return "Usernames must be at least 5 character in length<br>" ;
else if (preg_match("/[^a-z A-Z 0-9_-]/", $uname))
return "Only letters, numbers, - and _ allowed in the username<br>";
return "";
}
function validate_password($pword){
if ($pword == "")
return "No password was entered<br>";
else if (strlen($pword) < 6)
return "Passwords must be at least 6 characters in length<br>";
}
function validate_email($email){
if ($email == "")
return "No email was entered<br>";
else if (!((strpos($email, ".") > 0) && (strpos($email, "@") > 0)) || preg_match ("/[^a-z A-Z 0-9.@_-]/", $email))
return "The Email address is invalid<br>";
return "";
}
function fix_string($string){
if (get_magic_quotes_gpc()) $string = stripslashes($string);
return htmlentities ($string);
}
在if(condition) { ?> HTML <?php }中混合使用html和php非常糟糕,难以阅读/关注。
考虑对条件HTML块使用以下其中一项
<?php if(condition) : ?>
html
<?php endif; ?>
或使用缓冲区
<?php if(condition) { ob_start(); } ?>
HTML
<?php $html = ob_get_clean(); ?>
您的SQL查询错误,您需要为列提供值。
$values = sprintf("'%s', '%s', '%s', '%s', '%s', '%s'", 'String1', 'String2', 'String3', 'String4', 'String5', 'String6', 'String7');
$sql = "INSERT INTO mydb (Forename, Surname, School_Name, Email, Username, Password) VALUES($values)";
$ sql的输出
string(149)&#34; INSERT INTO mydb(Forename,Surname,School_Name,Email, 用户名,密码)VALUES(&#39; String1&#39;,&#39; String2&#39;,&#39; String3&#39;,&#39; String4&#39;, &#39; String5&#39;,&#39; String6&#39;)&#34;
更改表格列&#34; 学校名称&#34; School_Name 或其中没有空格的内容。
此外,您永远不应该让userinput以这种方式输入您的SQL查询,您应该使用参数化查询,我建议您查找PDO。