您好我已经在谷歌过了3个小时了,我只是找不到我的代码中的错误,我总是得到(抱歉,您的注册失败。请回去再试一次。)就像我的registerquery是空的。我想我已经做对了...感谢您的帮助,我做了一些改动,但仍然无法做到:/
<?php
if(!empty($_POST['username']) && !empty($_POST['password'])&& !empty($_POST['password1']))
{
$servername = "localhost";
$name = "root";
$pass = "";
$dbname = "users";
$link = mysqli_connect($servername, $name, $pass, $dbname);
if (!$link) {
die("Connection failed: " . mysqli_connect_error());
}
}
$username = mysqli_real_escape_string($link,$_POST['username']);
$password = password_hash($_POST['password'], PASSWORD_DEFAULT);
$password1 = password_hash($_POST['password1'], PASSWORD_DEFAULT);
$email = mysqli_real_escape_string($link,$_POST['email']);
$checkusername = mysqli_query($link,"SELECT * FROM users WHERE Username = '".$username."'");
if(mysqli_num_rows($checkusername) == 1)
{
echo "<h1>Error</h1>";
echo "<p>Sorry, that username is taken. Please go back and try again.</p>";
}
else
{
$registerquery = mysqli_query($link,"INSERT INTO users (ID,Username,Password,EmailAddress) VALUES(NULL,'".$username."', '".$password."', '".$email."')");
echo($registerquery);
if($registerquery)
{
echo "<h1>Success</h1>";
echo "<p>Your account was successfully created. Please <a href=\"index.php\">click here to login</a>.</p>";
}
else
{
echo "<p>Sorry, your registration failed. Please go back and try again.</p>";
}
}
mysqli_close($link);
?>
答案 0 :(得分:4)
您使用mysql_real_escape_string
其余部分使用mysqli
(因为您应该这样做,因为mysql_*
已被弃用)。
mysql_real_escape_string
将无效,并且将返回false
,因此$username === false
。首先连接,然后逃跑。
您需要在此处使用的功能是mysqli_real_escape_string($link, $var)
。