所以我有一个网站使用注册/登录系统为用户创建一个帐户。我在MAMP的本地主机上完美地运行了该站点。但是,我将我的站点和数据库上传到实时服务器,我收到错误。以下是注册页面。当用户注册时,应该将他们带到他们的帐户页面,但是注册页面会刷新并且会出现以下错误:
警告:session_start():无法发送会话cookie - 已经发送的标头(输出从/srv/disk4/2113278/www/lucasclarke.co.nf/webTechFinal/connections.php开始: 16)在第7行的/srv/disk4/2113278/www/lucasclarke.co.nf/webTechFinal/Register.php
警告:session_start():无法发送会话缓存限制器 - 已发送的标头(输出始于/srv/disk4/2113278/www/lucasclarke.co.nf/webTechFinal/connections.php: 16)在第7行的/srv/disk4/2113278/www/lucasclarke.co.nf/webTechFinal/Register.php
警告:无法修改标题信息 - 已经发送的标题(输出从/srv/disk4/2113278/www/lucasclarke.co.nf/webTechFinal/connections.php:16开始)/第16行的srv / disk4 / 2113278 / www / lucasclarke.co.nf / webTechFinal / Register.php
请注意,用户注册的信息正确地进入我的数据库,但网站的功能与我在本地主机上的功能不同。有什么想法吗?提前谢谢。
<?php require 'connections.php'; ?>
<?php
if(isset($_POST['register'])) {
session_start();
$fname = $_POST['first_name'];
$lname = $_POST['last_name'];
$email = $_POST['email'];
$pw = $_POST['password'];
$sql = $con->query("INSERT INTO user (Fname, Lname, Email, Password)Values('{$fname}', '{$lname}', '{$email}', '{$pw}')");
header('Location: Login.php');
}
?>
<!------------------------------------------------------------------>
<!DOCTYPE HTML>
<html lang="en">
<head>
<title>Notekeep</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css">
</head>
<body>
<div class="container">
<h1 class="title">Register<img src="logo.png" id="logo"></h1>
<form action="" method="post" name="registerform" id="registerform">
<div>
<input name="first_name" type="text" required="required" id="first_name" placeholder="First Name">
</div>
<div>
<input name="last_name" type="text" required="required" id="last_name" placeholder="Last Name">
</div>
<div>
<input name="email" type="email" required="required" id="email" placeholder="Email">
</div>
<div>
<input name="password" type="password" required="required" id="password" placeholder="Password">
</div>
<div>
<!-- <input name="password2" type="password" required="required" id="password2" placeholder="Re-Enter Password"> -->
</div>
<div>
<input name="register" type="submit" class="button" id="register" value="Register">
</div>
</form>
<a class="link" href="Login.php">Login</a>
</div>
</body>
</html>
答案 0 :(得分:0)
正如我在评论中提到的,您的标题应如下所示:
<?php
require('connections.php');
// Remove space, should be continuous
// I would personally start session here
session_start();
if(isset($_POST['register'])) {
$fname = $_POST['first_name'];
$lname = $_POST['last_name'];
$email = $_POST['email'];
$pw = $_POST['password'];
// !! This is injection-prone !!
// You need to use bind parameters, this is unsafe
$sql = $con->query("INSERT INTO user (Fname, Lname, Email, Password)Values('{$fname}', '{$lname}', '{$email}', '{$pw}')");
header('Location: Login.php');
// Add here so the script stops execution
exit;
}
?>
另外,请注意您容易受到的SQL注入。你应该使用参数绑定:
function insertNewUser($array,$con)
{
foreach($array as $key => $value) {
$key = trim($key,':');
$new[":{$key}"] = $value;
}
// I am assuming the use of PDO
$query = $con->prepare("INSERT INTO `user` (`Fname`,`Lname`,`Email`,`Password`) VALUES (:0,:1,:2,:3)");
$query->execute($new);
}
使用:
$data = array(
$_POST['first_name'],
$_POST['last_name'],
$_POST['email'],
$_POST['password']
);
// Use the function
insertNewUser($data,$con);
header('Location: Login.php');
exit;
最后,您不应该将明文密码插入数据库。您应该使用password_hash()和password_verify() (或兼容的库)。