我有以下注册php脚本。我希望得到一个json回复 {"导致":"成功""消息":" 123"}
其中123是注册用户的id。我想要这个id,以后用户可以将数据发布到其他表。
但是我明白了。
{"result":"fail","message":null}
这是我的剧本。
<?php
session_start();
require "init.php";
header('Content-type: application/json');
$id = $_POST['id'];
$email = $_POST['email'];
$user_name = $_POST['user_name'];
$user_pass = $_POST['user_pass'];
$passwordEncrypted = sha1($user_pass);
$confirmPass = $_POST['confirm_pass'];
$confPasswordEncrypted = sha1($confirmPass);
$msg = "Congratulations. You are now registered to the most amazing app
ever!";
if(!filter_var($email, FILTER_VALIDATE_EMAIL)){
$don = array('result' =>"fail","message"=>"Please enter a valid email");
}
if($email && $user_name && $user_pass && $confirmPass && filter_var($email, FILTER_VALIDATE_EMAIL)){
$sql_query = "select * from user_info WHERE email ='".mysqli_real_escape_string($con, $email)."' or user_name
='".mysqli_real_escape_string($con, $user_name)."'";
$result = mysqli_query($con, $sql_query);
$results = mysqli_num_rows($result);
if ($results){
$don = array('result' =>"fail","message"=>"Email or username exists.");
}else{
//This is where I am trying to get the id
while($row = mysqli_fetch_array($result)) {
$posts['id'] = $row['id'];
}
$sql_query = "insert into user_info values('$id','$email','$user_name','$passwordEncrypted','$confPasswordEncrypted');";
if(mysqli_query($con,$sql_query)){
$_SESSION['id'] = mysqli_insert_id($con);
//And this is the json response I was talking about
$don = array('result' =>"success","message"=>$posts['id']);
mail($email,"Well done. You are registered to my sample app!",$msg);
}
}
}else if(!$email){
$don = array('result' =>"fail","message"=>"Please enter a valid email");
}else if(!$user_name){
$don = array('result' =>"fail","message"=>"Please enter your username");
}else if(!$user_pass){
$don = array('result' =>"fail","message"=>"Please enter a password");
}else if(!confirmPass){
$don = array('result' =>"fail","message"=>"Please confirm your
password");
}
echo json_encode($don);
?>
答案 0 :(得分:5)
更改
$don = array('result' =>"success","message"=>$posts['id']);
到
$don = array('result' =>"success","message"=>$_SESSION['id']);
$ posts [&#39; id&#39;]始终为null,因为该行未插入数据库。删除该代码。
答案 1 :(得分:1)
更改
$don = array('result' =>"success","message"=>$posts['id']);
要:
$don = array('result' =>"success","message"=>mysqli_insert_id($con));
问题在于您指的是始终为$posts['id']的{{1}}您尝试在此设置:
null请注意,如果$results = mysqli_num_rows($result);
if ($results){
$don = array('result' =>"fail","message"=>"Email or username exists.");
}else{
while($row = mysqli_fetch_array($result)) {
$posts['id'] = $row['id'];
}
...
不包含任何行,我们只会到达while。因此,$result为false,并且此循环从不执行。事实上,这个循环在这个脚本中没用,应该删除。
这超出了您的问题的范围,但您应该考虑以下事项:
mysqli_fetch_array($result)的重点是什么?你永远不会检查密码和确认通行证匹配。$confirmPass查询至少会转义值,但您的SELECT查询却没有。这让你对SQL注入攻击持开放态度。INSERT不是散列pwd进行存储的好方法。请改用PHP的sha1($user_pass)和password_hash函数。 See the guide 答案 2 :(得分:-1)
您不需要以下行,因此请在选择查询之前删除它们。
//This is where I am trying to get the id
while($row = mysqli_fetch_array($result)) {
$posts['id'] = $row['id'];
}
您可以替换
$don = array('result' =>"success","message" => $posts['id']);
带
$don = array('result' =>"success","message"=> mysqli_insert_id($con));
也不需要会话。