我对PHP很陌生,所以请耐心等待。我有一个注册表单,我提交在该表单上输入的值并将它们插入到MySQL数据库表中,但我收到以下错误:
对用户' @' localhost'拒绝ErrorAccess到数据库' myproject'
我已授予我在我的代码中使用的所有用户访问权限,但我仍然遇到此错误。任何帮助表示赞赏,积分将被授予!
这是我的HTML表单:
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" type="text/css" href="stylesheet.css">
<title>Registration Page</title>
<script>
function validateForm() {
var x = document.forms["myForm"]["netID"].value;
if (x == null || x == "") {
alert("NetID must be filled out");
return false;
}
var y = document.forms["myForm"]["email"].value;
if (y == null || y == "") {
alert("Email must be filled out");
return false;
}
var n = document.forms["myForm"]["fname"].value;
if (n == null || n == "") {
alert("First Name cannot be blank");
return false;
} else if (n.length < 2) {
alert("First name cannot be less than 2 characters!");
return false;
}
var b = document.forms["myForm"]["lname"].value;
if (b == null || b == "") {
alert("Last Name cannot be blank");
return false;
} else if (b.length < 2) {
alert("Last Name cannot b less than 2 characters!");
return false;
}
}
</script>
</head>
<body>
<ul>
<br>
<br>
<br>
<br>
<center><img src="KSUlogo.PNG" alt="logo" style="width:100px;height:50px;"></center>
<br>
<br>
<br>
<br>
<br>
<li><a class="active" href="#home">Home</a></li>
<br>
<br>
<br>
<br>
<li><a href="#news">News</a></li>
<br>
<br>
<br>
<br>
<li><a href="#contact">Contact</a></li>
<br>
<br>
<br>
<br>
<li><a href="#about">About</a></li>
<br>
<br>
<br>
<br>
</ul>
<h1 style="text-align:center;">CCSE Community Profile Page</h1>
<br>
<br>
<br>
<br>
<br>
<h2 style="text-align:center;">Enter your Registration Information</h2>
<div style="text-align:center">
<form name="myForm" action="RegistrationValues.php"
onsubmit="return validateForm()" method="post">
<center>NetID: <input type="text" name="netID"></center>
<br>
<center>Email: <input type="text" name="email"></center>
<br>
<center>First Name: <input type="text" name="fname"></center>
<br>
<center>Last Name: <input type="text" name="lname"></center>
<br>
<br>
Services You Can Provide the CSE Community</center><br>
<br>
<input type="checkbox" name="radio" value="Java"> Java Tutoring<br>
<input type="checkbox" name="radio" value="Computer" checked> Computer Fixing<br>
<input type="checkbox" name="radio" value="PHP" checked> PHP Tutoring<br>
<br><br>
<select name="availabilty">
<option value="blank"></option>
<option value="Java">Morning</option>
<option value="Computer">Evening</option>
<option value="Service">Afternoon</option>
</select>
<br><br>
<center><input type="submit" value="Submit"></center>
</form>
</div>
</body>
</html>
这是我的PHP表单:
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" type="text/css" href="stylesheet.css">
<title>Registration Page</title>
</head>
<body>
<?php include "header.html";?>
<?php include "navigation.html";?>
<div style="text-align:center">
<p>netID: <?php echo $_POST["netID"]?></p>
<p>Email: <?php echo $_POST["email"]?></p>
<p>First Name <?php echo $_POST["fname"]?></p>
<p>Last Name: <?php echo $_POST["lname"]?></p>
<?php
$netID = $email = $fname = $lname = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$netID = test_input($_POST["netID"]);
$email = test_input($_POST["email"]);
$fname = test_input($_POST["fname"]);
$lname = test_input($_POST["lname"]);
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$servername = "localhost";
$username = "myUser";
$password = "newpassword";
$dbname = "myproject";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
mysql_select_db("$dbname") or die( 'Error'. mysql_error() );
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
mysql_query("insert into ProfileInformation (netID, email, fname, lname, radio, availabilty)
values
('$_POST[netID]','$_POST[email]','$_POST[fname]','$_POST[lname]','$_POST[radio]','$_POST[availabilty]')")
or die(mysql_error());
echo "Done!!!!";
$stmt->close();
$conn->close();
?>
</body>
</html>
似乎正在阅读&#39;&#39;作为某个地方的用户名,但我不确定。 提前致谢。非常感谢。
答案 0 :(得分:1)
你需要选择一个api并使用它而不是混合n匹配 - 但是,说使用预准备语句而不是直接在qql中嵌入$_POST变量会更好。顺便说一句,$ _POST中的名称需要引用,除非它们作为常量存在!
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$conn->query("insert into ProfileInformation (netID, email, fname, lname, radio, availabilty)
values
( '{$_POST['netID']}', '{$_POST['email']}', '{$_POST['fname']}', '{$_POST['lname']}', '{$_POST['radio']}', '{$_POST['availabilty']}' )") or die(mysql_error());
echo "Done!!!!";
$conn->close();
现在您已经解决了连接问题(顺便说一句 - 问题是什么?您应该分享它未来读者失败的原因)您最初提供的SQL很容易被SQL注入。首选方法是使用prepared statement,如下所示:
if( isset( $_POST['netID'], $_POST['email'], $_POST['fname'], $_POST['lname'], $_POST['radio'], $_POST['availabilty'] ) ) {
$host = 'localhost';
$uname = 'xxx';
$pwd = 'xxx';
$db = 'xxx';
$conn = new mysqli( $host, $uname, $pwd, $db );
if ( !$conn ) {
die("Connection failed: " . mysqli_connect_error() );
}
$sql='insert into `ProfileInformation` ( `netID`, `email`, `fname`, `lname`, `radio`, `availabilty` ) values ( ?,?,?,?,?,? );';
$stmt=$conn->prepare( $sql );
if( $stmt ){
$netid=$_POST['netID'];
$email=$_POST['email'];
$fname=$_POST['fname'];
$lname=$_POST['lname'];
$radio=$_POST['radio'];
$avail=$_POST['availabilty'];
/*
use i for integers
use s for strings
*/
$stmt->bind_params( 'isssss', $netid,$email,$fname,$lname,$radio,$avail );
$result=$stmt? 'Success!' : 'Fail!';
$stmt->close();
$conn->close();
} else {
echo 'Error creating statement';
}
} else {
echo 'One or more required POST variables are not set';
}
答案 1 :(得分:1)
检查你的phpmyadmin。您使用的用户 myUser 和密码 newpassword 我认为这不存在。来自phpmyadmin-&gt;用户帐户和check.you可以尝试这样做: -
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "myproject";