因此,当我使用现有数据库凭据登录我的网站时,它会完美登录,将我重定向到Welcome.php页面,然后登录/注册"文本通常位于,它现在显示用户名,类似于:
welcome(用户名)退出。
现在一切都很好。但这是我的问题:
我有一个注册脚本,一旦提交,也会在注册成功后重定向到我的Welcome.php页面。但是"登录/注册"文本没有改变,(实质上意味着没有人登录)当我检查我的数据库时,没有新的条目。
要确认 - 我可以填写我的注册表,然后点击"注册",然后我重定向到Welcome.php页面......但没有任何更改(没有新的凭据存储在除了页面重定向之外的其他任何内容)
我的new_signup.php脚本如下:
<?php
include "scripts/connection.php";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$myusername = mysqli_real_escape_string($link,$_POST['Username']);
$myname = mysqli_real_escape_string($link,$_POST['Name']);
$mypassword = mysqli_real_escape_string($link,$_POST['Password']);
$myemail = mysqli_real_escape_string($link,$_POST['Email']);
$myaddress = mysqli_real_escape_string($link,$_POST['Address']);
$mypostcode = mysqli_real_escape_string($link,$_POST['Postcode']);
//Checks the database to see if username exists already
$query = "SELECT * FROM Customer WHERE Customer_Username = '$myusername'";
$result = mysqli_query($link, $query);
$nums = mysqli_num_rows($result);
//Checks the database to see if email address exists already
$query2 = "SELECT * FROM Customer WHERE Customer_Email = '$myemail'";
$result2 = mysqli_query($link, $query2);
$nums2 = mysqli_num_rows($result2);
if ($nums >= 1)
//informs user if username already exists
echo "Username already exists, click <a href = 'user_login.php'>HERE </a> to try again";
else if ($nums2 >=1)
//informs user if email already exists
echo "Email Address already exists, click <a href = 'user_login.php'>HERE </a> to try again";
else {
$insert = 'INSERT INTO Customer
(Customer_Username, Customer_Name,
Customer_Password, Customer_Email, Customer_Address,
Customer_Postcode)
VALUES("'.$myname.'","'.$myusername.'","'.$mypassword.
'","'.$myemail.'","'.$myaddress.'","'.$mypostcode.'")';
mysqli_query($link, $insert);
mysqli_close($link);
if($insert) {
$_SESSION['message'] = "Registration Successful";
header("Location: /Welcome.php");
} else {
$_SESSION['message'] = "Something went wrong";
}
}
}
?>
所以我需要做的是让用户注册,重定向到welcome.php页面以及存储在数据库中的凭据。还有检查电子邮件/用户名是否已存在。
添加,我的login.php脚本和上面的new_signup.php是单独的php文件。不确定是否按照我的方式进行操作比将登录和注册脚本保存在一个文件中更容易
我已经检查了所有我的数据库字段以及表单字段。 如果需要,很高兴提供更多细节。
感谢您的时间。
更新
我已将代码更新为显示{}并添加了一些建议的评论,当我点击注册时,我知道所有这些都是白色屏幕。
<?php
include "scripts/connection.php";
error_reporting(E_ALL);
ini_set('display_errors', 1);
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$myusername = mysqli_real_escape_string($link,$_POST['Username']);
$myname = mysqli_real_escape_string($link,$_POST['Name']);
$mypassword = mysqli_real_escape_string($link,$_POST['Password']);
$myemail = mysqli_real_escape_string($link,$_POST['Email']);
$myaddress = mysqli_real_escape_string($link,$_POST['Address']);
$mypostcode = mysqli_real_escape_string($link,$_POST['Postcode']);
//Checks the database to see if username exists already
$query = "SELECT * FROM Customer WHERE Customer_Username = '$myusername'";
$result = mysqli_query($link, $query);
$nums = mysqli_num_rows($result);
//Checks the database to see if email address exists already
$query2 = "SELECT * FROM Customer WHERE Customer_Email = '$myemail'";
$result2 = mysqli_query($link, $query2);
$nums2 = mysqli_num_rows($result2);
if ($nums >= 1) {
//informs user if username already exists
echo "Username already exists, click <a href = 'user_login.php'>HERE </a> to try again";
}
else if ($nums2 >=1) {
//informs user if email already exists
echo "Email Address already exists, click <a href = 'user_login.php'>HERE </a> to try again";
}else{
$insert = "INSERT INTO Customer (Customer_Username, Customer_Name, Customer_Password, Customer_Email, Customer_Address, Customer_Postcode)
VALUES('$myname', '$myusername', '$mypassword', '$myemail', '$myaddress', '$mypostcode')";
}
$insertCheck = mysqli_query($link, $insert);
if($insertCheck) {
$_SESSION['message'] = "Registration Successful";
header("Location: /Welcome.php"); exit();
} else {
$_SESSION['message'] = "Something went wrong";
}
}
?>
答案 0 :(得分:0)
很少编辑,您可能希望过滤您的SQL查询以防止注入:
<?php
session_start();
include "scripts/connection.php";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$myusername = mysqli_real_escape_string($link,$_POST['Username']);
$myname = mysqli_real_escape_string($link,$_POST['Name']);
$mypassword = mysqli_real_escape_string($link,$_POST['Password']);
$myemail = mysqli_real_escape_string($link,$_POST['Email']);
$myaddress = mysqli_real_escape_string($link,$_POST['Address']);
$mypostcode = mysqli_real_escape_string($link,$_POST['Postcode']);
//Checks the database to see if username exists already
$query = "SELECT * FROM Customer WHERE Customer_Username = '$myusername'";
$result = mysqli_query($link, $query);
$nums = mysqli_num_rows($result);
//Checks the database to see if email address exists already
$query2 = "SELECT * FROM Customer WHERE Customer_Email = '$myemail'";
$result2 = mysqli_query($link, $query2);
$nums2 = mysqli_num_rows($result2);
if ($nums >= 1)
//informs user if username already exists
echo "Username already exists, click <a href = 'user_login.php'>HERE </a> to try again";
else if ($nums2 >=1)
//informs user if email already exists
echo "Email Address already exists, click <a href = 'user_login.php'>HERE </a> to try again";
else {
$insert = 'INSERT INTO Customer
(Customer_Username, Customer_Name,
Customer_Password, Customer_Email, Customer_Address,
Customer_Postcode)
VALUES("'.$myname.'","'.$myusername.'","'.$mypassword.
'","'.$myemail.'","'.$myaddress.'","'.$mypostcode.'")';
$insertCheck = mysqli_query($link, $insert);
mysqli_close($link);
if($insertCheck) {
$_SESSION['message'] = "Registration Successful";
header("Location: /Welcome.php");
} else {
$_SESSION['message'] = "Something went wrong";
}
}
}
header("Location: /registerview.php");//-->assuming your registration view
&GT;
答案 1 :(得分:0)
更改
$insert = 'INSERT INTO ... VALUES ("'.$myname.'", ...
到
$insert = "INSERT INTO ... VALUES ('".$myname."', ...
(单引号换双引号,反之亦然)