与本书相比,我仔细检查了我的代码,我确信我正确输入了代码。页面加载,如果我将字段留空或者密码和确认密码字段不匹配,则显示错误。但是,如果我正确完成表单并提交,则MySQL数据库不会获取传递给它的信息。 “注册!”并且登录页面也没有显示。我直接通过Ubuntu检查了MySQL数据库,用户表仍为空(空集(0.00秒))。 phpMyAdmin也返回空,“MySQL返回一个空结果集(即零行)。(查询耗时0.0011秒)”,对于users表也是如此。
<!DOCTYPE HTML>
<html lang="en">
<head>
<metacharset="UTF-8">
<title>Register Page</title>
</head>
<body>
<?php
$page_title = 'Register';
include('/var/www/html/learn/php/header.html');
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
require('/var/www/connect_db.php');
$errors = array();
if(empty($_POST['first_name']))
{
$errors[] = 'Enter your first name.';
}
else
{
$fn = mysqli_real_escape_string($dbc, trim($_POST['first_name']));
}
if(empty($_POST['last_name']))
{
$errors[] = 'Enter your last name.';
}
else
{
$ln = mysqli_real_escape_string($dbc, trim($_POST['last_name']));
}
if(empty($_POST['email']))
{
$errors[] = 'Enter your email address.';
}
else
{
$e = mysqli_real_escape_string($dbc, trim($_POST['email']));
}
if(!empty($_POST['pass1']))
{
if($_POST['pass1'] != $_POST['pass2'])
{
$errors[] = 'Passwords do not match.';
}
else
{
$p = mysqli_real_escape_string($dbc, trim($_POST['pass1']));
}
}
else
{
$errors[] = 'Enter your password.';
}
if(empty($errors))
{
$q = "SELECT user_id FROM users WHERE email='$e'";
$r = mysqli_query($dbc, $q);
if(mysqli_num_rows($r) != 0)
{
$errors[] = 'Email address already registered. <a href="login.php">Login</a>';
}
}
if(empty($errors))
{
$q = "INSERT INTO users
(first_name, last_name, email, pass, reg_date)
VALUES ('$fn', '$ln', '$e', SHA1('$p'), NOW())";
$r = mysqli_query($dbc, $q);
if($r)
{
echo '<h1>Registered!</h1>
<p>You are now registered.</p>
<p><a href="login.php">Login</a></p>';
}
mysqli_close($dbc);
include('/var/www/html/learn/php/footer.html');
exit();
}
else
{
echo '<h1>Error!</h1>
<p id="err_msg">The following error(s) occurred:<br>';
foreach($errors as $msg)
{
echo "- $msg<br>";
}
echo 'Please try again.</p>';
mysqli_close($dbc);
}
}
?>
<h1>Register</h1>
<form action="register.php" method="POST">
<p>
First Name: <input type="text" name="first_name" value="<?php if(isset($_POST['first_name'])) echo $_POST['first_name'];?>">
Last Name: <input type="text" name="last_name" value="<?php if(isset($_POST['last_name'])) echo $_POST['last_name'];?>">
</p>
<p>
Email Address: <input type="text" name="email" value="<?php if(isset($_POST['email'])) echo $_POST['email'];?>">
</p>
<p>
Password: <input type="password" name="pass1" value="<?php if(isset($_POST['pass1'])) echo $_POST['pass1'];?>">
Confirm Password: <input type="password" name="pass2" value="<?php if(isset($_POST['pass2'])) echo $_POST['pass2'];?>">
</p>
<p>
<input type="submit" value="Register">
</p>
</form>
<?php include('/var/www/html/learn/php/footer.html');?>
</body>
</html>
这是我认为我的问题所在,但我尝试了各种替代方案,仍然无法获取数据以将用户插入MySQL数据库:
if(empty($errors))
{
$q = "INSERT INTO users
(first_name, last_name, email, pass, reg_date)
VALUES ('$fn', '$ln', '$e', SHA1('$p'), NOW())";
$r = mysqli_query($dbc, $q);
if($r)
{
echo '<h1>Registered!</h1>
<p>You are now registered.</p>
<p><a href="login.php">Login</a></p>';
}
mysqli_close($dbc);
include('/var/www/html/learn/php/footer.html');
exit();
}
else
{
echo '<h1>Error!</h1>
<p id="err_msg">The following error(s) occurred:<br>';
foreach($errors as $msg)
{
echo "- $msg<br>";
}
echo 'Please try again.</p>';
mysqli_close($dbc);
}
我不确定为什么这本书会让我输入“if($ r)”,但请告诉我它的含义并显示我搞砸的地方。
答案 0 :(得分:0)
你的问题:
您正在复制变量$ q&amp; $ R。在这里改变
if(empty($errors))
{
// changing the variable name here to $s and $m
$s = "SELECT user_id FROM users WHERE email='$e'";
$m = mysqli_query($dbc, $s);
if(mysqli_num_rows($m) != 0)
{
$errors[] = 'Email address already registered. <a href="login.php">Login</a>';
}
}
$q = "INSERT INTO users
(first_name, last_name, email, pass, reg_date)
VALUES ('$fn', '$ln', '$e', SHA1('$p'), NOW())";
$r = mysqli_query($dbc, $q);
同时删除附加的if语句,因为它没有任何用途。另外请使用参数化查询来防止sql注入。希望你明白。