解析错误:语法错误,第65行C {\ xampp \ htdocs \\ server.php中的意外'$ sql'(T_VARIABLE)

时间:2017-10-19 17:12:21

标签: php mysql

我不知道为什么我收到此错误,它会在$sql显示错误。

  

解析错误:语法错误,第65行的C:\ xampp \ htdocs \ coldstar \ server.php中的意外'$ sql'(T_VARIABLE)

文件名是server.php

这是我收到错误的行:

$sql = "INSERT INTO users (firstName, lastName, phoneNumber, userName, emailaddress, coldstarPassword) VALUES ('$firstName', '$lastName', '$phoneNumber', '$userName', '$emailaddress', '$coldstarPassword')";

PHP代码

<?php


 session_start();
        //variable declaration
        $firstName = "";
        $lastName = "";
        $userName = "";
        $emailaddress    = "";
        $errors = array(); 
        $_SESSION['success'] = "";
        //creating a connection to database
        $db = mysqli_connect('localhost', 'root', '', 'registration');

        //if submit button is clicked

        if(isset($POST['signIn']))
        {
            $firstName = mysql_real_escape_string($db, $POST['fname']);
            $lastName = mysql_real_escape_string($db, $POST['lname']);
            $phoneNumber = mysql_real_escape_string($db, $POST['pNo']);
            $userName = mysql_real_escape_string($db, $POST['username']);
            $emailaddress = mysql_real_escape_string($db, $POST['email']);
            $password_1 = mysql_real_escape_string($db, $POST['password_1']);
            $password_2 = mysql_real_escape_string($db, $POST['password_2']);


            //to ensure that all fields are filled properly
            if(empty($firstName))
            {
                array_push($errors, "First name is required"); 
            }
            if(empty($lastName))
            {
                array_push($errors, "Last name is required"); 
            }
            if(empty($phoneNumber))
            {
                array_push($errors, "Phone Number is required"); 
            }
            if(empty($userName))
            {
                array_push($errors, "Username is required"); 
            }
            if(empty($emailaddress))
            {
                array_push($errors, "Email address is required"); 
            }
            if(empty($password_1))
            {
                array_push($errors, "A new Password for coldstar is required"); 
            }
            if(empty($password_2))
            {
                 array_push($errors, "confirmation of password is required"); 
            }
            if($password_1!=$password_2)
            {
                array_push($errors, "Passwords do not match"); 
             } 

            //if there is no errors then save it to database

            if(count($errors) == 0)
            {
                $coldstarPassword = md5($password_1) //encrypt password before 
              storing in database (security)
                 $sql = "INSERT INTO users (firstName, lastName, phoneNumber, userName, emailaddress, coldstarPassword)
                    VALUES ('$firstName', '$lastName', '$phoneNumber', '$userName', '$emailaddress', '$coldstarPassword')";
                    mysqli_query($db, $sql);
                    $_SESSION['userName'] = $userName;
                    $_SESSION['success'] = "You are now logged in";

        }
    }

?>

1 个答案:

答案 0 :(得分:0)

您的评论分为两行:

更改

$coldstarPassword = md5($password_1) //encrypt password before 

storing in database (security)

$coldstarPassword = md5($password_1) //encrypt password before storing in database (security)

安全问题

从不使用md5()加密密码,您可以使用password_hash(),请查看文档:

http://php.net/manual/en/function.password-hash.php