我不知道为什么我收到此错误,它会在$sql
显示错误。
解析错误:语法错误,第65行的C:\ xampp \ htdocs \ coldstar \ server.php中的意外'$ sql'(T_VARIABLE)
文件名是server.php
这是我收到错误的行:
$sql = "INSERT INTO users (firstName, lastName, phoneNumber, userName, emailaddress, coldstarPassword) VALUES ('$firstName', '$lastName', '$phoneNumber', '$userName', '$emailaddress', '$coldstarPassword')";
PHP代码
<?php
session_start();
//variable declaration
$firstName = "";
$lastName = "";
$userName = "";
$emailaddress = "";
$errors = array();
$_SESSION['success'] = "";
//creating a connection to database
$db = mysqli_connect('localhost', 'root', '', 'registration');
//if submit button is clicked
if(isset($POST['signIn']))
{
$firstName = mysql_real_escape_string($db, $POST['fname']);
$lastName = mysql_real_escape_string($db, $POST['lname']);
$phoneNumber = mysql_real_escape_string($db, $POST['pNo']);
$userName = mysql_real_escape_string($db, $POST['username']);
$emailaddress = mysql_real_escape_string($db, $POST['email']);
$password_1 = mysql_real_escape_string($db, $POST['password_1']);
$password_2 = mysql_real_escape_string($db, $POST['password_2']);
//to ensure that all fields are filled properly
if(empty($firstName))
{
array_push($errors, "First name is required");
}
if(empty($lastName))
{
array_push($errors, "Last name is required");
}
if(empty($phoneNumber))
{
array_push($errors, "Phone Number is required");
}
if(empty($userName))
{
array_push($errors, "Username is required");
}
if(empty($emailaddress))
{
array_push($errors, "Email address is required");
}
if(empty($password_1))
{
array_push($errors, "A new Password for coldstar is required");
}
if(empty($password_2))
{
array_push($errors, "confirmation of password is required");
}
if($password_1!=$password_2)
{
array_push($errors, "Passwords do not match");
}
//if there is no errors then save it to database
if(count($errors) == 0)
{
$coldstarPassword = md5($password_1) //encrypt password before
storing in database (security)
$sql = "INSERT INTO users (firstName, lastName, phoneNumber, userName, emailaddress, coldstarPassword)
VALUES ('$firstName', '$lastName', '$phoneNumber', '$userName', '$emailaddress', '$coldstarPassword')";
mysqli_query($db, $sql);
$_SESSION['userName'] = $userName;
$_SESSION['success'] = "You are now logged in";
}
}
?>
答案 0 :(得分:0)
您的评论分为两行:
更改
$coldstarPassword = md5($password_1) //encrypt password before
storing in database (security)
到
$coldstarPassword = md5($password_1) //encrypt password before storing in database (security)
安全问题
从不使用md5()
加密密码,您可以使用password_hash()
,请查看文档: