我想将用户插入我的数据库但是我的浏览器页面中收到错误消息。我打开mysql工作台,服务器在线。 我的代码有什么问题吗?
PHP
$conn = mysql_connect( "localhost", "root", "123456");
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$dbselect = mysql_select_db("inputdatabase");
$username = $_POST['username'];
$password = $_POST['password'];
$sql = "INSERT INTO studenttable (nickname, password) VALUES ('$username', '$password')";
$loginpage = 'C:/website/loginPage.html';
$index = 'C:/website/index.hmtl';
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
header( "Location: $index" );
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
header( "Location: $loginpage" );
}
$conn->close();
}
?>
HTML
<form action="insertUser.php" method="post">
<div class="containerLogin">
<label><b>Username</b></label>
<input type="text" placeholder="Enter Username" name="username" required>
<label><b>Password</b></label>
<input type="password" placeholder="Enter Password" name="password" required>
<button type="submit">Login</button>
<input type="checkbox" checked="checked"> Remember me
</div>
<div class="containerLogin" style="background-color:#f1f1f1">
<button type="buttonLogin" class="cancelbtn">Cancel</button>
<span class="password">Forgot <a href="#">password?</a></span>
</div>
</form>
答案 0 :(得分:0)
行。因此,通过阅读您的代码,您似乎对PHP很新(我可能错了)。我会请求你遵循这个建议:
mysql_*类型的功能。请改用mysqli_*; i代表改进。在PHP v5.5中已弃用mysql,在v7.0中已将其删除。 好吧现在让我们试着解决手头的问题。
(我假设你有PHP 5或更高版本)
为了简洁起见,我不包括用户输入的验证和清理
PHP
if (isset($_POST['submit'])) { // <- Code will run only when the submit button is clicked
// Here the database is included. No need for mysqli_select_db
$conn = new mysqli('localhost', 'root', '12345', 'inputdatabase');
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$username = $_POST['username'];
$password = password_hash($_POST['password'], PASSWORD_DEFAULT); // Encrypt the password)
// Its always good to prepare your sql statements.
$prep = $conn->prepare("INSERT INTO studenttable (nickname, password) VALUES (?,?)");
// Bind parameters
$prep->bind_param("ss", $username, $password);
// Execute the prepared sql statement. This line can even be avoided though
$send = $prep->execute();
// Check if the execution was successful
// Again this check can even be simplified to: if ($send) {...do something;}
if ($send === TRUE) {
echo "New record created successfully"; //<-- You won't get to see this because of the next line.
header("Location: $index");
exit();
} else {
echo "Error: " . $conn->error;
header("Location: $loginpage");
exit();
}
$prep->close();
$conn->close();
}
HTML
只需为html表单按钮使用<input>标记,而不是<button>标记
<form action="" method="post">
<div class="containerLogin">
<label><b>Username</b></label>
<input type="text" placeholder="Enter Username" name="username" required>
<br>
<label><b>Password</b></label>
<input type="password" placeholder="Enter Password" name="password" required>
<br>
<br>
<input type="checkbox" checked="checked">Remember Me
<br>
<br>
</div>
<div class="containerLogin" style="background-color:#f1f1f1">
<!-- Use <input type='submit'> for your form buttons. Instead of <button> -->
<input type="submit" name="submit" value="Login">
<input type="reset" class="cancelbtn" value="Cancel">
<br>
<span class="password">Forgot <a href="#">password?</a></span>
</div>
</form>
这段代码相对更好。但我必须说它甚至可以得到更好的优化和增强。必须验证用户输入,您应将数据库凭据隐藏在另一个文件中并包含在此处等。
我希望这会有所帮助。试试看吧。 我们欢迎更正。