如何解决内部服务器错误 - PHP?

时间:2018-01-27 03:05:33

标签: php mysql sql prepared-statement

我检查了一遍又一遍又一遍。我是新手使用预备语句,所以除非我做错了。

在我添加所有字段之前,这是有效的。当它只是用户名和密码时,它工作。 - 我检查了我的所有文字名称,它们都匹配。我的数据库列名也与代码完全匹配。

有人可以帮帮我吗?我准备结束这个准备好的陈述废话,我准备跳船。

<?php
session_start();
require 'lib/password.php';
require 'connect.php';

if(isset($_POST['register'])){

$username = !empty($_POST['username']) ? trim($_POST['username']) : null;
$pass = !empty($_POST['password']) ? trim($_POST['password']) : null;
$email = !empty($_POST['email']) ? trim($_POST['email']) : null;
$firstname = !empty($_POST['firstname']) ? trim($_POST['firstname']) : null;
$lastname = !empty($_POST['lastname']) ? trim($_POST['lastname']) : null;
$profileurl = !empty($_POST['profileurl']) ? trim($_POST['profileurl']) : null;
$steam64id = !empty($_POST['steam64id']) ? trim($_POST['steam64id']) : null;
$steamurl = !empty($_POST['steamurl']) ? trim($_POST['steamurl']) : null;


$sql = "SELECT COUNT(username) AS num FROM users WHERE username = :username";
$stmt = $pdo->prepare($sql);

$stmt->bindValue(':username', $username);

$stmt->execute();

$row = $stmt->fetch(PDO::FETCH_ASSOC);

if($row['num'] > 0){
    alert("Username already exists!");
    die();
}

$sql = "SELECT COUNT(email) AS num FROM users WHERE email = :email";
$stmt = $pdo->prepare($sql);

$stmt->bindValue(':email', $email);

$stmt->execute();

$row = $stmt->fetch(PDO::FETCH_ASSOC);

if($row['num'] > 0){
    alert("Email already exists!");
    die();
}

$passwordHash = password_hash($pass, PASSWORD_BCRYPT, array("cost" => 12));

$sql = "INSERT INTO users (firstname, lastname, email, password, truckermpurl, steam64id, steamurl, username) VALUES (:firstname, :lastname, :email, :password, :truckermpurl, :steam64id, steamurl, username)";
$stmt = $pdo->prepare($sql);

$stmt->bindValue(':firstname', $firstname);
$stmt->bindValue(':lastname', $lastname);
$stmt->bindValue(':email', $email);
$stmt->bindValue(':password', $passwordHash);
$stmt->bindValue(':truckermpurl', $profileurl);
$stmt->bindValue(':steam64id', $steam64id);
$stmt->bindValue(':steamurl', $steamurl);
$stmt->bindValue(':username', $username);


$result = $stmt->execute();

if($result){
    //What you do here is up to you!
    alert("Thanks for registering.");
    exit();
}

}

?>

2 个答案:

答案 0 :(得分:1)

您期待参数

$stmt->bindValue(':steamurl', $steamurl);
$stmt->bindValue(':username', $username);

但是,您已在预准备语句中声明了SQL

... , steamurl, username)"

应该是

... , :steamurl, :username)"

答案 1 :(得分:0)

我设法通过更改数据库列名和变量名来使其工作。奇怪的。也许这只是我忽略的东西。话虽这么说,似乎警报()也引起了我的麻烦所以我用了

$_SESSION['errormessage']
header('location: error.php')

其中error.php将回显我的会话错误消息。现在完美运作!也许这可以帮助别人。