我检查了一遍又一遍又一遍。我是新手使用预备语句,所以除非我做错了。
在我添加所有字段之前,这是有效的。当它只是用户名和密码时,它工作。 - 我检查了我的所有文字名称,它们都匹配。我的数据库列名也与代码完全匹配。
有人可以帮帮我吗?我准备结束这个准备好的陈述废话,我准备跳船。
<?php
session_start();
require 'lib/password.php';
require 'connect.php';
if(isset($_POST['register'])){
$username = !empty($_POST['username']) ? trim($_POST['username']) : null;
$pass = !empty($_POST['password']) ? trim($_POST['password']) : null;
$email = !empty($_POST['email']) ? trim($_POST['email']) : null;
$firstname = !empty($_POST['firstname']) ? trim($_POST['firstname']) : null;
$lastname = !empty($_POST['lastname']) ? trim($_POST['lastname']) : null;
$profileurl = !empty($_POST['profileurl']) ? trim($_POST['profileurl']) : null;
$steam64id = !empty($_POST['steam64id']) ? trim($_POST['steam64id']) : null;
$steamurl = !empty($_POST['steamurl']) ? trim($_POST['steamurl']) : null;
$sql = "SELECT COUNT(username) AS num FROM users WHERE username = :username";
$stmt = $pdo->prepare($sql);
$stmt->bindValue(':username', $username);
$stmt->execute();
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if($row['num'] > 0){
alert("Username already exists!");
die();
}
$sql = "SELECT COUNT(email) AS num FROM users WHERE email = :email";
$stmt = $pdo->prepare($sql);
$stmt->bindValue(':email', $email);
$stmt->execute();
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if($row['num'] > 0){
alert("Email already exists!");
die();
}
$passwordHash = password_hash($pass, PASSWORD_BCRYPT, array("cost" => 12));
$sql = "INSERT INTO users (firstname, lastname, email, password, truckermpurl, steam64id, steamurl, username) VALUES (:firstname, :lastname, :email, :password, :truckermpurl, :steam64id, steamurl, username)";
$stmt = $pdo->prepare($sql);
$stmt->bindValue(':firstname', $firstname);
$stmt->bindValue(':lastname', $lastname);
$stmt->bindValue(':email', $email);
$stmt->bindValue(':password', $passwordHash);
$stmt->bindValue(':truckermpurl', $profileurl);
$stmt->bindValue(':steam64id', $steam64id);
$stmt->bindValue(':steamurl', $steamurl);
$stmt->bindValue(':username', $username);
$result = $stmt->execute();
if($result){
//What you do here is up to you!
alert("Thanks for registering.");
exit();
}
}
?>
答案 0 :(得分:1)
您期待参数
$stmt->bindValue(':steamurl', $steamurl);
$stmt->bindValue(':username', $username);
但是,您已在预准备语句中声明了SQL
... , steamurl, username)"
应该是
... , :steamurl, :username)"
答案 1 :(得分:0)
我设法通过更改数据库列名和变量名来使其工作。奇怪的。也许这只是我忽略的东西。话虽这么说,似乎警报()也引起了我的麻烦所以我用了
$_SESSION['errormessage']
header('location: error.php')
其中error.php将回显我的会话错误消息。现在完美运作!也许这可以帮助别人。