我将表单中的数据发布到此逻辑以注册用户。我的问题是如何在此逻辑中将发布到$ userpw变量的信息传递给令牌,然后将令牌内容作为用户密码插入到数据库中。我是PHP的新手,请放轻松我。我是否只是改变了insert语句以包含令牌变量而不是userpw one?
//---sanitize function on a different file.
require 'sanitize.php';
//-------------variables including the hashed token--------------
$userid = $username= $userpw = $userfname = $userlname = '';
$salt = "qm&h*";
$pepper = "pg!@";
$token = hash('ripemd128', "$salt$userpw$pepper");
//--------existing insert logic-------------
if (isset($_POST['user_name']) &&
isset($_POST['user_pw']) &&
isset($_POST['user_fname']) &&
isset($_POST['user_lname']))
{
$username = sanitizeString($_POST['user_name']);
$userpw = sanitizeString($_POST['user_pw']);
$userfname = sanitizeString($_POST['user_fname']);
$userlname = sanitizeString($_POST['user_lname']);
$query = "INSERT INTO users (user_name, user_pw, user_fname, user_lname) VALUES" .
"('$username', '$userpw', '$userfname', '$userlname')";
$result = $conn->query($query);
if (!$result) echo "INSERT failed: $query<br>" .
$conn->error . "<br><br>";
答案 0 :(得分:0)
根据评论,这是正确的改变:
if (isset($_POST['user_name']) &&
isset($_POST['user_pw']) &&
isset($_POST['user_fname']) &&
isset($_POST['user_lname']))
{
$username = sanitizeString($_POST['user_name']);
$userpw = sanitizeString($_POST['user_pw']);
$userfname = sanitizeString($_POST['user_fname']);
$userlname = sanitizeString($_POST['user_lname']);
$query = "INSERT INTO users (user_name, user_pw, user_fname, user_lname) VALUES" .
"('$username', '$token', '$userfname', '$userlname')";
$result = $conn->query($query);