现在我遇到的问题是从表单提交的数据没有插入数据库。 我的代码正在将一条记录插入到用户表中,但是只插入了静态值“ active”。表单字段中未包含任何内容,并且为空白。
connection.php是初始数据库连接文件,尽管插入空白(但将acc_active设置为活动硬编码),但它仍在插入行。 Search.php不重要
这是我的代码。
<?php
require "connection.php";
require "search.php";
$var_username = mysqli_real_escape_string($conn, $_POST['username']);
$var_password = mysqli_real_escape_string($conn, $_POST['password']);
$var_email = mysqli_real_escape_string($conn, $_POST['email']);
if (isset($_GET['reg'])){
if ($_GET['reg']=='1'){
$verify = mysqli_query("SELECT COUNT(*) AS NUM FROM users WHERE username = '$var_username'");
$result = mysqli_fetch_array($verify);
if($result[0]==1){
$error_msg = "Username exists";
}else{
$query = "INSERT INTO users(username, password, email, acc_active)VALUES('$var_username','$var_password','$var_email','active')";
if (mysqli_query($conn, $query)){
echo "success";
}else{
echo "failed". $sql ."<br>". mysqli_error($conn);
}
}
}
}
mysqli_close($conn);
?>
这是html表单,位于
内 <form method="post" action="/rail/register.php?reg=1" style="text-align:center">
<input type="text" placeholder="Username..." name="username" />
<input type="text" placeholder="Email..." name="email" />
<input type="password" placeholder="Password..." name="password" />
<input type="password" placeholder="Confirm Password..." name="password-confirm" />
<a href="/rail/login">Return / Cancel</a>
<input type="submit" name="Register" value="Register" />
</form>
因此,我正在重新加载值reg = 1的页面以指示插入, 我正在验证没有其他使用该用户名的记录, 然后,我正在运行插入查询
任何帮助将不胜感激。 提前致谢。 在此阶段,我已经将上面的代码保留为非常基本的代码,会生成错误消息,并验证密码/确认密码字段是否匹配等,并在基本设置完成后进行哈希处理。
答案 0 :(得分:1)
<?php
require "connection.php";
require "search.php";
// You can remove the need to escape your strings by using prepared statements.
不需要用REG进行检查。最好将其删除。
if(isset($_POST['Register'])){
$stmt = $conn->prepare("SELECT null FROM users WHERE username = ? ");
$stmt->bind_param("s", $_POST['username']);
$stmt->execute();
if($stmt->fetch()){
$error = "Username exists.";
}
else{
$error = "";
}
$stmt->close();
if($error == ""){
$param = "Active";
$stmt = $conn->prepare("INSERT INTO users(username, password, email, acc_active) VALUES(?,?,?,?)");
$stmt->bind_param("ssss", $_POST['username'], $_POST['password'], $_POST['email'], $param);
$stmt->execute();
$stmt->close();
}
else
{
echo $error;
}
}
假设您的表单在同一页面上,则只需删除先前添加的操作即可。否则,您可以保留它,但要删除REG。
<form method="post" action="" style="text-align: center">
<input type="text" placeholder="Username..." name="username" >
<input type="text" placeholder="Email..." name="email" />
<input type="password" placeholder="Password..." name="password">
<input type="password" placeholder="Confirm Password..." name="password-confirm">
<a href="/rail/login">Return / Cancel</a>
<input type="submit" name="Register" value="Register">
</form>
答案 1 :(得分:0)
请使用POST方法,您正在使用get
您还可以更快地编写代码:
use Libraries\Request;
$data = [
'samplekey' => 'value',
'otherkey' => 'othervalue'
];
$headers = [
'Content-Type' => 'application/json',
'Content-Length' => sizeof($data)
];
$response = Request::post('https://example.com', $data, $headers);
// the $response variable contains response from the request
代替:
if (isset($_POST['reg']) && $_POST['reg']=='1'){
答案 2 :(得分:-1)
尝试
$var_username = $_POST['username'];
代替
$var_username = mysqli_real_escape_string($conn, $_POST['username']);
您可以在进行查询时使用mysqli_real_escape_string();