if(isset($_POST['submit'])){
$password = md5($_POST['password']);
$username = $conn->escape_string($_POST['user']);
$middlename = $conn->escape_string($_POST['middlename']);
$surname = $conn->escape_string($_POST['surname']);
$lastname = $conn->escape_string($_POST['lastname']);
$stmt = $conn->stmt_init();
/*foreach($_POST as $post){
if($post == '')
$error['login'] = "No field should be left blank";
}*/
if(strlen($_POST['user']) < 5){
$error['username'] = 'username is too short';
} else{
$stmt->prepare('SELECT username from admin where `username` = ?');
$stmt->bind_param('s', $_POST['user']);
$stmt->bind_result($user);
$stmt->execute();
$stmt->fetch();
if($_POST['user'] == $user){
$error['username'] = 'This username has been registered already';
}
$stmt->free_result();
}
if($_POST['password'] != $_POST['confirmPassword']){
$error['password'] = 'password does not match';
}elseif(strlen($_POST['password']) < 6){
$error['password'] = 'password is too short';
}
if(strlen($_POST['surname']) < 2){
$error['surname'] = 'surname is too short';
}
if(strlen($_POST['middlename']) < 2){
$error['middlename'] = 'surname is too short';
}
if(strlen($_POST['lastname']) < 2){
$error['lastname'] = 'surname is too short';
}
if(count($error) == 0){
include('./../core/connect.php');
$sql = "INSERT INTO admin (username, password, surname, middlename, lastname) VALUES (?, ?, ?, ?, ?)";
$stmt->prepare($sql);
$stmt->bind_param("sssss", $username, $password, $surname, $firstname, $lastname);
$stmt->execute();
$success = $stmt->affected_rows;
}}
我在使用代码时遇到问题,并且我搜索了google和文档,但均未成功。我确保在准备好的语句中没有使用带问号(?)的单引号,并且尝试将var_dump $ _POST超级数组使用,但仍然找不到错误。我唯一注意到的是我的$ _POST ['user']写为 'user'=>&string'stanley'(length = 6)