我是PHP的新手,但我正在为该网站开发登录系统。我目前在帐户创建页面上工作,无法将.php文件发布到我的数据库中。外面有人可以帮我吗?我的代码如下:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>EDAViewer Login Console</title>
<link rel="stylesheet" href="/CSS/styles.css">
</head>
<body>
<div class="container">
<div class="main-wrapper">
<div class="header">
<header>
<img src="/Assets/BGLogo.png" alt="EDAViewer Logo">
<img src="/Assets/accountCreation.png" alt="Create Account" class="console-img">
</header>
</div>
<div class="login-container">
<fieldset class="login-form">
<form class="form" action="newAccount.php" method="POST">
<ul>
<li>
<label for="username">Username</label>
<input type="text" name="username" required>
</li>
<li>
<label for="password">Password</label>
<input type="text" name="password" required>
</li>
<li>
<label for="verify-password">Verify Password</label>
<input type="text" name="verify-password" required>
</li>
<li>
<input type="submit" value="Create Account">
</li>
</ul>
</form>
</fieldset>
</div>
</div>
</div>
<div class="footer">
<footer>
<p>Copyright © 2018 EDA Technologies, Ltd</p>
</footer>
</div>
</body>
</html>
这是PHP:
<?PHP
$dbConn = mysqli_connect("ServerName(Changed it to post here) ", "UserName",
"Password", DBname);
if (mysqli_connect_errno()){
printf("Connection failed: %s\n", mysqli_connect_error());
exit();
}else{
printf("Host information: %s\n", mysqli_get_host_info($mysqli));
mysqli_close($dbConn);
}
$username = mysqli_real_escape_string($dbConn, $_POST['username']);
$password = $_POST['password'];
$vpass = $_POST['verify-password'];
if($password !=== $vpass){
echo "Your passwords did not match."
}else{
$userSQL = "INSERT INTO user_list (username)
VALUES ('".$username"')";
$passSQL = "INSERT INTO user_list (password)
VALUES ('".$password."')";
$res = mysqli_query($dbConn, $userSQL, $passSQL);
if ($res === TRUE){
echo "Account Created";
}else{
printf("There was an error creating this account: %s\n", mysqli_error($dbConn));
}
mysqli_close($dbConn);
}
?>
我遇到的问题是,每当我按下“提交”按钮时,我都无法发布newAccount.php错误。我究竟做错了什么?在过去的两天里,我一直在努力让它自己运作。我什至将数据库连接代码包括到此文件中,以查看一开始是否引用错误。
答案 0 :(得分:1)
我不确定是否是导致它无法在您的脚本中使用的问题,但是似乎;不在此处
if($password !=== $vpass){
echo "Your passwords did not match."; //<---
}else{
$userSQL = "INSERT INTO user_list (username)
VALUES ('".$username"')";
$passSQL = "INSERT INTO user_list (password)
VALUES ('".$password."')";
此外,您不应为密码输入<input type=text ...。相反,您应该使用<input type=password>
编辑:刚刚发现了另一个错误,可能导致您的脚本无法正常工作...
根据http://php.net/manual/zh/language.operators.comparison.php,php中只有!==和!=,
您应该使用if($password !== $vpass)或if($password != $vpass)而不是if($password != $vpass)
注意:({sth!==sth表示!(sth===sth)和sth!=sth表示!(sth==sth))
编辑2 :如Robin Zigmond所述,您不应在数据库中保存纯文本密码...可以使用
$passSQL = "INSERT INTO user_list (password)
VALUES ('".password_hash($password)."')";
使它更安全。登录时,可以使用
if(password_verify($_POST['password'], $encrypted_password)){
//correct password
}else{
//incorrect password
}
验证密码。
更多信息,请访问http://php.net/manual/en/function.password-hash.php和http://php.net/manual/en/function.password-verify.php
答案 1 :(得分:0)
只需使用
if($password != $vpass){
echo "Your passwords did not match.";
}else{
$userSQL = "INSERT INTO user_list (username)
VALUES ('".$username"')";
$passSQL = "INSERT INTO user_list (password)
VALUES ('".$password."')";
}
答案 2 :(得分:0)
我认为您的目录有问题。 You can refer here
此外,您将使用 mysqli_query()发送多个查询,而不是使用 mysqli_multi_query()发送更多查询,here 我希望这能解决您的问题。