<?php
if(isset($_POST['add']))
{
$dbhost = 'internal-db.s123';
$dbuser = 'db123';
$dbpass = 'technical';
$db = "db123";
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not send your enquiry at this time please try again later.');
}
$phone = mysql_real_escape_string((string)$_POST['phone']);
$email = mysql_real_escape_string((string)$_POST['email']);
$password = mysql_real_escape_string((string)$_POST['password']);
$firstname = mysql_real_escape_string((string)$_POST['firstname']);
$surname = mysql_real_escape_string((string)$_POST['surname']);
$country = mysql_real_escape_string((string)$_POST['country']);
$nationality = mysql_real_escape_string((string)$_POST['nationality']);
$dateofbirth = mysql_real_escape_string((string)$_POST['dateofbirth']);
$profession = mysql_real_escape_string((string)$_POST['profession']);
$membertype = mysql_real_escape_string((string)$_POST['membertype']);
$dateregistered = mysql_real_escape_string((string)$_POST['dateregistered']);
$agreedtoterms = mysql_real_escape_string((string)$_POST['agreedtoterms']);
$sql = "INSERT INTO members
(phone, email, password, firstname, surname, country, nationality, dateofbirth, profession, membertype, dateregistered, agreedtoterms)
VALUES('$phone', '$email', '$password', '$firstname','$surname','$country','$nationality','$dateofbirth','$profession','$membertype','$dateregistered', '$agreedtoterms',)";
mysql_select_db($db);
$retval = mysql_query( $sql, $conn );
$emailTo = $email; //Put your own email address here
$replyto = 'noreply@club.com';
$subject = 'Welcome to the ';
$body = "Name: $firstname $surname \n\nEmail: $email \n\nPhone Number: $phone \n\nCountry: $country \n\nWants a callback?: $callback \n\nMessage:\n $message";
$headers = 'From: Club <'.$replyto.'>' . "\r\n" . 'Reply-To: ' . $replyto ;
mail($emailTo, $subject, $body, $headers);
echo "<div class=\"success\" >Thank you. Your registration is almost complete. Please check you emails for further instructions on how to complete your membership application and how to login.</div><br>";
mysql_close($conn);
}
else
{
?>
<form id="standardform" method="POST" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<div class="dotted"></div>
<div class="formlabel"> Phone:*</div>
<input class="inputstyle" type="text" name="phone">
<div class="dotted"></div>
<div class="formlabel"> Email:*</div>
<input class="inputstyle" type="text" name="email">
<div class="dotted"></div>
<div class="formlabel"> Password:*</div>
<input class="inputstyle" type="password" name="password">
<div class="dotted"></div>
<div class="formlabel">Repeat Password:*</div>
<input class="inputstyle" type="password" name="password2">
<div class="dotted"></div>
<div class="formlabel">First Name:*</div>
<input class="inputstyle" type="text" name="firstname">
<div class="dotted"></div>
<div class="formlabel">Surname:*</div>
<input class="inputstyle" type="text" name="surname">
<div class="dotted"></div>
<div class="formlabel"> Country:*</div>
<select class="selectstyle" name="country">
<option value="">Please select…</option>
<option value="Afghanistan">Afghanistan</option>
<option value="Albania">Albania</option>
<option value="Algeria">Algeria</option>
<option value="Andorra">Andorra</option>
<option value="Angola">Angola</option>
<option value="Argentina">Argentina</option>
<option value="Armenia">Armenia</option>
<option value="Australia">Australia</option>
<option value="Austria">Austria</option>
<option value="Azerbaijan">Azerbaijan</option>
<option value="Bangladesh">Bangladesh</option>
<option value="Belarus">Belarus</option>
<option value="Belgium">Belgium</option>
<option value="Benin">Benin</option>
<option value="Bolivia">Bolivia</option>
<option value="Bosnia And Herzegovina">Bosnia And Herzegovina</option>
<option value="Brazil">Brazil</option>
<option value="Bulgaria">Bulgaria</option>
<option value="Burkina Faso">Burkina Faso</option>
<option value="Burundi">Burundi</option>
<option value="Cambodia">Cambodia</option>
<option value="Cameroon">Cameroon</option>
<option value="Canada">Canada</option>
<option value="Central African Republic">Central African Republic</option>
<option value="Chile">Chile</option>
<option value="China">China</option>
<option value="Colombia">Colombia</option>
<option value="Comoros">Comoros</option>
<option value="Congo">Congo</option>
<option value="Costa Rica">Costa Rica</option>
<option value="Cote D'Ivoire">Cote D'Ivoire</option>
<option value="Croatia">Croatia</option>
<option value="Cuba">Cuba</option>
<option value="Cyprus">Cyprus</option>
<option value="Czech Republic">Czech Republic</option>
<option value="Denmark">Denmark</option>
<option value="Dominica">Dominica</option>
<option value="Dominican Republic">Dominican Republic</option>
<option value="Ecuador">Ecuador</option>
<option value="Egypt">Egypt</option>
<option value="El Salvador">El Salvador</option>
<option value="Estonia">Estonia</option>
<option value="Ethiopia">Ethiopia</option>
<option value="Falkland Islands (Malvinas)">Falkland Islands (Malvinas)</option>
<option value="Finland">Finland</option>
<option value="France">France</option>
<option value="French Guiana">French Guiana</option>
<option value="Gabon">Gabon</option>
<option value="Gambia">Gambia</option>
<option value="Georgia">Georgia</option>
<option value="Germany">Germany</option>
<option value="Ghana">Ghana</option>
<option value="Gibraltar">Gibraltar</option>
<option value="Greece">Greece</option>
<option value="Greenland">Greenland</option>
<option value="Grenada">Grenada</option>
<option value="Guam">Guam</option>
<option value="Guatemala">Guatemala</option>
<option value="Guinea">Guinea</option>
<option value="Guyana">Guyana</option>
<option value="Honduras">Honduras</option>
<option value="Hong Kong">Hong Kong</option>
<option value="Hungary">Hungary</option>
<option value="Iceland">Iceland</option>
<option value="India">India</option>
<option value="Indonesia">Indonesia</option>
<option value="Iran, Islamic Republic Of">Iran, Islamic Republic Of</option>
<option value="Iraq">Iraq</option>
<option value="Ireland">Ireland</option>
<option value="Israel">Israel</option>
<option value="Italy">Italy</option>
<option value="Jamaica">Jamaica</option>
<option value="Japan">Japan</option>
<option value="Jordan">Jordan</option>
<option value="Kazakhstan">Kazakhstan</option>
<option value="Kenya">Kenya</option>
<option value="Korea, Democratic People'S Republic Of">Korea, Democratic People'S Republic Of</option>
<option value="Korea, Republic Of">Korea, Republic Of</option>
<option value="Kuwait">Kuwait</option>
<option value="Kyrgyzstan">Kyrgyzstan</option>
<option value="Latvia">Latvia</option>
<option value="Lebanon">Lebanon</option>
<option value="Liberia">Liberia</option>
<option value="Lithuania">Lithuania</option>
<option value="Luxembourg">Luxembourg</option>
<option value="Macedonia">Macedonia</option>
<option value="Madagascar">Madagascar</option>
<option value="Malaysia">Malaysia</option>
<option value="Mali">Mali</option>
<option value="Malta">Malta</option>
<option value="Mauritius">Mauritius</option>
<option value="Mexico">Mexico</option>
<option value="Moldova">Moldova</option>
<option value="Monaco">Monaco</option>
<option value="Morocco">Morocco</option>
<option value="Mozambique">Mozambique</option>
<option value="Myanmar">Myanmar</option>
<option value="Nepal">Nepal</option>
<option value="Netherlands">Netherlands</option>
<option value="New Caledonia">New Caledonia</option>
<option value="New Zealand">New Zealand</option>
<option value="Nicaragua">Nicaragua</option>
<option value="Niger">Niger</option>
<option value="Nigeria">Nigeria</option>
<option value="Norway">Norway</option>
<option value="Pakistan">Pakistan</option>
<option value="Palestine">Palestine</option>
<option value="Panama">Panama</option>
<option value="Paraguay">Paraguay</option>
<option value="Peru">Peru</option>
<option value="Philippines">Philippines</option>
<option value="Poland">Poland</option>
<option value="Portugal">Portugal</option>
<option value="Puerto Rico">Puerto Rico</option>
<option value="Qatar">Qatar</option>
<option value="Romania">Romania</option>
<option value="Russian Federation">Russian Federation</option>
<option value="Rwanda">Rwanda</option>
<option value="Saudi Arabia">Saudi Arabia</option>
<option value="Senegal">Senegal</option>
<option value="Serbia And Montenegro">Serbia And Montenegro</option>
<option value="Sierra Leone">Sierra Leone</option>
<option value="Singapore">Singapore</option>
<option value="Slovakia">Slovakia</option>
<option value="Slovenia">Slovenia</option>
<option value="South Africa">South Africa</option>
<option value="Spain">Spain</option>
<option value="Sri Lanka">Sri Lanka</option>
<option value="Sweden">Sweden</option>
<option value="Switzerland">Switzerland</option>
<option value="Syrian Arab Republic">Syrian Arab Republic</option>
<option value="Taiwan">Taiwan</option>
<option value="Thailand">Thailand</option>
<option value="Tunisia">Tunisia</option>
<option value="Turkey">Turkey</option>
<option value="Turkmenistan">Turkmenistan</option>
<option value="Uganda">Uganda</option>
<option value="Ukraine">Ukraine</option>
<option value="United Arab Emirates">United Arab Emirates</option>
<option value="United Kingdom">United Kingdom</option>
<option value="USA">USA</option>
<option value="Uruguay">Uruguay</option>
<option value="Uzbekistan">Uzbekistan</option>
<option value="Venezuela">Venezuela</option>
<option value="Viet Nam">Viet Nam</option>
<option value="Zambia">Zambia</option>
</select>
<div class="dotted"></div>
<div class="formlabel">Nationality:*</div>
<input class="inputstyle" type="text" name="nationality">
<div class="dotted"></div>
<div class="formlabel">Date of birth:*</div>
<input class="inputstyle" type="text" name="dateofbirth">
<div class="dotted"></div>
<div class="formlabel">Profession:*</div>
<input class="inputstyle" type="text" name="profession">
<div class="dotted"></div>
<div class="formlabel">Member type:*</div>
<input name="membertype" type="radio" value="Investor" />Investor
<input name="membertype" type="radio" value="Buyer" />Buyer
<input name="membertype" type="radio" value="Seller" />Seller
<input name="membertype" type="radio" value="Developer" />Developer
<div class="dotted"></div>
<div class="formlabel">Date:</div>
<input style="border: 1px solid #ffffff;" class="inputstyle" value="<?php $today = date("d.m.y"); echo $today; ?>" type="text" name="dateregistered" readonly>
<div class="dotted"></div>
<input name="agreedtoterms" id="agreed_terms" value="Y" type="checkbox"> I confirm I have read and agree to the <a href="#">terms and conditions</a>
<div class="dotted"></div>
<br />
<button style="float:right;" name="add" id="add" type="submit">Submit</button>
</form>
<div class="formdisclaimer"> Any information that you provide to Club will be treated in accordance with our Privacy Policy.</div>
<?php
}
?>
答案 0 :(得分:1)
在查询结束时你有一个迷路命令:
... agreedtoterms',)";
^--- here
如果您对查询进行了正确的错误检查,那么您已经注意到了这一点:
$result = mysql_query('...') or trigger_error(mysql_error());
答案 1 :(得分:0)
您应该检查所有mysql函数的返回值。这实际上应该让您对SQL不正确的事实有所了解。
$sql = "INSERT INTO members
(phone, email, password, firstname, surname, country, nationality, dateofbirth, profession, membertype, dateregistered, agreedtoterms)
VALUES('$phone', '$email', '$password', '$firstname','$surname','$country','$nationality','$dateofbirth','$profession','$membertype','$dateregistered', '$agreedtoterms',)";
最后你还有一个额外的。
'$firstname','$surname','$country','$nationality','$dateofbirth','$profession','$membertype','$dateregistered', '$agreedtoterms')";
答案 2 :(得分:0)
当你在这里时,如何改变这个
$phone = mysql_real_escape_string((string)$_POST['phone']);
$email = mysql_real_escape_string((string)$_POST['email']);
$password = mysql_real_escape_string((string)$_POST['password']);
$firstname = mysql_real_escape_string((string)$_POST['firstname']);
$surname = mysql_real_escape_string((string)$_POST['surname']);
$country = mysql_real_escape_string((string)$_POST['country']);
$nationality = mysql_real_escape_string((string)$_POST['nationality']);
$dateofbirth = mysql_real_escape_string((string)$_POST['dateofbirth']);
$profession = mysql_real_escape_string((string)$_POST['profession']);
$membertype = mysql_real_escape_string((string)$_POST['membertype']);
$dateregistered = mysql_real_escape_string((string)$_POST['dateregistered']);
$agreedtoterms = mysql_real_escape_string((string)$_POST['agreedtoterms']);
到此?
$fieldnames = array('phone','email','password','firstname','surname','country'
'nationality','dateofbirth','profession','membertype',
'dateregistered','agreedtoterms');
foreach ($fieldnames as $f) $$f = mysql_real_escape_string((string)$_POST[$f]);
答案 3 :(得分:-1)
Suroot是正确的。作为一些建议,您可以在创建$ sql变量时使用sprintf()函数。 http://www.w3schools.com/PHP/func_string_sprintf.asp
$sql = sprintf("INSERT INTO members
(phone, email, password, firstname, surname, country, nationality, dateofbirth, profession, membertype, dateregistered, agreedtoterms)
VALUES('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
mysql_real_escape_string((string)$_POST['phone']),
mysql_real_escape_string((string)$_POST['email']),
mysql_real_escape_string((string)$_POST['password']),
mysql_real_escape_string((string)$_POST['firstname']),
mysql_real_escape_string((string)$_POST['surname']),
mysql_real_escape_string((string)$_POST['country']),
mysql_real_escape_string((string)$_POST['nationality']),
mysql_real_escape_string((string)$_POST['dateofbirth']),
mysql_real_escape_string((string)$_POST['profession']),
mysql_real_escape_string((string)$_POST['membertype']),
mysql_real_escape_string((string)$_POST['dateregistered']),
mysql_real_escape_string((string)$_POST['agreedtoterms']));