由于某种原因,我的最后两个变量将不会输入数据库。我指的是$verifyKey和$keyExpire。这是我的注释代码。我要添加整个页面,以确保在原本应该没有的地方没有错误的字符。实际上,这是一个注册页面,可将信息插入数据库并提供验证密钥,以便以后进行电子邮件验证。
我具有与数据库中的代码匹配的字段,并将它们设置为longtext和text。我不想直接插入,因为我正试图使该方法与所有5个变量一起使用。
<?php
// This is not seen by the end user so this file is placed in the unseen folder
// Check if the user used the sign up button
if (isset($_POST['signup-submit'])) {
// uses the database handler
require 'dbh.php';
$username=$_POST['uid'];
$email=$_POST['mail'];
$password=$_POST['pwd'];
$passwordcnfrm=$_POST['pwd-cnfrm'];
$verifyKey=md5(time().$username);
$keyExpire=date("U")+ 86400;
// Checks to see if any field are empty
if(empty($username)||empty($email)||empty($password)||empty($passwordcnfrm)) {
// This header returns the username and/or email address so the user doesn't have to retype it
header("Location:../signup.php?error=emptyfields&uid=".$username."&mail=".$email);
exit();
}
// Checks if both the user and email are invalid
else if (!filter_var($email, FILTER_VALIDATE_EMAIL)&&!preg_match("/^[a-zA-Z0-9]*$/",$username)) {
header("Location:../signup.php?error=invalidmailuid");
exit();
}
// Checks if the email is valid
else if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header("Location:../signup.php?error=invalidmail&uid=".$username);
exit();
}
// Checks if the username is valid.
else if (!preg_match("/^[a-zA-Z0-9]*$/",$username)) {
header("Location:../signup.php?error=invaliduid&mail=".$email);
exit();
}
// Checks to see if the password and confirm password match
else if ($password !== $passwordcnfrm){
header("Location:../signup.php?error=passwordcheck&uid=".$username."&mail=".$email);
exit();
}
// Checks to see if the username is already in use or password is invalid
else {
$sql = "SELECT uidUsers FROM users WHERE uidUsers=?";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt,$sql)) {
header("Location:../signup.php?error=sqlerror");
exit();
}
else {
mysqli_stmt_bind_param($stmt,"s",$username);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
$resultCheck = mysqli_stmt_num_rows();
if ($resultCheck < 0){
header("Location:../signup.php?error=usertaken&mail=".$email);
exit();
}
else {
//Inserts into database
$sql = "INSERT INTO users (uidUsers,emailUsers,pwdUsers,verify,expires) VALUES (?,?,?,?,?);";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt,$sql)) {
header("Location:../signup.php?error=sqlerror");
exit();
}
else {
$hashedPwd =password_hash($password,PASSWORD_DEFAULT);
mysqli_stmt_bind_param($stmt,"sssss",$username,$email,$hashedPwd,$verifyKey,$keyExpire);
mysqli_stmt_execute($stmt);
header("Location:../signup.php?signup=success");
}
}
}
}
//Closes session to db
mysqli_stmt_close($stmt);
mysqli_close($conn);
}
else {
header("Location:../signup.php");
}
答案 0 :(得分:0)
在mysqli_stmt::bind_param的描述中,有一条便笺:
如果变量的数据大小超过最大值。允许的数据包大小 (max_allowed_packet),您必须在类型和使用中指定b
mysqli_stmt_send_long_data()以数据包形式发送数据。
http://php.net/manual/en/mysqli-stmt.bind-param.php
实际上,这意味着对于每个长文本(和Blob)字段,您必须在mysqli_stmt_send_long_data之后另外调用mysqli_stmt_bind_param。否则,当一切正常,但未设置字段时,您会有这种奇怪的行为。