註冊過程以重定向結束,但用戶不會被添加到數據庫。我嘗試了一切,看不到問題。如果你需要任何問題,我將編輯這篇文章的內容或解釋。註冊不起作用
<?php
$cookie="tD2h6";
$jucatoru = $_POST['numeleluii'];
$passw = $_POST['pass'];
$email = $_POST['mail'];
$con=mysqli_connect("xx","xx","xxx","xx");
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$jucatoru = $con->real_escape_string($jucatoru);
$passw = $con->real_escape_string($passw);
$email = $con->real_escape_string($email);
if(strlen($jucatoru)>1)
{
$crypt = md5($passw);
$result = mysqli_query($con,"INSERT INTO `users` (username,password,mail) VALUES ($jucatoru,$crypt,$email);");
$data = "name=" . $jucatoru . "&pass=" . md5($passw);
setcookie ($cookie, $data, time()+60*60*24);
header("Location: http://r4ge.ro");
die;
}
echo "<div class=\"box box-info\">
<i class=\"ion-locked\"></i>
<h3 class=\"box-title\">Register</h3>
</div>
<form action=\"/php/register.php\" method=\"post\">
<div class=\"form-group\">
<input class=\"form-control\" type=\"text\" name=\"numeleluii\" value=\"\" placeholder=\"Username:\"/><br />
</div>
<div class=\"form-group\">
<input class=\"form-control\" type=\"email\" name=\"mail\" value=\"\" placeholder=\"e-mail: [email protected]\"/><br />
</div>
<div class=\"form-group\">
<input class=\"form-control\" type=\"password\" name=\"pass\" value=\"\"placeholder=\"Password:\" /><br />
</div>
<div class=\"box-footer clearfix\">
<input class=\"pull-right btn btn-default\" type=\"submit\" name=\"send\" value=\"Send\" />
</div>
</form>
</div>";
mysqli_close($con);
?>
請不要使用md5來存儲密碼,您可能會將它們以純文本的形式存儲,以保證所有的好處。而且,轉義POST輸入不會阻止注入 - 而是使用參數化查詢。 – 2014-10-11 19:51:15
這只是乞求SQL注入。無論哪種方式,查詢都是錯誤的。它應該是''INSERT INTO用戶(用戶名,密碼,郵件)VALUES('$ jucatoru','$ crypt','$ email')「;' – 2014-10-11 19:51:20
你不需要'''查詢。您還應該在查詢中將變量包裝在單引號中。你應該檢查'mysqli_query()'的返回值是否有錯誤,如果你找到了'mysqli_error()',你可以看看。 (爲什麼很多人省略了基本的錯誤檢查?) – 2014-10-11 19:51:59