1. 首頁
  2. 問答
  3. PHP SQL註冊表格

PHP SQL註冊表格

2012-08-03 97 views
0

我正在嘗試將數據保存到sql數據庫的註冊表單。我還沒有進行表單驗證,因爲最讓我感到困擾的是將這些東西放到sql上。我會很感激任何建議!PHP SQL註冊表格

我有一個form.php文件,應該在努力工作。當我提交我的表單時,在這一點上,我得到一個空白屏幕,並沒有加載到數據庫中。

<?php 
$fname = $_POST['fname']; 
$lname = $_POST['lname']; 
$password = $_POST['password']; 
$email = $_POST['email']; 
$cell = $_POST['cell']; 
$experience = $_POST['experience']; 
$ip = $_POST['ip']; 

$password = md5($_POST['password']); 

$connection = msql_connect(localhost, USERNAME, PASSWORD); 
$db = mysql_select_db(registration,$connection);  

mysql_query("INSERT INTO userTable (fname,lname,password,email,cell,experience,ip) VALUES ('$fname', '$lname', '$password', '$email', '$cell', '$experience', '$ip')") 
    or die (mysql_error()); 

echo "Thank you for your registration"; 


?>

而且我有一個包含這個HTML文件:

  <form method = "post" action = "form.php"> 
      <h2>User Information</h2> 

      <div><label>First Name:</label> 
       <input type = "text" name = "fname"></div> 
      <div><label>Last Name:</label> 
       <input type = "text" name = "lname"></div> 
      <div><label>Password:</label> 
       <input type = "password" name = "password"></div> 
      <div><label>Email:</label> 
       <input type="text" name="email"></div> 
      <div><label>Cellphone:</label> 
       <input type="text" name="cell"></div> 
       <input type="hidden" name="ip" value='<?php echo $IP ?>'/> 
      <h2>What Is Your Experience Mountain Biking?</h2> 
      <p><input type="radio" name="experience" value="n00b" 
       checked>n00b 
       <input type="radio" name="experience" value="intermediate">Intermediate 
       <input type="radio" name="experience" value="extreme">Extreme     
       </p> 
      <p><input type="submit" name="submit" value="Register"></p> 
     </form>

最後,我有一個SQL數據庫(我在本地運行的XAMPP)被稱爲「註冊」 我創建的表被稱爲「userTable」,它包含8個字段,包括ID(自動遞增)和其他7個我已經包含在頂部的值。任何想法我做錯了什麼?

來源

2012-08-03 jackie

+3

爲什麼這麼多的問題仍然指向'mysql_'功能?你爲什麼不使用'mysqli_'函數?還有'$ connection = msql_connect(localhost,USERNAME,PASSWORD);'是一個錯字。沒有'msql_connect()'函數。更不用說sql注入攻擊了! – 2012-08-03 00:29:32

+4

死亡白屏=錯誤顯示關閉。打開它,看看你得到了什麼 – 2012-08-03 00:30:08

+0

我建議添加error_reporting(E_ALL);到腳本的頂部以確保報告所有錯誤和問題。一旦完成,我們可以進一步瞭解爲什麼事情沒有起作用。 – 2012-08-03 00:31:56

回答

-1 
Solved my own problem 


<?php 
$fname = $_POST['fname']; 
$lname = $_POST['lname']; 
$password = $_POST['password']; 
$email = $_POST['email']; 
$cell = $_POST['cell']; 
$experience = $_POST['experience']; 
$ip = $_POST['ip']; 

$fname = mysql_real_escape_string($fname); 
$lname = mysql_real_escape_string($lname); 
$email = mysql_real_escape_string($email); 
$password = md5($_POST['password']); 

$servername="localhost"; 
$username="user"; 
$conn= mysql_connect($servername,$username, password)or die(mysql_error()); 
mysql_select_db("registration",$conn); 
$sql="insert into userTable (fname,lname,password,email,cell,experience,ip) VALUES ('$fname', '$lname', '$password', '$email', '$cell', '$experience', '$ip')"; 

$result=mysql_query($sql,$conn) or die(mysql_error());   
print "<h1>you have registered sucessfully</h1>"; 


echo "Thank you for your registration to the "; 

mysql_close($connection);

>

來源

2012-08-03 01:59:11 jackie

+0

$ fname = mysql_real_escape_string($ _ POST ['fname']),你可以保存一些行。 – 2013-01-18 15:54:06

2

問題是什麼?

1)問題在於,每次加載此頁面時都會執行INSERT查詢 - 意味着每次插入空值時都會執行INSERT查詢。爲什麼?

僅僅是因爲沒有條件,如果各個領域已經公佈,檢查,所以不是:

<?php 

$fname = $_POST['fname']; 
$lname = $_POST['lname']; 
$password = $_POST['password']; 
$email = $_POST['email']; 
$cell = $_POST['cell']; 
$experience = $_POST['experience']; 
$ip = $_POST['ip'];

您應該檢查是否$_POST超級全局有一些按鍵。 所以做任何查詢之前 - 所有檢查的第一,如果$_POST不爲空

<?php 

//This means that user did submit the form 
if (!empty($_POST)){ 

    //all your stuff goes here 
} 

?> 
<html> 
..... 
</html>

2)你確定你在你的代碼的控制?顯然不是。

你必須檢查一些函數是否返回TRUE,然後根據它做出以下操作。

例如,你確定mysql_query("your sql query")成功嗎?

3)允許使用error_reporting到E_ALL,所以只是把error_reporting(E_ALL)在你的頁面的頂部,這樣的:

<?php 

error_reporting(E_ALL);

所以,你總是可以調試腳本 「飛」

4)你正在盡一切努力使這些代碼難以維護,爲什麼? 看看這個:

<?php 

//Debug mode: 
error_reporting(E_ALL); 

//Sure you want to show some error if smth went wrong: 
$errors = array(); 

/** 
* 
* @return TRUE if connection established 
* FALSE on error 
*/ 
function connect(){ 

$connection = mysql_connect(localhost, USERNAME, PASSWORD); 
$db = mysql_select_db(registration,$connection);  

if (!$connection || !$db){ 
    return false; 
} else { 
    return true; 
} 
} 


//So this code will run if user did submit the form: 
if (!empty($_POST)){ 

//Connect sql server: 
if (!connect()){ 
    $errors[] = "Can't establish link to MySQL server"; 
} 

$fname = $_POST['fname']; 
$lname = $_POST['lname']; 
$password = $_POST['password']; 
$email = $_POST['email']; 
$cell = $_POST['cell']; 
$experience = $_POST['experience']; 
//Why post ip? not smth like $_SERVER['REMOTE_ADDR']... 
$ip = $_POST['ip']; 

$password = md5($_POST['password']); 

//No error at this point - means that it successfully connected to SQL server: 
if (empty($errors)){ 

    //let's prevent sql injection: 

    $fname = mysql_real_escape_string($fname); 
    //Please do this for all of them.. 
} 



//Now we should try to INSERT the vals: 

$query = "INSERT INTO `userTable` (`fname`,`lname`,`password`,`email`,`cell`,`experience`,`ip`) VALUES ('$fname', '$lname', '$password', '$email', '$cell', '$experience', '$ip')"; 

//So try it: 
if (!mysql_query($query)){ 
    // 
    //die (mysql_error()); 
    $errors[] = "Can't insert the vals"; 
} else { 
    //Or on success: 
    print ("Thank you for your registration"); 
    //or you can do redirect to some page, like this: 

    //header('location: /thanks.php'); 
} 


} 

?> 

<form method="post"> 
      <h2>User Information</h2> 

      <div><label>First Name:</label> 
       <input type = "text" name = "fname"></div> 
      <div><label>Last Name:</label> 
       <input type = "text" name = "lname"></div> 
      <div><label>Password:</label> 
       <input type = "password" name = "password"></div> 
      <div><label>Email:</label> 
       <input type="text" name="email"></div> 
      <div><label>Cellphone:</label> 
       <input type="text" name="cell"></div> 
       <input type="hidden" name="ip" value='<?php echo $IP ?>'/> 
      <h2>What Is Your Experience Mountain Biking?</h2> 
      <p><input type="radio" name="experience" value="n00b" 
       checked>n00b 
       <input type="radio" name="experience" value="intermediate">Intermediate 
       <input type="radio" name="experience" value="extreme">Extreme     
       </p> 

      <?php if (!empty($errors)) : ?> 

      <?php foreach($errors as $error): ?> 
      <p><b><?php echo $error; ?></b></p> 
      <?php endforeach; ?> 
      <?php endif; ?> 


      <p><input type="submit" name="submit" value="Register"></p> 
     </form>

來源

2012-08-03 01:45:54 Yang

+0

我喜歡你設置它的方式,我可能會在將來使用它。 – 2012-08-03 03:08:51

相關問題

 相關問題