1. 首頁
  2. 問答
  3. 從表格插入數據

從表格插入數據

2013-02-14 116 views
1

我對PHP相當陌生,我正在閱讀通過學習PHP,MySQL,JavaScript &由羅賓尼克松第二版CSS。我正在通過腳本將用戶名和密碼插入到數據庫中。這本書說輸入代碼從表單域中插入數據。我試圖做到這一點(/ * /之間),但查詢給我錯誤。另外,當我省略查詢時,沒有錯誤。當我將查詢放入時,在/ * /中的註釋之後,javascript中顯示錯誤。從表格插入數據

<?php // adduser.php 
require_once 'login.php'; 


$forename = $surname = $username = $password = $age = $email = ""; 

if (isset($_POST['forename'])) 
$forename = fix_string($_POST['forename']); 
if (isset($_POST['surname'])) 
$surname = fix_string($_POST['surname']); 
if (isset($_POST['username'])) 
$username = fix_string($_POST['username']); 
if (isset($_POST['password'])) 
$password = fix_string($_POST['password']); 
if (isset($_POST['email'])) 
$email = fix_string($_POST['email']); 

$fail = validate_forename($forename); 
$fail .= validate_surname($surname); 
$fail .= validate_username($username); 
$fail .= validate_password($password); 
$fail .= validate_age($age); 
$fail .= validate_email($email); 

echo "<html><head><title>An Example Form</title>"; 

if ($fail == "") { 
echo "</head><body>Form data successfully validated: $forename, 
    $surname, $username, $password, $age, $email.</body></html>"; 

/*  require_once 'login.php'; 
$db_server = mysqli_connect($db_hostname, $db_username, $db_password, 
      $db_database) or die('Error connecting to MySQL server.'); 


$forename = mysqli_real_escape_string(db_server, trim($_POST['forename'])); 
$surname = mysqli_real_escape_string(db_server, trim($_POST['surname'])); 
$username = mysqli_real_escape_string(db_server, trim($_POST['username'])); 
$password = mysqli_real_escape_string(db_server, trim($_POST['password'])); 
$email = mysqli_real_escape_string(db_server, trim($_POST['email'])); 

$query = "INSERT INTO users VALUES" . "('$forename', '$surname', ". 
     "'$username', '$password', '$email'); 
$result = mysqli_query($db_server, $query); ". 
    "or die('Error querying database.'); 

mysqli_close($db_database); */  


exit; 

} 



echo <<<_END 


<style>.signup { border: 1px solid #999999; 
font: normal 14px helvetica; color:#444444; }</style> 
<script type="text/javascript"> 
function validate(form) 
{ 
fail = validateForename(form.forename.value) 
fail += validateSurname(form.surname.value) 
fail += validateUsername(form.username.value) 
fail += validatePassword(form.password.value) 
fail += validateEmail(form.email.value) 
if (fail == "") return true 
else { alert(fail); return false } 
} 
</script></head><body> 
<table class="signup" border="0" cellpadding="2" 
cellspacing="5" bgcolor="#eeeeee"> 
<th colspan="2" align="center">Signup Form</th> 

<tr><td colspan="2">Sorry, the following errors were found<br /> 
in your form: <p><font color=red size=1><i>$fail</i></font></p> 
</td></tr> 

<form method="post" action="adduser.php" 
onSubmit="return validate(this)"> 
<tr><td>Forename</td><td><input type="text" maxlength="32" 
name="forename" value="$forename" /></td> 
</tr><tr><td>Surname</td><td><input type="text" maxlength="32" 
name="surname" value="$surname" /></td> 
</tr><tr><td>Username</td><td><input type="text" maxlength="16" 
name="username" value="$username" /></td> 
</tr><tr><td>Password</td><td><input type="text" maxlength="12" 
name="password" value="$password" /></td> 
</tr><tr><td>Age</td><td><input type="text" maxlength="3" 
name="age" value="$age" /></td> 
</tr><tr><td>Email</td><td><input type="text" maxlength="64" 
name="email" value="$email" /></td> 
</tr><tr><td colspan="2" align="center"> 
<input type="submit" value="Signup" /></td> 
</tr></form></table> 



<script type="text/javascript"> 
function validateForename(field) { 
if (field == "") return "No Forename was entered.\\n" 
return "" 
} 

function validateSurname(field) { 
if (field == "") return "No Surname was entered.\\n" 
return "" 
} 

function validateUsername(field) { 
if (field == "") return "No Username was entered.\\n" 
else if (field.length < 5) 
    return "Usernames must be at least 5 characters.\\n" 
else if (/[^a-zA-Z0-9_-]/.test(field)) 
    return "Only letters, numbers, - and _ in usernames.\\n" 
return "" 
} 

function validatePassword(field) { 
if (field == "") return "No Password was entered.\\n" 
else if (field.length < 6) 
    return "Passwords must be at least 6 characters.\\n" 
else if (! /[a-z]/.test(field) || 
     ! /[A-Z]/.test(field) || 
     ! /[0-9]/.test(field)) 
    return "Passwords require one each of a-z, A-Z and 0-9.\\n" 
return "" 
} 

function validateAge(field) { 
if (isNaN(field)) return "No Age was entered.\\n" 
else if (field < 18 || field > 110) 
    return "Age must be between 18 and 110.\\n" 
return "" 
} 

function validateEmail(field) { 
if (field == "") return "No Email was entered.\\n" 
    else if (!((field.indexOf(".") > 0) && 
       (field.indexOf("@") > 0)) || 
       /[^[email protected]_-]/.test(field)) 
    return "The Email address is invalid.\\n" 
return "" 
} 
</script></body></html> 
_END; 


function validate_forename($field) { 
if ($field == "") return "No Forename was entered<br />"; 
return ""; 
} 

function validate_surname($field) { 
if ($field == "") return "No Surname was entered<br />"; 
return ""; 
} 

function validate_username($field) { 
if ($field == "") return "No Username was entered<br />"; 
else if (strlen($field) < 5) 
    return "Usernames must be at least 5 characters<br />"; 
else if (preg_match("/[^a-zA-Z0-9_-]/", $field)) 
    return "Only letters, numbers, - and _ in usernames<br />"; 
return "";  
} 

function validate_password($field) { 
if ($field == "") return "No Password was entered<br />"; 
else if (strlen($field) < 6) 
    return "Passwords must be at least 6 characters<br />"; 
else if (!preg_match("/[a-z]/", $field) || 
     !preg_match("/[A-Z]/", $field) || 
     !preg_match("/[0-9]/", $field)) 
    return "Passwords require 1 each of a-z, A-Z and 0-9<br />"; 
return ""; 
} 

function validate_email($field) { 
if ($field == "") return "No Email was entered<br />"; 
    else if (!((strpos($field, ".") > 0) && 
       (strpos($field, "@") > 0)) || 
       preg_match("/[^[email protected]_-]/", $field)) 
    return "The Email address is invalid<br />"; 
return ""; 
} 

function fix_string($string) { 
if (get_magic_quotes_gpc()) $string = stripslashes($string); 
return htmlentities ($string); 
} 
?>

來源

2013-02-14 eaglecoug

+2

你能告訴我們你會得到什麼錯誤嗎? – MarcinWolny 2013-02-14 19:11:29

+2

不,不,不,不。 **請勿**以明文形式存儲密碼。這可能只是一個測試應用程序,而你正在學習怎麼做,但你可能會(第一次做對)(https://github.com/ircmaxell/password_compat)(或[這裏](http: //php.net/password_hash)如果你使用PHP> = 5.5)。 – Mike 2013-02-14 19:25:24

+0

您正在使用[an **過時的**數據庫API](http://stackoverflow.com/q/12859942/19068),並應使用[現代替換](http://php.net/manual/en/) mysqlinfo.api.choosing.php)。 – Quentin 2013-02-14 22:29:03

回答

0

/**/是用於插入塊註釋的運營商,嘗試取出並運行該腳本

此外,什麼是錯誤說?

編輯:

您收到該錯誤是由您不關閉了你的PHP代碼有?>標籤,這意味着服務器嘗試讀取前面的JavaScript代碼的PHP代碼引起的。

您仍應該省略註釋運算符/**/,因爲這些會導致服務器不執行代碼。

來源

2013-02-14 19:13:11

相關問題

 相關問題