我很新的PHP和試圖獲得註冊和工作,我的代碼在分鐘只是加載用戶名到數據庫中,沒有別的。雖然它,如果我把它們硬編碼到SQL INSERT值輸入到數據庫中的其他領域和不使用SQL插入在PHP不工作
$users_Password
等。順便說一句,我知道這是可怕的代碼和密碼應該複述等,但香港專業教育學院真的只是撕毀這個代碼分開,因爲這不會工作,並在這之後整理出來的歡呼聲加上後面的一切,這是我的代碼
形式
<form id = "Register_form" action="Register.php" method="post">
Username: <input type="text" name="Username"><br>
Password: <input type="password" name="Password"><br>
Confirm Password: <input type="password" name="ConfirmPassword"><br>
First Name: <input type="text" name="FirstName"><br>
Surname: <input type="text" name="Surname"><br>
Address Line 1: <input type="text" name="AddressLine1"><br>
Address Line 2: <input type="text" name="AddressLine2"><br>
City: <input type="text" name="City"><br>
Telephone: <input type="text" name="Telephone"><br>
Mobile: <input type="text" name="Mobile"><br></br>
<input type="submit">
然後在Register.php文件
<?php
// create connection
$con=mysqli_connect("localhost","root","","book");
// check connection
if(mysqli_connect_errno($con)){
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$users_Username = $_POST['Username'];
$users_Password = $_POST['Password'];
$users_ConfirmPassword = $_POST['ConfirmPassword'];
$users_FirstName = $_POST['FirstName'];
$users_Surname = $_POST['Surname'];
$users_AddressLine1 = $_POST['AddressLine1'];
$users_AddressLine2 = $_POST['AddressLine2'];
$users_City = $_POST['City'];
$users_Telephone = $_POST['Telephone'];
$users_Mobile = $_POST['Mobile'];
//Multiple Error checkings such as
if ($users_Username == "")
{
echo "Please enter a username";
echo "<script>setTimeout(\"location.href = 'http://localhost/webD/Assignment/Register_Form.php';\",1500);</script>";
}
else if ($users_Password = "")
{
echo "Please enter a password";
echo "<script>setTimeout(\"location.href = 'http://localhost/webD/Assignment/Register_Form.php';\",1500);</script>";
}
else if ($users_ConfirmPassword == $users_Password)
{
if (strlen($users_Password)<=6)
{
$sql = "INSERT INTO users VALUES ('$users_Username', '$users_Password', '$users_FirstName', '$users_Surname','$users_AddressLine1','$users_AddressLine2','$users_City','$users_Telephone','$users_Mobile')";
if($con->query($sql) === TRUE)
{
echo "User succesfully registered";
echo "<script>setTimeout(\"location.href = 'http://localhost/webD/Assignment/Log_In_Screen.php';\",1500);</script>";
}
else
{
echo "Unable to register user, Please try again";
echo "<script>setTimeout(\"location.href = 'http://localhost/webD/Assignment/Register_Form.php';\",1500);</script>";
}
//echo "<pre>\n$sql\n</pre>\n";
mysql_query($sql);
}
else
{
echo "The password you entered is too long, max characters is 6";
echo "<script>setTimeout(\"location.href = 'http://localhost/webD/Assignment/Register_Form.php';\",1500);</script>";
}
}
else
{
echo "Passwords do not match, Please try again";
echo "<script>setTimeout(\"location.href = 'http://localhost/webD/Assignment/Register_Form.php';\",1500);</script>";
}
mysqli_close($con);
?>
似乎沒有什麼會插入數據庫除了用戶名,任何人都有辦法解決這個問題? 乾杯
你能告訴我們你的用戶表的架構嗎?有一個ID字段? – tanaydin
另外,他不應該使用'mysql'的擴展名...已過時和過時...他也應該使用查詢參數... – Hackerman
沒有保護SQL注入...沒有驗證,如果用戶名已被採取......我在這裏想想,在問他解決問題的過程中,還有很多其他事情出錯了。 – Twinfriends