我正在使用php註冊表單,但是當我點擊註冊按鈕時,它會在電子郵件和密碼字段中保存1,1而不是給定的電子郵件和密碼。php數據庫數據保存
<?php
include("connection.php")
?>
<?php
$email=isset($_POST['email']);
$password=isset($_POST['password']);
if(isset($_POST['register']))
{
$q= "insert into admin (email, password) values ('$email', '$password')";
$qr=mysqli_query($con, $q);
if($qr)
{
echo "data added sucessfully";
}
else
{
die();
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Log in</title>
</head>
<body>
<form method="post" action="">
<input type="email" name="email">
<br>
<input type="password" name="password">
<br>
<button type="submit" name="register" value="register">register</button>
</form>
</body>
</html>
http://php.net/manual/en/function.isset.php,isset函數返回一個布爾值,更改爲if(isset($ _ POST ['email'])){$ email = $ _ POST ['email'];}編輯:張貼爲答案 –
[您的腳本存在SQL注入攻擊風險。](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql -injection-in-php) –
請使用PHP的[內置函數](http://jayblanchard.net/proper_password_hashing_with_PHP.html)來處理密碼安全性。如果您使用的PHP版本低於5.5,則可以使用'password_hash()'[兼容包](https://github.com/ircmaxell/password_compat)。 –