驗證與數據庫的連接使用MySQL和PHP

Question

一個HTML頁面這是我的代碼以創建具有用戶名，密碼簡單的登錄頁面，確認密碼和確認身份select選項： -

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml"> 
<head> 
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> 
<title>Sign up</title> 
<style type="text/css"> 
    div#registration 
    { 
     text-align:center; 
     margin-left:auto; 
     margin-right:auto; 
     width:40%; 
     border:solid 2px green; 
    } 
</style> 

</head> 



<body> 
<h1> Sign Up! </h1> 
<h2> Enter username and password. Dont forget to recognize yourself </h2> 

<?php 

     $mysqli = new mysqli("localhost", "root", "", "signup"); 
     if($mysqli===false) 
     { 
      die("ERROR: Could not connect to database." .mysqli_connect_error()); 
     } 

     if(isset($_POST['submit'])) 
     { 


      echo'<div id="message">'; 

      $inputError = false; 
      if(empty($_POST['username'])) 
      { 
       echo 'ERROR: Please enter a valid user name'; 
       $inputError = true; 
      } 
      else 
      { 
       $username= $mysqli->escape_string($_POST['username']); 
      } 


      if($inputError != true && empty($_POST['password'])) 
      { 
       echo 'ERROR: Please enter valid password'; 
       $inputError = true; 
      } 
      else 
      { 
       $password= $mysqli->escape_string($_POST['password']); 
      } 


      $inputError = false; 
      if(empty($_POST['cfmpassword'])) 
      { 
       echo 'ERROR: empty field'; 
       $inputError = true; 
      } 
      else if($_POST['password'] != $_POST['cfmpassword']) 
      { 
       echo 'ERROR: passwords does not match'; 
      } 
      else 
      { 
       $cfmpassword = $mysqli->escape_string($_POST['cfmpassword']); 
      } 


     if($inputError != true && empty($_POST['desig'])) 
     { 
      echo 'ERROR: Please enter valid password '; 
      $inputError = true; 
     } 
     else 
     { 
      $desig= $mysqli->escape_string($_POST['desig']); 
     } 

     if ($inputError !=true) 
     { 
       $sql= "INSERT INTO database (Username, password, confirm password, Designation) VALUES ('$username','$password','$cfmpassword','$desig')"; 

       if ($mysqli->query($sql) === true) 
       { 
        echo 'new record added with ID:' . $mysqli->insert_id; 
       } 
       else 
       { 
        echo "ERROR: Could not execute query: $sql." .$mysqli->error; 
       } 
     } 
     echo '</div>'; 

     $mysqli->close(); 
    } 
?> 

<form action="signup.php" method="post"> 

Username: 
<input type="text" size="20" name="username" /> 
<p/> 

Password: 
<input type="password" size="20" name="password" /> 
<p/> 

Confirm Password: 
<input type="password" size="20" name="cfmpassword" /> 
<p/> 

Identify yourselves: 
<select name="desig"> 

<option name="admin">Admin</option> 
<option name="Faculty">Faculty</option> 
<option name="Student">Student</option> 
</select> 
<p/> 

<input type="submit" name="submit" value="Submit" /> 

</form> 







</body> 
</html> 

這裏是我的更新的代碼，驗證工作現在完全正常，但我得到一個錯誤。這是我得到的錯誤。這段代碼中可能的錯誤是什麼？

ERROR: Could not execute query: INSERT INTO database (Username, password, confirm password, Designation) VALUES ('suhas','99','99','Admin').You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'database (Username, password, confirm password, Designation) VALUES ('suhas','99' at line 1 

Answer 1

你如果條件

'$inputError = false' 

應該

'$inputError == false'

只是缺少一個'='