將新用戶插入到mysql數據庫時遇到困難

Question

我有一個表單，允許我將用戶輸入到數據庫中。但是，無論何時點擊提交，我都會收到query failed錯誤消息。下面是我的我已經建立了形式：

寄存器admin.php的那麼

<form id="resgisterform" name="registerform" method="post" action="register-admin-exec.php"> 
    <table width="300" border="0" align="center" cellpadding="2" cellspacing="0"> 
    <tr> 
     <th>Username </th> 
     <td><input name="username" type="text" class="textfield" id="username" /></td> 
    </tr> 
    <tr> 
     <th>First Name </th> 
     <td><input name="first_name" type="text" class="textfield" id="first_name" /></td> 
    </tr> 
    <tr> 
     <th>Last Name </th> 
     <td><input name="last_name" type="text" class="textfield" id="last_name" /></td> 
    </tr> 
    <tr> 
     <th>Muvdigital Email </th> 
     <td><input name="muvdigital_email" type="text" class="textfield" id="muvdigital_email" /></td> 
    </tr> 
    <tr> 
     <th>Personal Email </th> 
     <td><input name="personal_email" type="text" class="textfield" id="personal_email" /></td> 
    </tr> 
    <tr> 
     <th>Title </th> 
     <td><input name="title" type="text" class="textfield" id="title" /></td> 
    </tr> 
    <tr> 
     <th>Address 1 </th> 
     <td><input name="address_1" type="text" class="textfield" id="address_1" /></td> 
    </tr> 
    <tr> 
     <th>Address 2 </th> 
     <td><input name="address_2" type="text" class="textfield" id="address_2" /></td> 
    </tr> 
    <tr> 
     <th>City </th> 
     <td><input name="city" type="text" class="textfield" id="city" /></td> 
    </tr> 
    <tr> 
     <th>State </th> 
     <td><input name="state" type="text" class="textfield" id="state" /></td> 
    </tr> 
    <tr> 
     <th>Zip Code </th> 
     <td><input name="zip" type="text" class="textfield" id="zip" /></td> 
    </tr> 
    <tr> 
     <th>Phone </th> 
     <td><input name="phone" type="text" class="textfield" id="phone" /></td> 
    </tr> 
    <tr> 
     <th>Password </th> 
     <td><input name="password" type="password" class="textfield" id="password" /></td> 
    </tr> 
    <tr> 
     <th>Confirm Password </th> 
     <td><input name="cpassword" type="password" class="textfield" id="cpassword" /></td> 
    </tr> 
    <tr> 
     <td>&nbsp;</td> 
     <td><input type="submit" name="Submit" value="Register" /></td> 
    </tr> 
    </table> 
</form> 

從這種形式的值帶來了寄存器管理員-exec.php頁面，低於

<?php 
    //Start session 
    session_start(); 

    //Include database connection details 
    require_once('config.php'); 

    //Array to store validation errors 
    $errmsg_arr = array(); 

    //Validation error flag 
    $errflag = false; 



    //Function to sanitize values received from the form. Prevents SQL injection 
    function clean($str) { 
     $str = @trim($str); 
     if(get_magic_quotes_gpc()) { 
      $str = stripslashes($str); 
     } 
     return mysql_real_escape_string($str); 
    } 

    //define and validate the post values 
    /*if (isset ($_POST['admin_id']) && !empty ($_POST['admin_id'])) { 
     $admin_id = $_POST['admin_id']; 
    } else { 
     echo 'Error: admin id not provided!'; 
    }*/ 

    if (isset ($_POST['username']) && !empty ($_POST['username'])) { 
$username = clean($_POST['username']); 
} else { 
    echo 'Error: username not provided!'; 
} 

if (isset ($_POST['first_name']) && !empty ($_POST['first_name'])) { 
$first_name = clean($_POST['first_name']); 
} else { 
    echo 'Error: first name not provided!'; 
} 

if (isset ($_POST['last_name']) && !empty ($_POST['last_name'])) { 
$last_name = clean($_POST['last_name']); 
} else { 
    echo 'Error: last name not provided!'; 
} 

if (isset ($_POST['muvdigital_email']) && !empty ($_POST['muvdigital_email'])) { 
$muvdigital_email = clean($_POST['muvdigital_email']); 
} else { 
    echo 'Error: muvdigital email not provided!'; 
} 

if (isset ($_POST['personal_email']) && !empty ($_POST['personal_email'])) { 
$personal_email = clean($_POST['personal_email']); 
} else { 
    echo 'Error: personal email not provided!'; 
} 

if (isset ($_POST['title']) && !empty ($_POST['title'])) { 
$title = clean($_POST['title']); 
} else { 
    echo 'Error: title not provided!'; 
} 

if (isset ($_POST['phone']) && !empty ($_POST['phone'])) { 
$phone = clean($_POST['phone']); 
} else { 
    echo 'Error: phone not provided!'; 
} 

if (isset ($_POST['address_1']) && !empty ($_POST['address_1'])) { 
$address_1 = clean($_POST['address_1']); 
} else { 
    echo 'Error: address 1 not provided!'; 
} 

$address_2 = clean($_POST['address_2']); 

if (isset ($_POST['city']) && !empty ($_POST['city'])) { 
$city = clean($_POST['city']); 
} else { 
    echo 'Error: city not provided!'; 
} 

if (isset ($_POST['state']) && !empty ($_POST['state'])) { 
$state = clean($_POST['state']); 
} else { 
    echo 'Error: state not provided!'; 
} 

if (isset ($_POST['zip']) && !empty ($_POST['zip'])) { 
$zip = clean($_POST['zip']); 
} else { 
    echo 'Error: zip not provided!'; 
} 

if (isset ($_POST['password']) && !empty ($_POST['password'])) { 
$password = clean($_POST['password']); 
} else { 
    echo 'Error: password not provided!'; 
} 

if (isset ($_POST['cpassword']) && !empty ($_POST['cpassword'])) { 
$cpassword = clean($_POST['cpassword']); 
} else { 
    echo 'Error: confirm password not provided!'; 
} 



    //encrypt the password 
    $salt = sha1($username); 
    $password = sha1($salt.$password); 


    //Check for duplicate login ID 
    if($username != '') { 
     $qry = "SELECT * FROM members WHERE username='".$username."'"; 
     $result = mysql_query($qry); 
     if($result) { 
      if(mysql_num_rows($result) > 0) { 
       $errmsg_arr[] = 'Login ID already in use'; 
       $errflag = true; 
      } 
      @mysql_free_result($result); 
     } 
     else { 
      die("Query failed"); 
     } 
    } 

    //If there are input validations, redirect back to the registration form 
    if($errflag) { 
     $_SESSION['ERRMSG_ARR'] = $errmsg_arr; 
     session_write_close(); 
     header("location: register-admin.php"); 
     exit(); 
    } 

    //Create INSERT query 
    $qry = "INSERT INTO admins (
      'username', 
      'password', 
      'first_name', 
      'last_name', 
      'muvdigital_email', 
      'personal_email', 
      'titles', 
      'phone', 
      'address_1', 
      'address_2', 
      'city', 
      'state', 
      'zip') 
    VALUES (
      '$username', 
      '$password', 
      '$first_name', 
      '$last_name', 
      '$muvdigital_email', 
      '$personal_email', 
      '$title', 
      '$phone', 
      '$address_1', 
      '$address_2', 
      '$city', 
      '$state', 
      '$zip')"; 
    $result = mysql_query($qry); 

    //Check whether the query was successful or not 
    if($result) { 
     header("location: register-success.php"); 
     exit(); 
    }else { 
     die("Query failed $qry"); 
    } 
?> 

我知道它在我的插入語句失敗，因爲我已經嘗試註釋掉以前的重複登錄ID的驗證檢查，它仍然失敗。我無法弄清楚爲什麼我的插入語句不起作用。呼應$qry後，我得到

INSERT INTO admins ('username', 'password', 'first_name', 'last_name', 'muvdigital_email', 'personal_email', 'titles', 'phone', 'address_1', 'address_2', 'city', 'state', 'zip') VALUES ('johndoe', '7afbb2186cf26d85bdfe948d367fb6baa6739283', 'john', 'doe', 'john.doe@muvdigital.com', 'jdoe@gmail.com', 'intern', '6024013776', '18b main st', 'apt 12', 'Hooksett', 'NH', '03106')

所以$_POST功能正在工作。我已經嘗試在命令行手動輸入插入語句，並且我收到ERROR 1054 (42S22): Unknown column 'johndoe' in 'field list'。

的admin_id是一個AUTO_INCREMENT字段這就是爲什麼我評論過它（我曾嘗試取消註釋，並手動創建admin_id，它還是老樣子不工作）

任何人都有一個想法，這是爲什麼發生了什麼？

Answer 1

您已經用單引號引用了所有列名，這是不正確的。他們應該是不帶引號的，除非你已經使用了MySQL reserved keyword（你沒有）

// Column names are unquoted, but VALUES() should be quoted. 
$qry = "INSERT INTO admins (
     username, 
     password, 
     first_name, 
     last_name, 
     muvdigital_email, 
     personal_email, 
     titles, 
     phone, 
     address_1, 
     address_2, 
     city, 
     state, 
     zip) 
VALUES (
     '$username', 
     '$password', 
     '$first_name', 
     '$last_name', 
     '$muvdigital_email', 
     '$personal_email', 
     '$title', 
     '$phone', 
     '$address_1', 
     '$address_2', 
     '$city', 
     '$state', 
     '$zip')"; 
$result = mysql_query($qry);