1. 首頁
  2. 問答
  3. '字段列表'中的未知列'a9162e80e079a0051c8b7f88195a94da'(加密密碼)

'字段列表'中的未知列'a9162e80e079a0051c8b7f88195a94da'(加密密碼)

2014-11-06 22 views
0

我已經檢查並試圖更改我的代碼,但仍然出現同樣的錯誤,我試圖解決這個問題約2天, 3個小時的思考和改變。'字段列表'中的未知列'a9162e80e079a0051c8b7f88195a94da'(加密密碼)

我對此很新,找不到錯誤所在的行。 我已經看過這個問題,但仍找不到答案。試圖添加''仍然沒有,我的MySQL表也存在,我確信它。

需要一些幫助。

if(isset($_POST["register"])){ 
    $username = protect($_POST['username']); 
    $password = protect($_POST['password']); 
    $email = protect($_POST['email']); 

    if(strlen($username) > 20){ 
     echo "Username must be less than 20 characters!"; 
    }elseif(strlen($email) > 100){ 
     echo "E-mail must be less than 100 characters!"; 
    }elseif(strlen($username) < 4){ 
     echo "Username must be more than 4 characters!"; 
    }elseif(strlen($password) < 4){ 
     echo "Password must be more than 4 characters!"; 
    }else{ 
     $register1 = @mysql_query("SELECT id FROM user WHERE username = '$username' ") or die(@mysql_error()); 
     $register2 = @mysql_query("SELECT id FROM user WHERE email = '$email' ") or die(@mysql_error()); 
     if(@mysql_num_rows($register1) > 0){ 
      echo "That username is already in use!"; 
     }elseif(mysql_num_rows($register2) > 0){ 
      echo "That e-mail address is already in use!"; 
     }else{ 
      $ins1 = @mysql_query("INSERT INTO stats (gold, attack, defense, food) VALUES (100,10,10,100)") or die(mysql_error()); 
      $ins2 = @mysql_query("INSERT INTO unit (worker, farmer, warrior, defender, archer, longbowmen, phalanxmen, knight, cavalary) VALUES (5, 5, 0, 0, 0, 0, 0, 0, 0)") or die(mysql_error()); 
      $ins3 = @mysql_query("INSERT INTO user (username, password, email) VALUES('$_POST[$username]', ".md5('$_POST[$password]')." ,'$_POST[$email]')") or die(mysql_error()); 
      $ins4 = @mysql_query("INSERT INTO weapon(sword, shield, bow, longbow, towershield, longsword, pike, horse) VALUES (0, 0, 0, 0, 0, 0, 0, 0)") or die(mysql_error()); 
      $ins5 = @mysql_query("INSERT INTO ranking (attack, defense, overall) VALUES (0,0,0)"); 
       echo("Congratulations, You have registered!"); 

     } 
    } 
}

來源

2014-11-06 Zuneec Zeroster aka Henry S.

+3

'」找不到錯誤所在的行「刪除所有那些令人討厭的錯誤抑制符號('@') – Steve 2014-11-06 11:35:31

+1

,當然還有關於使用不推薦使用的方法的常見說法。使用mysqli/pdo代替,保護所有對sql注入 – Olli 2014-11-06 11:38:59

+0

並請查看[password_hash()](http://www.php.net/manual/en/function.password-hash.php)函數, MD5算法不適合散列密碼,因爲它的速度太快了(每秒用通用硬件[8 Giga哈希值](http://hashcat.net/oclhashcat/#performance))。 – martinstoeckli 2014-11-06 14:02:53

回答

1

使用 '' 包圍你的密碼值,否則MySQL的解釋文本作爲列的名稱,而不是值:

$ins3 = @mysql_query("INSERT INTO user (username, password, email) VALUES('$_POST[$username]', '".md5('$_POST[$password]')."' ,'$_POST[$email]')") or die(mysql_error());

來源

2014-11-06 11:35:40 Olli

0

取代".md5('$_POST[$password]')."'".md5('$_POST[$password]')."'(加引號)

來源

2014-11-06 11:35:51 David162795

相關問題

 相關問題