0
我已經創建了一個用戶註冊形式與PHP jquery和SQL,我 試圖通過ajax請求輸入數據庫的詳細信息,代碼是 執行完美,但值不輸入數據庫,我 檢查我的查詢也通過運行它在SQL編輯器查詢也 工作正常,值不插入數據庫與PHP
你能告訴錯誤在哪裏?
<!DOCTYPE html>
<html>
<head>
<title>Login Register Test</title>
<script type="text/javascript" src="http://code.jquery.com/jquery-1.8.0.min.js"></script>
/**
* Created by pratyush on 8/28/14.
*/
$(function(){
$("input[name='btn_submit_reg']").click(function(){
registerUser();
});
$("input[name='btn_submit_login']").click(function(){
loginUser();
});
});
function registerUser(){
if(IsValidFormReg()){
var frm = $(".register").serialize();
$.ajax({
url : 'modal/registerdao.php',
type : 'POST',
data : frm,
success : function(result) {
if (result.indexOf("correct") > -1) {
alert(frm);
window.location.replace("registrationconfirm.php");
}
}
});
}
}
function IsValidFormReg()
{
var valid= true;
var username = $("input[name='username_reg']").val();
var userpass = $("input[name='userpass_reg']").val();
var email = $("input[name='useremail_reg']").val();
if(username.length==0){
valid = false;
$("input[name='username_reg']").addClass("formerror");
}
if(userpass.length==0){
valid = false;
$("input[name='userpass_reg']").addClass("formerror");
}
if(email.length==0){
valid = false;
$("input[name='useremail_reg']").addClass("formerror");
}
else{
if(checkemail(email)==false){
valid = false;
$("input[name='useremail_reg']").addClass("formerror");
alert("please enter valid email");
}
}
if(!valid)
$(".formentrieserror").html(" Please fill correct form entries...");
else
$(".formentrieserror").html(" ");
return valid;
}
function checkemail(email){
var filter = /^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;
if(email.length>0){
if (!filter.test(email))
return false;
else
return true;
}
else
return false;
}
function loginUser(){}
<style>
.formerror{border: solid 2px red;}
</style>
</head>
<body>
<h2>Login Form</h2> <br><br>
<form class="login">
<input type="text" name="username_login" placeholder="user name"> <br> <br>
<input type="password" name="userpass_login" placeholder="password"><br> <br>
<input type="button" name="btn_submit_login" value="Login">
</form>
<br><br>
<h2>Registration Form</h2>
<br><br>
<form class="register">
<input type="text" name="username_reg" placeholder="user name"> <br> <br>
<input type="password" name="userpass_reg" placeholder="password"><br> <br>
<input type="email" name="useremail_reg" placeholder="email"><br> <br>
<input type="button" name="btn_submit_reg" value="Register">
</form>
<div class="formentrieserror"></div>
</body>
</html>
//registerDao.php..................................//
<?php
class RegisterUserInfo{
public $userName;
public $userPassword;
public $userEmail;
}
class userRegisterDao {
function RegisterUser($registration_info) {
include_once ("database.php");
$qry = "insert into userdetails(
userName,
userPassword,
userEmail)
values('".$registration_info->userName."','"
.$registration_info->userPassword."','"
.$registration_info->userEmail."')";
return Database::executeQuery($qry); // return true or false
}
}
$userName = mysql_escape_string($_REQUEST ['userName']);
$userPassword = mysql_escape_string($_REQUEST ['userPassword']);
$userEmail = mysql_escape_string($_REQUEST ['userEmail']);
$registration_info = new RegisterUserInfo();
$registration_info->userName=$userName;
$registration_info->userPassword=$userPassword;
$registration_info->userEmail=$userEmail;
$dao = new userRegisterDao();
$insert = $dao->RegisterUser($registration_info);
if($insert===true){
echo "correct";
}
else
echo "invalid";
?>
你爲什麼不從你的'Database'類中請求?即爲什麼你不檢查返回的錯誤?我們不知道它使用哪個API等。從它的外觀來看,當你最終使用'mysql_escape_string'和其他'MySQL_ *'時,所有的OOP都是無用的;不妨直接使用'mysql_query'。 – 2014-08-29 05:54:46
爲什麼還沒有覆蓋'$(function(){''標記? – NoobEditor 2014-08-29 05:54:48
請[不要使用字符串互操作來構建查詢。](http://stackoverflow.com/questions/60174/how-can -i-prevent-sql -injection-in-php?rq = 1) – Dan 2014-08-29 05:57:21