0
我目前正在爲我的網站創建註冊頁面的過程中,我設法使其工作並將用戶添加到我的主表user_info,但是我也有其他表希望系統在加入時插入用戶,比如記錄他們的IP地址,問題是我認爲這將是一個簡單的選擇用戶信息的cas,然後將這些字段插入到ip_address表中,但我保留收到錯誤添加新插入時出現PHP錯誤
「你在你的SQL語法錯誤;檢查對應於您的MySQL服務器版本正確的語法使用近‘終止’)」在1" 號線手冊
反正這裏是我的代碼在整個php腳本中,導致錯誤的新代碼行來自第171行至第176行(大塊代碼底部的最後5行)。
感謝
<?php
if (isset ($_POST['firstname'])){
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$username = preg_replace('#[^A-Za-z0-9]#i', '', $_POST['username']); // filter everything but letters and numbers
$email = $_POST['email'];
$password = $_POST['password'];
$cpassword = $_POST['cpassword'];
$paypal_email = $_POST['paypal_email'];
$country = $_POST['country'];
$kingdom_name = $_POST['kingdom_name'];
$kingdom_motto = $_POST['kingdom_motto'];
$referal = $_POST['referal'];
$email = stripslashes($email);
$password = stripslashes($password);
$cpassword = stripslashes($cpassword);
$email = strip_tags($email);
$password = strip_tags($password);
$cpassword = strip_tags($cpassword);
// Connect to database
include_once "connect_to_mysql.php";
$emailCHecker = mysql_real_escape_string($email);
$emailCHecker = str_replace("`", "", $emailCHecker);
// Database duplicate username check setup for use below in the error handling if else conditionals
$sql_uname_check = mysql_query("SELECT username FROM user_info WHERE username='$username'");
$uname_check = mysql_num_rows($sql_uname_check);
// Database duplicate e-mail check setup for use below in the error handling if else conditionals
$sql_email_check = mysql_query("SELECT email FROM user_info WHERE email='$emailCHecker'");
$email_check = mysql_num_rows($sql_email_check);
// Error handling for missing data
if ((!$firstname) || (!$lastname) || (!$username) || (!$email) || (!$password) || (!$cpassword) || (!$paypal_email) || (!$kingdom_name) || (!$kingdom_motto)) {
$errorMsg = 'ERROR: You did not submit the following required information:<br /><br />';
if(!$firstname){
$errorMsg .= ' * Firstname<br />';
}
if(!$lastname){
$errorMsg .= ' * Lastname<br />';
}
if(!$username){
$errorMsg .= ' * Username<br />';
}
if(!$email){
$errorMsg .= ' * Email<br />';
}
if(!$password){
$errorMsg .= ' * Password<br />';
}
if(!$cpassword){
$errorMsg .= ' * Password Check<br />';
}
if(!$paypal_email){
$errorMsg .= ' * Paypal Email<br />';
}
if(!$kingdom_name){
$errorMsg .= ' * Kingdom Name<br />';
}
if(!$kingdom_motto){
$errorMsg .= ' * Kingdom Motto<br />';
}
} else if ($password != $cpassword) {
$errorMsg = 'ERROR: Your Password fields below do not match<br />';
} else if (strlen($username) < 4) {
$errorMsg = "<u>ERROR:</u><br />Your User Name is too short. 4 - 20 characters please.<br />";
} else if (strlen($username) > 20) {
$errorMsg = "<u>ERROR:</u><br />Your User Name is too long. 4 - 20 characters please.<br />";
} else if ($uname_check > 0){
$errorMsg = "<u>ERROR:</u><br />Your User Name is already in use inside of our system. Please try another.<br />";
} else if ($email_check > 0){
$errorMsg = "<u>ERROR:</u><br />Your Email address is already in use inside of our system. Please use another.<br />";
} else { // Error handling is ended, process the data and add member to database
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
$email = mysql_real_escape_string($email);
$password = mysql_real_escape_string($password);
// Add MD5 Hash to the password variable
$db_password = md5($password);
// GET USER IP ADDRESS
$ipaddress = getenv('REMOTE_ADDR');
// Add user info into the database table for the main site table
$sql = mysql_query("INSERT INTO user_info (firstname, lastname, username, email, password, country, sign_up_date)
VALUES('$firstname','$lastname','$username','$email','$password', '$country', now())")
or die (mysql_error());
$id = mysql_insert_id();
// Create directory(folder) to hold each user's files(pics, MP3s, etc.)
mkdir("members/$id", 0755);
////////////////////////////////////////////////////////////////////////
///////////////BUILDING THE USER PROFILES///////////////////////////////
$sql_id = ("SELECT * FROM user_info WHERE username = '$username'");
$result = mysql_query($sql_id);
$sql_result = mysql_fetch_array($result);
$sql = mysql_query("INSERT INTO ip_log (id, ip_log) VALUES ('$id', '$ipaddress'") or die (mysql_error());
include_once 'registration_success.php';
exit();
} // Close else after duplication checks
} else { // if the form is not posted with variables, place default empty variables so no warnings or errors show
$errorMsg = "";
$firstname = "";
$lastname = "";
$username = "";
$email = "";
$password= "";
$cpassword = "";
$paypal_email = "";
$kingdom_name = "";
$kingdom_motto = "";
$referal = "";
}
?>