2013-03-24 460 views
0

對不起,我是PHP新手,請耐心等待。我正在創建一個用戶界面,當我註冊時說我已經註冊,但它不會將數據存儲到數據庫中。有人可以幫幫我嗎!爲什麼數據不會存儲在我的數據庫中?

<?PHP 
$uname = ""; 
$pword = ""; 
$errorMessage = ""; 
$num_rows = 0; 

function quote_smart($value, $handle) { 

    if (get_magic_quotes_gpc()) { 
     $value = stripslashes($value); 
    } 

    if (!is_numeric($value)) { 
     $value = "'" . mysql_real_escape_string($value, $handle) . "'"; 
    } 
    return $value; 
} 

if ($_SERVER['REQUEST_METHOD'] == 'POST'){ 


    $uname = $_POST['username']; 
    $pword = $_POST['password']; 

    $uname = htmlspecialchars($uname); 
    $pword = htmlspecialchars($pword); 

    $uLength = strlen($uname); 
    $pLength = strlen($pword); 

    if ($uLength >= 10 && $uLength <= 20) { 
     $errorMessage = ""; 
    } 
    else { 
     $errorMessage = $errorMessage . "Username must be between 10 and 20 characters" . "<BR>"; 
    } 

    if ($pLength >= 8 && $pLength <= 16) { 
     $errorMessage = ""; 
    } 
    else { 
     $errorMessage = $errorMessage . "Password must be between 8 and 16 characters" . "<BR>"; 
    } 



    if ($errorMessage == "") { 

    $user_name = "root"; 
    $pass_word = ""; 
    $database = "user authentication"; 
    $server = "127.0.0.1"; 

    $db_handle = mysql_connect($server, $user_name, $pass_word); 
    $db_found = mysql_select_db($database, $db_handle); 

    if ($db_found) { 

     $uname = quote_smart($uname, $db_handle); 
     $pword = quote_smart($pword, $db_handle); 


     $SQL = "SELECT * FROM login WHERE USERNAME = $uname"; 
     $result = mysql_query($SQL); 
     $num_rows = mysql_num_rows($result); 

     if ($num_rows > 0) { 
      $errorMessage = "Username already taken"; 
     } 

     else { 

      $SQL = "INSERT INTO login (L1, L2) VALUES ($uname, md5($pword))"; 

      $result = mysql_query($SQL); 

      mysql_close($db_handle); 

     //================================================================================= 
     // START THE SESSION AND PUT SOMETHING INTO THE SESSION VARIABLE CALLED login 
     // SEND USER TO A DIFFERENT PAGE AFTER SIGN UP 
     //================================================================================= 

      session_start(); 
      $_SESSION['login'] = "1"; 

      header ("Location: page1.php"); 

     } 

    } 
    else { 
     $errorMessage = "Database Not Found"; 
    } 




    } 

} 


?> 

    <html> 
    <head> 
    <title>Basic Login Script</title> 


    </head> 
    <body> 


<FORM NAME ="form1" METHOD ="POST" ACTION ="signup.php"> 

Username: <INPUT TYPE = 'TEXT' Name ='username' value="<?PHP print $uname;?>" maxlength="20"> 
Password: <INPUT TYPE = 'TEXT' Name ='password' value="<?PHP print $pword;?>" maxlength="16"> 

<P> 
<INPUT TYPE = "Submit" Name = "Submit1" VALUE = "Register"> 


</FORM> 
<P> 

<?PHP print $errorMessage;?> 

    </body> 
    </html> 
+0

你做回聲mysql_error? – 2013-03-24 19:09:38

+0

替換 $ SQL =「SELECT * FROM login WHERE USERNAME = $ uname」; 與 $ SQL =「SELECT * FROM login WHERE USERNAME ='」。$ uname。「'」; 和 替換 $ SQL =「INSERT INTO login(L1,L2)VALUES($ uname,md5($ pword))」;; (''。。$ uname。'','「.md5($ pword)。」')「; 同時檢查mysql_error(); – Arvind 2013-03-24 19:17:41

+1

這個問題與[tag:eclipse]有什麼關係,還是因爲您使用的是Eclipse而標記的? – 2013-03-24 19:34:56

回答

0

您可能還需要而使用PDO的,那麼你就不必做用戶輸入的清理作爲PDO會照顧的,對於你。你可能想創造的是把你所有的連接細節像這樣的文件:

<?php 

      define('DB_HOST', 'localhost'); 
      define('DB_NAME', 'user authentication'); 
      define('DB_USER', 'root'); 
      define('DB_PASS', ''); 
      define('DSN', 'mysql:host='. DB_HOST . ';dbname=' . DB_NAME); 

    ?> 

然後,您可能希望創建一個類來完成,如連接到數據庫:

<?php 

    class database{ 

    public function databaseConnect(){ 
      /*Creates a new instance of the PDO called $db. 
      * NOTE: the use of DSN, DB_USER and so on. These variable live in the dbsettings file. 
      */ 
      $db = new PDO(DSN,DB_USER,DB_PASS); 
      $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 
      return $db; 
     } 
    } 

?> 

這時,你可能想創建一個類來註冊您的用戶,如:

<?php 

    //Include the database class file to allow access to properties and methods within that class. 
    require_once 'class.database.php'; 


    //echo 'I am database class file now included in the users class file. <br />'; 

    //This method will be user to check if the user enter the correct username password pair. 
    class users{ 


     public function checkValidUser($username){ 
      $userExists = false; 
      try { 
       $db = database::databaseConnect(); 

       $stmt = $db->prepare('SELECT uname FROM table WHERE uname=:username'); 
       $stmt->bindParam(':uname', $username, PDO::PARAM_STR); 
       $stmt->execute(); 

       if ($stmt->rowCount() == 1){ 
        $userExists = true; 
       } 

       $db = null; 

      } catch (PDOException $e) { 
       $userExists = false; 
      } 
      return $userExists; 
     } 

     public function addUser($firstname, $lastname, $username,$password){ 
      $success = true; 
      //Connect to the database 
      try { 
       $db = database::databaseConnect(); 
       //$db->databaseConnect(); 

       $stmt = $db->prepare('INSERT INTO table (FirstName, LastName, Username, Password) VALUES (:firstname, :lastname, :username, :password)'); 
       $stmt->bindParam(':firstname', $firstname, PDO::PARAM_STR); 
       $stmt->bindParam(':lastname', $lastname, PDO::PARAM_STR); 
       $stmt->bindParam(':username', $username, PDO::PARAM_STR); 
       $stmt->bindParam(':password', $password, PDO::PARAM_STR); 
       $success = $stmt->execute(); 

       if ($success){ 

        $success = true; 
       } 

       $db = null; 

      } catch (PDOException $e) { 
       //echo 'There was an error adding a new user. Please go back and try again. If this problem persits please contact the administrator.'; 
       $success = false; 
      } 
      return $success; 
     } 


?> 

希望這可以幫助。

0

enter link description here$SQL = "INSERT INTO login (L1, L2) VALUES ($uname, md5($pword))";

你不插入值插入適當的領域,它出現。您將$uname插入L1並將md5($pword)插入到L2中,但在上面的選擇查詢中,您爲用戶名擁有不同的字段名稱,並且我認爲密碼也是相同的。

$SQL = "SELECT * FROM login WHERE USERNAME = $uname";

最有可能的,你的插入查詢應該是這樣的:

$SQL = "INSERT INTO login (USERNAME, PASSWORD) VALUES ('{$uname}', MD5('{$pword}'))";

我因爲想必他們都是字符串添加各地的用戶名和密碼單引號。另外,我在變量中添加了大括號,以便從PHP中分離什麼是SQL。

最後一兩件事,我會檢查與這樣PDOWillem suggested

相關問題