1. 首頁
  2. 問答
  3. PHP-MYSQL不插入多個行

PHP-MYSQL不插入多個行

2012-10-19 72 views
1

我有我的註冊表單在HTML所有設置和工作,它運行並第一次插入一行到MySQL表,但我不能插入任何更多的行。PHP-MYSQL不插入多個行

我的PHP是: -

include "config.php"; 

$gamerid = $_POST['gamerid_create']; 
$email = $_POST['email_create']; 
$password = md5($_POST['password_create']); 
$country = $_POST ['country_create']; 

echo "<pre>"; 
print_r($_POST); 
echo "</pre>"; 

$insert = "insert into users (gamerid,email,password,country) values('$gamerid','$email','$password','$country')"; 
mysql_query($insert);

現在,當我在mysql中創建了我的表我用下面的代碼: -

CREATE TABLE users 
(
id INT primary key NOT NULL AUTO_INCREMENT, 
gamerid varchar (255) NOT NULL, 
email varchar (255) NOT NULL, 
password varchar (255) NOT NULL, 
country varchar (255) NOT NULL 
)

爲什麼沒有更多的行插入?

我的HTML如下:

<form id = "signup_form" method = "POST" action = "http://localhost:8080/quizicle/pages/register.php"> 
<table id = "signup_form_table" border = "0" class = "signup_table_body"> 
<tr class = "signup_form_tr_label"> 
<td class = "signup_form_td"><label for "gamerid" class = "signup_form_label">Create a Gamer ID:</label></td> 
<td class = "signup_form_td"><label for "email" class = "signup_form_label">Your Email:</label></td> 
<td class = "signup_form_td"><label for "password" class = "signup_form_label">Password:</label></td> 
<td class = "signup_form_td"><label for "country" class = "signup_form_label">Country:</label></td> 
<td class = "signup_form_td"></td> 
</tr> 

<tr class = "signup_form_tr"> 
<td class = "signup_form_td"><input type = "text" name = "gamerid_create" id = "gamerid_create" maxlength="50" class = "signup_form_input"/></td> 
<td class = "signup_form_td"><input type = "text" name = "email_create" id = "email_create" maxlength="50" class = "signup_form_input"/></td> 
<td class = "signup_form_td"><input type = "password" name = "password_create" id = "password_create" maxlength="50" class = "signup_form_input"/></td> 
<td class = "signup_form_td"> 
<select name = "country_create">         <option>Please select a country</option> 
<option>United Kingdom</option> 
</select> 
</td> 
<td class = "signup_form_td"><input type = "submit" value = "Sign me up!" id = "btn_register" value = "register" class = "signup_form_submit_btn"/></td> 
</tr> 
</table> 
</form>

來源

2012-10-19 Paul ' Macca' McGill

+0

我的INSERT語句沒有正確複製,它應該是: $插入=「插入到用戶(gamerid,電子郵件,密碼,國家)VALUES('$ gamerid 」, '$電子郵件', '$密碼', '$國家')「; –

+0

你能提供你的html/javascript嗎? –

+1

首先,你是* VERY VULNERABLE * SQL注入。你可以手動插入另一條記錄到數據庫中嗎? – wesside

回答

-1

這也可能是在問候你的主鍵id

讓我們改變了SQL,看看它是否工作。

$insert = "INSERT INTO users (id, gamerid, email, password, country) 
    VALUES (NULL, '{$_POST['gamerid_create']}', '{$_POST['email_create']}', 
    '{$_POST['password_create']}', '{$_POST['country_create']}');";

你使用PHP/MySQL的發展你的技能,你應該考慮一些問題:

  • 驗證擦洗你的用戶輸入。 Sql注入風險。請參閱:mysql_real_escape_string(),獲取基本幫助。

  • 您應該配置您的表格,確保您將字段類型和大小設置爲您所需的最小值,如果您不填充所有值,VARCHAR(255)將浪費大量空間。

  • 總是使用至少md5算法散列密碼。

來源

2012-10-19 18:31:27 phpisuber01

+0

他的主鍵被設置爲'自動增量' –

+0

否;不是MD5。 MD5「應該被認爲是加密破解的並且不適合進一步使用」 - http://www.kb.cert.org/vuls/id/836068 – MichaelRushton

+0

我不會建議OP繼續使用'mysql_'函數。 – Kermit

0 
<?php 

include "config.php"; 

// INPUT CLEANING FUNCTION 
function clean($str) 
{ 
    $cleaned = mysql_real_escape_string(strip_tags($str)); 
    return $cleaned; 
} 

$gamerid = clean($_POST['gamerid_create']); 
$email = clean($_POST['email_create']); 
$password = clean(md5($_POST['password_create'])); 
$country = clean($_POST ['country_create']); 


$insert = "insert into users(gamerid,email,password,country) values('$gamerid' ,'$email',' $password', '$country')";       
mysql_query($insert); 
?>
  1. 如果自動增量這是建立使用filter_var函數的輸入您標籤或標籤文本區域// 建議可選
  2. 有效的電子郵件屬性
  3. 檢查姓名檢查您的ID字段in with php
  4. 驗證密碼的長度和強度
  5. 還考慮一些命名約定
  6. 使用框架笨或LARAVEL

來源

2012-10-19 18:34:50

+0

感謝Johndave,粘貼你的代碼後它現在正在工作哈哈 –

+0

Y我們的歡迎隊友 –

相關問題

 相關問題