0
即時消息學習HTML,PHP和MySQL,我一直在跟隨一些教程,因爲我不是通過研究來學習。我有一個網站的問題,我跟着教程到最後,無論我經歷了多少次,我找不到一個問題,錯誤報告也沒有顯示任何錯誤。註冊頁面不會將數據發送到MySQL數據庫
生病給你的代碼,但我不希望有人來解決我的錯誤,併發回代碼,我會更多的人指出我的錯誤是什麼,並解釋我的錯誤,我要修復。先謝謝你。
<?php
error_reporting(E_ALL);
define('DB_HOST', 'localhost');
define('DB_NAME', 'website');
define('DB_USER', 'root');
define('DB_PASSWORD', '');
$con = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
if (isset($_POST['Register'])) {
if (!empty($_POST['Email'])) {
$query = mysqli_prepare($con, "SELECT * FROM users WHERE Email = ?");
mysqli_stmt_bind_param($query, "s", $_POST['Email']);
mysqli_stmt_execute($query);
mysqli_stmt_store_result($query);
if(mysqli_stmt_num_rows($query) != 0)
{
echo "SORRY...YOU ARE ALREADY REGISTERED USER...";
}
else
{
$query = mysqli_prepare($con, "INSERT INTO user (First_Name,Last_Name,Email,Password) VALUES ($First_Name, $Last_Name, $Email, $Password)");
mysqli_stmt_bind_param($query, "ssss", $_POST['First_Name'], $_POST['Last_Name'], $_POST['Email'], $_POST['Password']);
mysqli_stmt_execute($query);
echo "REGISTRATION SUCCESSFUL";
}
}
}
?>
<!doctype html>
<html>
<head>
<link href="CSS/master.css" rel="stylesheet" type="text/css" />
<link href="CSS/menu.css" rel="stylesheet" type="text/css" />
<meta charset="utf-8">
<title>Adult Gaming Underground</title>
</head>
<body>
<div class="Container">
<div class='Header'></div>
<div class="Menu"
<ul id="nav">
<li><a href="#">Home</a></li>
<li><a class="hsubs" href="#">Meet the team</a>
</li>
<li><a class="hsubs" href="#">Reviews</a>
<ul class="subs">
<li><a href="#">Reviews</a></li>
<li><a href="#">Hints & Tips</a></li>
</ul>
</li>
<li><a class="hsubs" href="#">Charity Events</a></li>
<li><a href="#">Store</a></li>
<li><a href="#">About Us</a></li>
<li><a href="#">Account</a>
<ul class="subs">
<li><a href="#">LogIn</a></li>
<li><a href="#">Register</a></li>
<li><a href="#">Reset Password</a></li>
</ul>
</li>
</ul>
</div>
<div class='LeftBody'></div>
<div class='RightBody'>
<form id="RegisterForm" method="POST" name="RegisterForm">
<div class="FormElement">
<input name="First_Name" type="text" required="required" class="TField" id="First_Name" placeholder="First Name">
</div>
<div class="FormElement">
<input name="Last_Name" type="text" required="required" class="TField" id="Last_Name" placeholder="Last Name">
</div>
<div class="FormElement">
<input name="Email" type="email" required="required" class="TField" id="Email" placeholder="Email">
</div>
<div class="FormElement">
<input name="Password" type="password" required="required" class="TField" id="Password" placeholder="Password">
</div>
<div class="FormElement">
<input name="Register" type="button" class="button" id="Register" value="Register">
</div>
</form>
</div>
<div class='Footer'></div>
</div>
</body>
</html>
[小博](http://bobby-tables.com/)說***腳本是在對SQL注入攻擊的風險。](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)***瞭解[編寫](http://en.wikipedia.org/ wiki/Prepared_statement)語句[MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php)。即使[轉義字符串](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string)是不安全的! –
**切勿存儲純文本密碼!**請使用***的[內置函數](http://jayblanchard.net/proper_password_hashing_with_PHP.html)***來處理密碼安全性。如果您使用的PHP版本低於5.5,則可以使用'password_hash()'[兼容包](https://github.com/ircmaxell/password_compat)。 ***在散列之前,不需要[escape passwords](http://stackoverflow.com/q/36628418/1011527)***或使用其他任何清理機制。這樣做*更改密碼並導致不必要的附加編碼。 –
順便說一下,好的網頁標題 – HddnTHA