2013-05-08 166 views
0

我很努力地從MySQL掌握PDO,這裏是我的註冊表格。PDO註冊表格

我收到的錯誤對我來說不太合理,任何人都可以幫我完成註冊表嗎?

<? include 'includes/overall/head.php'; 
include 'core/init.php';?> 
<div id="page" class="container"> 
<div id="box1"> 
    <h2 class="title"><? echo $welcome; ?></h2> 
    <div style="clear: both;">&nbsp;</div> 
    <div class="entry"> 
     <form method="POST" action="process_user.php"> 
     Username*: <br/> 
     <input type="text" name="username" /><br/> 
     Password*: <br/> 
     <input type="password" name="password" /><br/> 
     Confirm Password*: <br/> 
     <input type="password" name="password_confirm" /><br/> 
     Email*: <br/> 
     <input type="text" name="email" /><br/> 
     Confirm Email*: <br/> 
     <input type="text" name="email_confirm" /><br/> 
     <?require_once('recaptchalib.php'); 
     $publickey = "*****"; 
     echo recaptcha_get_html($publickey);?> 
     <input type="submit" name="submit" value="Register"> 
     </form> 
    </div> 
</div> 
<? include 'includes/overall/footer.php'; ?> 

這是prcess_user.php

<? include 'includes/overall/head.php'; 
include 'core/init.php';?> 
<div id="page" class="container"> 
<div id="box1"> 
    <h2 class="title"><? echo $welcome; ?></h2> 
    <div style="clear: both;">&nbsp;</div> 
    <div class="entry"> 
     <? 
      require_once('recaptchalib.php'); 
      $privatekey = "*****"; 
      $resp = recaptcha_check_answer ($privatekey, 
              $_SERVER["REMOTE_ADDR"], 
              $_POST["recaptcha_challenge_field"], 
              $_POST["recaptcha_response_field"]); 

      if (!$resp->is_valid) { 
      die ("The reCAPTCHA wasn't entered correctly. Go back and  try it again."); 
      } else { 

     if (empty($_POST) === false) { 
      $required_fields = array('username', 'password', 'password_confirm', 'email', 'email_confirm'); 
      foreach($_POST as $key=>$value) { 
       if (empty($value) && in_array($key, $required_fields) === true) { 
       $errors[] = 'Fields marked with an asterisk are required.'; 
       break 1; 
       } 
      } 
     } 
     if (empty($errors) === true) { 
       if(user_exists($_POST['username'] === true)) { 
        $errors[] = 'Sorry, the username \''.$_POST['username'].'\' is already taken.'; 
       } 
       if (preg_match("/\\s/", $_POST['username'] == true)) { 
        $errors[] = 'Your username cannot contain any spaces'; 
       } 
       if (strlen($_POST['password']) < 6 || strlen($_POST['password'] > 32)) { 
        $errors[] = 'Your password must be between 6 and 32 characters'; 
       } 
       if ($_POST['password'] !==  $_POST['password_confirm']) { 
        $errors[] = 'Your passwords did not match'; 
       } 
       if (filter_var($_POST['email'],  FILTER_VALIDATE_EMAIL) === false) { 
        $errors[] = 'Please enter a valid email address.'; 
       } 
       if (email_exists($_POST['email']) === true) { 
        $errors[] = 'The email address  \''.$_POST['email'].'\' is arealdy registered.'; 
       }     
      }     
     } 
     if (isset($_GET['success']) && empty($_GET['success'])) { 
      echo 'You\'ve been successfully registered, please check  your email inbox to activate your account'; 
     } else { 
      if (empty($_POST) === false && empty($errors) === true) { 
       $register_data = array(
        'username' => $_POST['username'], 
        'password' => $_POST['password'], 
        'email' => $_POST['email'], 
        'email_code' => md5($_POST['username'] +   microtime()) 
       ); 
       register_user($register_data); 
       header('location: register.php?success'); 
       exit(); 
      } else if(empty($errors) === false) { 
       echo output_errors($errors); 
      } 

      //LINK TO GO BACK AND TRY AGAIN 
     } 

     ?> 
    </div> 
</div> 
<? include 'includes/overall/footer.php'; ?> 

最後,功能與他們

<?php 
function user_exists($username) { 
$username = sanitize($username); 
$query = "SELECT COUNT(`user_id`) FROM `users` WHERE `username` = `$username`"; 
$stmt = $dbh->prepare($query); 
$stmt->execute(); 
return ($stmt->rowCount() == 1) ? true : false; 
} 
function email_exists($email) { 
$email = sanitize($email); 
$query = "SELECT COUNT (`user_id`) FROM `users` WHERE `email` = $email"; 
$stmt = $dbh->prepare($query); 
$stmt->execute(); 
return ($stmt->rowCount() == 1) ? true : false; 
} 
function register_user($register_data) { 
array_walk($register_data, 'array_sanitize'); 
$register_datapw = $register_data['password']; 
require ('../../includes/blowfish.class.php'); 
$bcrypt = new Bcrypt(4); 
$register_data['password'] = $bcrypt->hash($_POST['password']); 

$fields = '`' . implode('`, `', array_keys($register_data)) . '`'; 
$data = '\'' . implode('\', \'', $register_data) . '\''; 

$query = "INSERT INTO `USERS` ($fields) VALUES ($data)"; 
$stmt->prepare($query); 
$stmt->execute(); 
} 
?> 

去這是錯誤我收到

[08-May-2013 09:44:52 America/Denver] PHP Parse error: syntax error, unexpected '$' in .../process_user.php on line 50這是 if (isset($_GET['success']) && empty($_GET['success'])) {

+2

此錯誤與PDO無關,也不與表單處理有關。這是PHP語法問題。你需要首先學習正確的PHP語法 – 2013-05-08 23:27:46

+0

'echo $ query;'在'register_user'中,它可能會有意義... – RafH 2013-05-08 23:30:45

回答

1

PHP中的empty()函數有一些非常奇怪的語義。每the fine manual

在PHP 5.5之前,empty()只支持變量;其他任何東西都會導致解析錯誤。換句話說,以下內容不起作用:empty(trim($name))。相反,使用trim($name) == false

同樣,您將需要使用$_GET['success'] == false而不是empty($_GET['success'])


順便說一句:您正在使用PDO,這是很好的,但你仍然插值用戶輸入到你的SQL查詢,這是非常,非常,非常糟糕。瞭解如何在繼續之前正確使用綁定變量的PDO。

+0

非常感謝您的意見,我一定會檢查一下。 – user2305310 2013-05-08 23:40:19