1. 首頁
  2. 問答
  3. 這是正確的方式來使用準備插入語句與OOP PHP?

這是正確的方式來使用準備插入語句與OOP PHP?

2016-07-07 28 views
0

你好,我已經寫了這個註冊頁面腳本,我想註冊用戶信息到數據庫,但我試圖通過使用準備好的插入語句與oop語法安全地做到這一點,但不知道如果我這樣做是正確的,因爲當我註冊虛擬數據,它不會把任何東西放入數據庫中。這是正確的方式來使用準備插入語句與OOP PHP?

index.php頁面

<!DOCTYPE html> 
    <html> 
    <head> 
    <title>Registration form</title> 
    <link rel="stylesheet" type="text/css" href="regisform.css"> 
    </head> 
    <body> 
     <div id="form"> 
     <div id="header"><h2>Registration Form</h2></div> 
      <form method="post" action="process.php"> 
       <label>Username:</label> 
       <input type="text" name="username" placeholder="Enter a Username please" required="required" /> 
       <label>Email:</label> 
       <input type="text" name="email" placeholder="Enter your email please" required="required" /> 
       <label>Password:</label> 
       <input type="text" name="password" placeholder="Enter a Password please" required="required" /> 
       <input type="submit" name="signup" value="Sign up"/> 
      </form> 
     </div> 
    </body> 

    </html> 

    <?php 
    include "process.php"; 
     $db = new db(); 
    if(isset($_POST['signup'])) { 
     $user = $_POST['username']; 
     $email = $_POST['email']; 
     $password = $_POST['password']; 

     $query = "INSERT INTO users (user_name, user_email, user_pass) VALUES (?, ?, ?)"; 

     $run = $db->insert($query); 
     $run->bind_param('sss', $user, $email, $password); 
     $run->execute(); 
     $run->close(); 
    } 
?>

process.php頁

<?php 

class db { 
    public $host = "localhost"; 
    public $user = "root"; 
    public $pass = ""; 
    public $db_name = "pros"; 

    public $link; 

    public function __construct(){ 
     $this->connect(); 
    } 

    private function connect() { 
     $this->link = new mysqli($this->host, $this->user, $this->pass, $this->db_name); 
    } 

    public function insert ($query) { 
     $result = $this->link->prepare($query); 
     if($result){ 
      echo "<center><h2>Registration Successfull!</h2></center>"; 
     } 
     else 
     { 
      echo "<center><h2>Registration failed!</h2></center>"; 
     } 
     return $result; 
    } 
} 

?>

來源

2016-07-07 Ramin K

+0

時候你死後會發生什麼(var_dump($ result)) – MackProgramsAlot

+0

@ user3625915我需要把這個放在哪裏?在插入功能的權利? –

+0

正確的b4ü返回 – MackProgramsAlot

回答

0

我會用一個函數或方法來完成所有的插入

public function insert_new_user($username, $email, $password){ 

    $mysqli = $this->link; 

    $sql = "INSERT INTO users" 
     . " (user_name, user_email, user_pass)" 
     . " VALUES (?, ?, ?)" 

    $stmt = $mysqli->prepare($sql); 

    $stmt->bind_param("sss", $username, $email, $password); 

    if($stmt->execute()){ 
     return "success"; 
    } else { 
     return "failed: " . $mysqli->error; 
    } 

}

來源

2016-07-08 03:33:29

相關問題

 相關問題