2014-09-03 188 views
-3

我得到這些錯誤:警告:mysql_real_escape_string()是什麼意思?

警告:mysql_real_escape_string()[function.mysql實時逃逸字符串]:拒絕訪問用戶 'a2955851' @ 'localhost' 的(使用密碼:NO)在/ home /a2955851/public_html/register.php on line 25

警告:mysql_real_escape_string()[function.mysql-real-escape-string]:訪問拒絕用戶'a2955851'@'localhost'(使用密碼:NO) /home/a2955851/public_html/register.php on line 26

我得到這些錯誤:

警告:mysql_real_escape_string()[function.mysql實時的逃逸字符串]:到服務器的鏈接不能在/home/a2955851/public_html/register.php在線25上建立

警告:mysql_real_escape_string()[function.mysql實時逃逸字符串]:到服務器的連接不能在/home/a2955851/public_html/register.php在線成立26

有我的代碼:

 <!doctype html> 
    <html lang"fi"> 
     <head> 
     <link rel="icon" type='image/png' href='images/logo.png'> 
     <title> ASD</title> 
     <link href="css/styles.css" type="text/css" rel="stylesheet"> 
    </head> 
    <body> 
     <!--reg alkaa--> 
     <form action="register.php" method="post"> 
      <p><input type="text" name="username" placeholder="Username"> 
      <p><input type="email" name="email" placeholder="Email"> 
      <p><input type="password" name="pass" placeholder="Password"> 
      <p><input type="password" name="pass1" placeholder="Password"> 
      <p><input type="submit" name="submit" value="Register"> 
     </form> 
    <?php 

    if (isset($_POST['submit'])) { 
     $username = mysql_real_escape_string($_POST['username']); 
     $pass = mysql_real_escape_string($_POST['pass']); 
     $pass1 = mysql_real_escape_string($_POST['pass1']); 
     $email = mysql_real_escape_string($_POST['email']); 

     if ($username && $pass && $pass1 && $email) { 
      if ($pass==$pass1) { 
       $connect = mysql_connect("mysql13.000webhost.com","a2955851_SW","********"); 
       mysql_select_db("a2955851_SW"); 
       $query = mysql_query("INSERT INTO users VALUES('$username','$pass','$email');"); 
       echo "You have been registered."; 
      } else { 
       echo "Password must match."; 
      } 
     } else { 
      echo "All fields are required."; 
     } 
    } 

    ?> 
     <!--reg loppuu--> 

     <Center> 
     <a href="index.php"> 
      <h1> ASD </h1> 
     </center> 
     </a> 


     <div id="main"> 
      <h3> 
      <div class="menu"> <a href="index.php">Etusivu</a> &bullet;  
       <a href="https://www.google.fi/">Kaikkee</a> &bullet; 
       <a href="https://www.mediafire.com/">Lataukset</a> </div> 
      </h3> 
     </div> 

     <div class="jonne"> </div> 
     <script src="javascript/jquery.js"></script> 
    </body> 
</html> 

我做錯了什麼?我使用000webhost,我是noob。我的英語能力很差,對不起。

+1

你需要連接「第一個」,然後才能使用mysql_real_escape_string()' – 2014-09-03 16:28:56

+0

怎麼樣?我是小白,你能幫我多一點嗎? – user3774980 2014-09-03 16:29:34

+0

這是您將獲得的最佳幫助:使用[** CRYPT_BLOWFISH **](http://security.stackexchange.com/q/36471)或PHP 5.5的['password_hash()'](http ://www.php.net/manual/en/function.password-hash.php)功能。對於PHP <5.5,使用['password_hash()兼容包]](https://github.com/ircmaxell/password_compat)。另外,[**使用準備好的語句**](http://www.php.net/manual/en/mysqli.quickstart.prepared-statements.php)或[**使用準備好的語句**的PDO](http ://php.net/pdo.prepared-statements)。 – 2014-09-03 16:30:35

回答

0

需要在real_escape之前連接。我建議你使用mysqli。你可以試試這個。

$connect = mysqli_connect("mysql13.000webhost.com","a2955851_SW","********"); 

if(isset($_POST['submit'])) 
{ 
    $username = mysqli_real_escape_string($connect, $_POST['username']); 
    $pass = mysqli_real_escape_string($connect, $_POST['pass']); 
    $pass1 = mysqli_real_escape_string($connect, $_POST['pass1']); 
    $email = mysqli_real_escape_string($connect, $_POST['email']); 
    if($username && $pass && $pass1 && $email) 
    { 
     if($pass==$pass1) 
     { 
      mysqli_select_db($connect, "a2955851_SW"); 
      $query = mysqli_query($connect, "INSERT INTO users VALUES('$username','$pass','$email');"); 
      echo "You have been registered."; 
     } 
     else 
     { 
      echo "Password must match."; 
     } 
    } 
    else 
    { 
     echo "All fields are required."; 
    } 
} 
相關問題