doufei3561
doufei3561
2015-10-08 15:48
浏览 240
已采纳

connect_error什么也不返回,但代码不起作用

It always returns empty connect_error value. It connects to mySQL properly. I want to create simple registering system on my page. I'm new to PHP and HTML, so I don't know what is wrong in this code. MySQL works properly, I think, so maybe something is wrong with my SQL code?

This is my PHP code:

<?php
$link = @new mysqli('valid localhost', 'valid user', 'valid password', 'valid database');
if ($link->connect_error!=0) {
    die('Could not connect: ' . $link->connect_error); 
}

$login = $_POST['login'];
$password = $_POST['password'];
$confirm = $_POST['confirmpassword'];
$email = $_POST['email'];

$result = mysql_query($sql, "SELECT COUNT(*) AS num_rows FROM `users` WHERE username='{$login}' LIMIT 1;");
$row = mysql_fetch_array($sql, $result);
if($row["num_rows"] < 0){
    header('Location: index.php');
    return;
}

if($password != $confirm) {
    header('Location: index.php');
    return;
}


$login = htmlentities($login, ENT_QUOTES, "UTF-8");
$password = htmlentities($password, ENT_QUOTES, "UTF-8");
$email = htmlentities($email, ENT_QUOTES, "UTF-8");

$sql = sprintf("INSERT INTO `users` (`username`, `password`, `email`) VALUES
('%s', '%s', '%s');",
mysqli_real_escape_string($link, $login),
mysqli_real_escape_string($link, $password),
mysqli_real_escape_string($link, $email));
if (mysql_query($sql, $link)) {
    echo "User created successfully!
";
} else {
    echo 'Error creating user: ' . $link->connect_error . "
";
}
?>

HTML code:

<!DOCTYPE HTML>
<html lang="en">
<head>
    <meta charset="utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
    <title>Awesome title</title>
</head>

<body>

    Register<br /><br />

    <form action="register.php" method="post">

        Login: <br /> <input type="text" name="login" /> <br />
        Email: <br /> <input type="email" name="email" /> <br />
        Password: <br /> <input type="password" name="password" /> <br />
        Confirm password: <br /> <input type="password" name="confirmpassword" /> <br /><br />
        <input type="submit" value="Register" />

    </form>
</body>
</html>

and MySQL table:

CREATE TABLE IF NOT EXISTS `users` (
  `username` text collate utf8_polish_ci NOT NULL,
  `password` text collate utf8_polish_ci NOT NULL,
  `email` text collate utf8_polish_ci NOT NULL
) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_polish_ci;

This is what I get:

Error creating user:

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

3条回答 默认 最新

  • dongshi4773
    dongshi4773 2015-10-08 15:55
    已采纳

    Change

    echo 'Error creating user: ' . $link->connect_error . " ";

    to

    echo 'Error creating user: ' . $link->error . " ";

    Also, you're mixing mysql and mysqli, and mixing object oriented with procedural.

    Try this:

    <?php
    $link = @new mysqli('valid localhost', 'valid user', 'valid password', 'valid database');
    if ($link->connect_error) {
        die('Could not connect: ' . $link->connect_error); 
    }
    
    $login = $_POST['login'];
    $password = $_POST['password'];
    $confirm = $_POST['confirmpassword'];
    $email = $_POST['email'];
    
    $result = $link->query("SELECT COUNT(*) AS num_rows FROM `users` WHERE username='{$login}' LIMIT 1;");
    $row = $result->fetch();
    if($result->num_rows < 0){
        header('Location: index.php');
        return;
    }
    
    if($password != $confirm) {
        header('Location: index.php');
        return;
    }
    
    
    $login = htmlentities($login, ENT_QUOTES, "UTF-8");
    $password = htmlentities($password, ENT_QUOTES, "UTF-8");
    $email = htmlentities($email, ENT_QUOTES, "UTF-8");
    
    $sql = sprintf("INSERT INTO `users` (`username`, `password`, `email`) VALUES
    ('%s', '%s', '%s');",
    $link->real_escape_string($login),
    $link->real_escape_string($password),
    $link->real_escape_string($email));
    if ($link->query($sql)) {
        echo "User created successfully!
    ";
    } else {
        echo 'Error creating user: ' . $result->error . "
    ";
    }
    ?>
    
    点赞 评论
  • dqg2269
    dqg2269 2015-10-08 16:19

    This code is causing you some trouble. First of all, you are mixing APIs. Here with mysql_* (which is deprecated), while your connection is OOP MySQLi (you cannot mix MySQL APIs).

    if (mysql_query($sql, $link)) {
        echo "User created successfully!
    ";
    } else {
        echo 'Error creating user: ' . $link->connect_error . "
    ";
    }
    

    You should have something like this instead, sticking purely with one style: as I recommend (which you started doing) with OOP MySQLi.

    if ($link->query($sql)) {
        echo "User created successfully!
    ";
    } else {
        echo 'Error creating user: ' . $link->connect_error . "
    ";
    }
    

    This code is kind of poorly written. It makes your SQL query being broken.

    $sql = sprintf("INSERT INTO `users` (`username`, `password`, `email`) VALUES
    ('%s', '%s', '%s');",
    mysqli_real_escape_string($link, $login),
    mysqli_real_escape_string($link, $password),
    mysqli_real_escape_string($link, $email));
    

    It seems like you are trying to prevent SQL-injection? May I suggest usage of prepared statements instead? This is the modern standard, and looks better.

    if (!$stmt = $link->prepare("INSERT INTO users (username, password, email) VALUES (?, ?, ?)")) {
        // Something went wrnog, here handle it
        return false;
    }
    $stmt->bind_param('sss', $login, $password, $email)
    $stmt->execute();
    $stmt->close();
    

    In the pind_param the first parameter is sss - this stands for string, string, string - as your $login, $password, $email are all strings. Note that this number must match the number of question-marks in prepare. You should also do the same for your first query, where you select

    点赞 评论
  • dongshi1148
    dongshi1148 2015-10-08 16:53

    change

    if (mysql_query($sql, $link)) {
        echo "User created successfully!
    ";
    } else {
        echo 'Error creating user: ' . $link->connect_error . "
    ";
    }
    

    to

    if ($link->query($sql)) {
        printf("User created successfully!
    ");
    }
    

    This should work for you.

    点赞 评论

相关推荐