douchushao7799 2013-11-13 18:00
浏览 35
已采纳

PHP注册脚本使用预准备语句

I have got the following registration code, it SEEMS to be working but it isn't actually inserting the entered information into my table. It all runs with no errors showing up, and the "echo 'end';" is displaying.

Edit, updated code: Now get this error

Warning: mysqli_stmt::bind_param(): Number of elements in type definition string doesn't match number of bind variables in C:\xampp\htdocs\ppa\test.php on line 19

Which is this line:

$insert_stmt->bind_param($email, $password, $random_salt, $user);

PHP:

   <?php
include "includes/db_connect.php";

if (isset($_POST['email'], $_POST['p'])) {
    $email = $_POST['email'];
    //Default user perms
    $perms = "user";

    $password = hash('sha512', $_POST['p']); //Need to add JavaScript to hash password before it gets here
    //Create random salt
    $random_salt = hash('sha512', uniqid(mt_rand(1, getrandmax()), true));

    //Create salted password
    $password = hash('sha512', $password.$random_salt);

    //Add insert to database script
    //Use prepared statements!
    if ($insert_stmt = $mysqli->prepare("INSERT INTO users (email, password, salt, perms) VALUES (?, ?, ?, ?)")) {
        $insert_stmt->bind_param($email, $password, $random_salt, $perms);
        $insert_stmt->execute();
    }
    echo "Email: ".$email."<br />";
    echo "Password: ".$password."<br />";
    echo "Random Salt: ".$random_salt."<br />";
    echo "Permissions: ".$perms."<br />";
}
?>

This is my db_connect.php page

<?php
define("HOST", 'localhost');
define("USER", 'ppa_user');
define("PASSWORD", 'password');
define("DATABASE", 'ppa');

$mysqli = new mysqli(HOST, USER, PASSWORD, DATABASE);

if ($mysqli->connect_errno) {
    //No database found, redirect to setup
    $url = "http://".$_SERVER['HTTP_HOST'].'/ppa/setup.php';
    header('Location: '.$url);
}
?>
  • 写回答

3条回答 默认 最新

  • dongyanju1094 2013-11-13 18:41
    关注

    In order to close this question as being answered, have come to the conclusion the OP needed to use the following code:

    $insert_stmt->bind_param("ssss", $email, $password, $random_salt, $perms);
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥15 matlab数字图像处理频率域滤波
  • ¥15 在abaqus做了二维正交切削模型,给刀具添加了超声振动条件后输出切削力为什么比普通切削增大这么多
  • ¥15 ELGamal和paillier计算效率谁快?
  • ¥15 file converter 转换格式失败 报错 Error marking filters as finished,如何解决?
  • ¥15 ubuntu系统下挂载磁盘上执行./提示权限不够
  • ¥15 Arcgis相交分析无法绘制一个或多个图形
  • ¥15 关于#r语言#的问题:差异分析前数据准备,报错Error in data[, sampleName1] : subscript out of bounds请问怎么解决呀以下是全部代码:
  • ¥15 seatunnel-web使用SQL组件时候后台报错,无法找到表格
  • ¥15 fpga自动售货机数码管(相关搜索:数字时钟)
  • ¥15 用前端向数据库插入数据,通过debug发现数据能走到后端,但是放行之后就会提示错误