doukengsha9472
doukengsha9472
2019-05-01 23:55

表单输入不会POST到MYSQL,但会在屏幕上显示

已采纳

The form sends the data to this page. The print_r outputs everything I want to put into the table onscreen to check it's there, but nothing goes to the table. I have only managed to populate the table manually in phpmyadmin. Iam sorry if it's a really easy fix - I have only been learning for two weeks!
There are no errors showing in the logs or on screen when I run the page. The print_r does echo the array as it should be but nothing appears in the table

<?php


session_start();
// Change this to your connection info.
$DATABASE_HOST = 'localhost';
$DATABASE_USER = 'root';
$DATABASE_PASS = '';
$DATABASE_NAME = 'users';

$username = ($_POST['username']);
$password = ($_POST['password']);
$companyName = ($_POST['companyName']);
$confirmPassword = ($_POST['confirmPassword']);

// Try and connect using the info above.
$con = mysqli_connect($DATABASE_HOST, $DATABASE_USER, $DATABASE_PASS, 
$DATABASE_NAME);
if (mysqli_connect_errno()) {
    // If there is an error with the connection, stop the script and 
    display the error.
    die ('Failed to connect to MySQL: ' . mysqli_connect_error());


    }



    print_r ($_POST);


    // Now we check if the data was submitted, isset() function will check 
    //if  the data exists.
    if (!isset($_POST['username'], $_POST['password'], 
    $_POST['companyName'])) {
    // Could not get the data that should have been sent.
    die ('Please complete the registration form!');
    }

    // Make sure the submitted registration values are not empty.
    if (empty($_POST['username']) || empty($_POST['password']) || 
    empty($_POST['companyName'])) {
    // One or more values are empty.
    die ('Please complete the registration form');
    }
    print_r ($_POST);

    // We need to check if the account with that username exists.
    if ($stmt = $con->prepare('SELECT id, password FROM phplogin WHERE 
    username = ?')) {
    // Bind parameters (s = string, i = int, b = blob, etc), hash the 
    //password using the PHP password_hash function.
    $stmt->bind_param('s', $_POST['username']);
    $stmt->execute();
    $stmt->store_result();

     // Store the result so we can check if the account exists in the 
    // database.
     if ($stmt->num_rows > 0) {
    // Username already exists
    echo 'Username exists, please choose another!';
    } else {
    // Username doesnt exists, insert new account
    /* $stmt = $con->prepare('INSERT INTO phplogin (username, password, 
      companyName ) VALUES (?, ?, ?)');*/ 

    if (false !== true){
        /* We do not want to expose passwords in our database, so hash the 
        password and use password_verify when a user logs in.
        $password = password_hash($_POST['password'], PASSWORD_DEFAULT);
        $stmt->bind_param('sss', $_POST['$username'], $password, 
        $_POST['$companyName']);
        $stmt->execute();*/
        $sql = 'INSERT INTO phplogin (username, password, companyName ) 
        VALUES ($username, $password, $companyName)';
        echo 'You have successfully registered, you can now login!';
        echo ("  ".$password." ".$username."  ".$companyName);
        echo '  well done';

    } else {
        /* Something is wrong with the sql statement, check to make sure accounts table exists with all 3 fields.*/
        echo 'Could not prepare the new statement!';
        print_r ($_POST);
        }
        }
        }



        $con->close();

        ?>
  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答

1条回答

  • drgovyk64676 drgovyk64676 2年前
    //$sql = 'INSERT INTO phplogin (username, password, companyName ) VALUES ($_POST[username], $password, $_POST[companyName])';
    

    PHP thinks it should execute VALUES even though it is not any proper action. Use /* THIS IS COMMENT */ because it prevents stuff like this happening.

    Also as a side note: Do not assign values in if statement. You can assign $stmt on its own line and just check

    If($stmt === true) {}
    

    Or

    If($stmt !== true) {}
    

    You get the point.

    Also another side note is that you should prefer using PDO. It is alot of easier to handle and understand because of ts syntax and it makes OOP much much more easier. Mysqli is ok to use, but i personally do not recommend using it.

    点赞 评论 复制链接分享

为你推荐