duanjiong1952 2013-12-14 17:38
浏览 19
已采纳

为什么这不起作用? :/ [关闭]

I don't understand why this doesn't work? It's a register form checking if fields are filled in,password is equal to retype password, and if it doesn't already exist in database.

I get this error: Parse error: syntax error, unexpected T_STRING, expecting ',' or ';' in /home/a4550840/public_html/newreg.php on line 32

But I already put a ';' at line 32 ... I don't understand why this error occurs.

Any help is appreciated :).

EDIT: Fixed that error ^ and added the mysql_real_escape_string , but it doesn't register the information to the database for some reason?

EDIT: It works now :), took away the quotations from the query

<?php

include ('connect.php');

if ($_POST['submit']) {

$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$repassword = mysql_real_escape_string($_POST['repassword']);
$email = mysql_real_escape_string($_POST['email']);

if ($username && $password && $repassword && $email){


  if ($password == $repassword) {

      $check = mysql_query("SELECT * FROM members WHERE username='$username' ");
      $countrows = mysql_num_rows($check);

      if ($countrows == 0){

          mysql_query("INSERT INTO members ('username','password','email') VALUES      ('$username','$password','$email') ");

      } else {

        echo 'Username already exists';

      }

  } else {

     echo 'Passwords don'\t match';
  }


  } else {

  echo 'Fill in the fields';  
  }

  } else {

  echo 'Register please';   

}

  ?>
  • 写回答

2条回答 默认 最新

  • dtamho6404 2013-12-14 17:41
    关注

    You have a problem here:

    echo 'Passwords don't match';

    You need scape single quote as:

    echo 'Passwords don\'t match';

    or

    echo "Passwords don't match";

    NOTE: Your code is vulnerable to sql injection, you should use mysql_real_scape_string() before to pass yours parameters as sql query.

    I suggest:

    $username = mysql_real_scape_string($_POST['username']);
$password = mysql_real_scape_string($_POST['password']);
$repassword = mysql_real_scape_string($_POST['repassword']);
$email = mysql_real_scape_string($_POST['email']);

    TIP: When your are testing (in dev environment) mysql querys, you should combine die(mysql_error()) at the end of line to check if you has a problem like as:

    mysql_query('your sql') or die(mysql_error()).

    If you have an error, this cause your app die an show the mysql error.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥50 如何用脚本实现输入法的热键设置
  • ¥20 我想使用一些网络协议或者部分协议也行,主要想实现类似于traceroute的一定步长内的路由拓扑功能
  • ¥30 深度学习,前后端连接
  • ¥15 孟德尔随机化结果不一致
  • ¥15 apm2.8飞控罗盘bad health,加速度计校准失败
  • ¥15 求解O-S方程的特征值问题给出边界层布拉休斯平行流的中性曲线
  • ¥15 谁有desed数据集呀
  • ¥20 手写数字识别运行c仿真时,程序报错错误代码sim211-100
  • ¥15 关于#hadoop#的问题
  • ¥15 (标签-Python|关键词-socket)