drgawfsf1069 2016-11-08 07:10
浏览 59
已采纳

为什么我的PHP代码没有发布到我的SQL数据库?

I am pretty sure that I don't have any errors, however, when I submit the from, I don't get a "Success" like I should when my submission is successful. The connect.php is the php file that connects to my database, and I don't get any errors from that, so I know that I am connected to my database and the header.php is the header. Nothing that would cause any errors in there. And the footer is the same thing. I know that I am connected to my database because I got an error before when I was testing my code, however, now I don't get any errors, or a "Success".

Here is my attempt:

<?php
//signup.php
include 'connect.php';
include 'header.php';

echo '<h3>Sign up</h3>';
echo '<form method="post" action="">
    Username: <input type="text" name="user_name" />
    Password: <input type="password" name="user_pass">
    Password again: <input type="password" name="user_pass_check">
    E-mail: <input type="email" name="user_email">
    <input type="submit" value="sign up" />
</form>';
if($_SERVER['REQUEST_METHOD'] === 'POST') {

    $fixed_user_name = $database_connection->real_escape_string($_POST['user_name']);
    $fixed_user_email = $database_connection->real_escape_string($_POST['user_email']);
    $now = NOW();

    $sql = "INSERT INTO users (user_name, user_pass, user_email) 
            VALUES ($fixed_user_name, $_POST['user_pass'], $fixed_user_email)";

    if($database_connection->query($sql) === TRUE){
        echo "Success";
    }
    else {
        echo "Error: " . $sql . "<br>" . $database_connection->error;
    }
}

include 'footer.php';
?>

Here is my connect.php file, as well:

<?php
//connect.php
$username   = 'root';
$password   = "root_password";
$database   = 'cloud';

$database_connection = new mysqli("localhost", $username, $password, $database);

if ($mysqli->connect_errno) {
    echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
}

echo $mysqli->host_info . "
";

?>
  • 写回答

2条回答 默认 最新

  • du3669 2016-11-08 07:37
    关注

    here's a more secure way to your script with password_hash() and prepared-statements:

    <kbd>signup.php</kbd>

    <?php
//signup.php

#include "connect.php"; // set $servername, $username, $password and $dbname there

include 'header.php';

// changed here the '' to "" and back
echo "<h3>Sign up</h3>".
    "<form method='post' action=''>
        Username: <input type='text' name='user_name' />
        Password: <input type='password' name='user_pass'>
        Password again: <input type='password' name='user_pass_check'>
        E-mail: <input type='email' name='user_email'>
        <input name='submit' type='submit' value='sign up' />
     </form>";

if(isset($_POST["submit"])) {

    include "connect.php";

    // set the user_name and user_email as a seperate variable
    $username = $_POST["user_name"];
    $email = $_POST["user_email"];
    $password = $_POST["user_pass"];
    $cpassword = $_POST["user_pass_check"];

    $fixed_user_name = mysqli_real_escape_string($conn, $username);

    $fixed_user_email = mysqli_real_escape_string($conn, $email);

    #$now = NOW();

    //check if password is not cpassword and if so, there is an error
    if ($password !== $cpassword) {
        echo "Passwords do not match!";
    }

    //NEVER store PLAINTEXT PASSWORDS... user php build_in functions like password_hash() and store only the hash
    $hash = password_hash($password, PASSWORD_DEFAULT);

    //change your db_entry user_pass to hash
    $sql = $conn->prepare("INSERT INTO users (user_name, hash, user_email) VALUES (?, ?, ?)");
    $sql->bind_param("sss", $fixed_user_name, $hash, $fixed_user_email);
    $sql->execute();

    echo "Success!";

    $sql->close();
    $conn->close();

}
include 'footer.php';
?>


    <kbd>connect.php</kbd>

    <?php
//connect.php
$servername = "localhost";
$username   = "root";
$password   = "root_password";
$dbname   = "cloud";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);

// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}
?>

    explanation is in the script with comments :)

    have a look at php.net manual for password_hash() function

    maybe this helped you

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 BP神经网络控制倒立摆
  • ¥20 要这个数学建模编程的代码 并且能完整允许出来结果 完整的过程和数据的结果
  • ¥15 html5+css和javascript有人可以帮吗?图片要怎么插入代码里面啊
  • ¥30 Unity接入微信SDK 无法开启摄像头
  • ¥20 有偿 写代码 要用特定的软件anaconda 里的jvpyter 用python3写
  • ¥20 cad图纸,chx-3六轴码垛机器人
  • ¥15 移动摄像头专网需要解vlan
  • ¥20 access多表提取相同字段数据并合并
  • ¥20 基于MSP430f5529的MPU6050驱动,求出欧拉角
  • ¥20 Java-Oj-桌布的计算