doutan3463
doutan3463
2018-09-27 14:09
浏览 52
已采纳

如何导航html表单并使用php mysql保存输入而不进入.php文件页面?

I have 2 html forms. first page is registration page and next is login page. I managed to send the input from registration page to mysql using a php file named connect.php. the 'proceed' button in registration page will navigate to the php file but now i want the 'proceed' button in registration page link to login page and not the connect.php file nd update mysql. i tried putting the connect.php's codes into the registration page's html code but it didnt seem to work. Where should i put the php code in my html code and am i suppose to use bootstrap?

this is my connect.php code:

<?php

$name = $_POST['name'];
$age = $_POST['age'];
$gender = $_POST['gender'];
$email = $_POST['email'];
$username = $_POST['username'];
$password = $_POST['password'];

$host = "localhost";
$dbusername = "root";
$dbpassword = "";
$dbname = "ktm_member";

//Create connection
$conn = new mysqli($host, $dbusername, $dbpassword, $dbname);

if (!empty($username))
{
    if (!empty($password))
    {

        if (mysqli_connect_error())
        {
            die ('Connect error('.mysqli_connect_errno().')'.mysqli_connect_error());
        }
        else
        {
            $sql = "INSERT INTO `member list`(`name`, `age`, `gender`, `email`, `username`, `password`) VALUES ('$_POST[name]', '$_POST[age]', '$_POST[gender]', '$_POST[email]', '$_POST[username]', '$_POST[password]')";
            if ($conn->query($sql))
            {
                echo "New record added successfully.";
            }
            else
            {
                echo "Error".$sql."<br>".$conn->error;
            }
            $conn->close();
        }
    }
    else
    {
        echo "Password should not be empty";
    }
}
else
{
    echo "Username should not be empty";
    die();
}

?>

and this is my registration page html code:

<!doctype html>
<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> 
<title>Register Page</title>

<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="./W3.CSS Template_files/w3.css">
<link rel="stylesheet" href="./W3.CSS Template_files/css">
<link rel="stylesheet" href="style.css">
<style>
body,h1 {font-family: "Raleway", sans-serif}
body, html {height: 100%}
.bgimg {
    background-image: url('forestbridge.jpg');
    min-height: 100%;
    background-position: center;
    background-size: cover;
}
</style>
</head>
<body><div class="bgimg w3-display-container w3-animate-opacity w3-text-white"><div class="w3-display-middle">
<center><h2>Register</h2></center>
      <form name="form1" method="post" action="welcomeloginpage.php" autocomplete = "off">
        <p class="w3-large w3-center">
          <label for="name">Name: </label>
          <input type="text" name="name" id="name" placeholder="Your full name" autofocus required>
        </p>
        <p class="w3-large w3-center">
          <label for="age">Age: </label>
          <input type="number" name="age" id="age">
        </p>
        <p class="w3-large w3-center">
          <label for="gender">Gender: </label>
          <input type="radio" name="gender" value="M"> Male
          <input type="radio" name="gender" value="F"> Female<br> <id="gender">
        </p>
        <p class="w3-large w3-center">
          <label for="email">Email: </label>
          <input type="email" name="email" id="email" placeholder="xxx@xx.xx">
        </p> 
        <p class="w3-large w3-center">
          <label for="username">Username: </label>
          <input type="text" name="username" id="username">
        </p>
        <p class="w3-large w3-center">
          <label for="password">Password: </label>
          <input type="password" name="password" id="password" maxlength="10" placeholder="password" data-toggle="password">
        </p>
        <p style="text-align: center;">
          <input type="submit" name="submit" id="submit" value="Submit">
        </p>
      </form>
  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • dongtuojuan8998
    dongtuojuan8998 2018-09-27 14:21
    已采纳

    If you want your connect.php script to send the user to another page if the registration is successful then you use a header() command like this

    <?php
    
    $name = $_POST['name'];
    $age = $_POST['age'];
    $gender = $_POST['gender'];
    $email = $_POST['email'];
    $username = $_POST['username'];
    $password = $_POST['password'];
    
    $host = "localhost";
    $dbusername = "root";
    $dbpassword = "";
    $dbname = "ktm_member";
    
    //Create connection
    $conn = new mysqli($host, $dbusername, $dbpassword, $dbname);
    
    if (!empty($username)) {
        if (!empty($password)) {
    
            if (mysqli_connect_error()) {
                die ('Connect error('.mysqli_connect_errno().')'
                        .mysqli_connect_error());
            } else {
    
                // this query style is very dangerous see note below
                $sql = "INSERT INTO `member list`
                            (`name`, `age`, `gender`, 
                             `email`, `username`, `password`) 
                        VALUES ('$_POST[name]', '$_POST[age]', '$_POST[gender]', 
                                '$_POST[email]', '$_POST[username]', '$_POST[password]')";
                if ($conn->query($sql)) {
                    // remove echo as you will never see it now
                    //echo "New record added successfully.";
                    header('Location: otherPage.php');
                    exit;   // important as header does not stop code execution in this script
                } else {
                    echo "Error".$sql."<br>".$conn->error;
                }
                $conn->close();
            }
        } else {
            echo "Password should not be empty";
        }
    } else {
        echo "Username should not be empty";
        die();
    }
    ?>
    

    You do have at least 2 serious flaws in this code though that I must mention.

    Your script is wide open to SQL Injection Attack Even if you are escaping inputs, its not safe! Use prepared parameterized statements in either the MYSQLI_ or PDO API's

    Never store plain Text password in your database. The most likely place where these things get compromised is from within the company running this database. An unhashed password is a total givaway for a DB Admin who just got refused a pay rise!

    PHP provides password_hash() and password_verify() please use them. And here are some good ideas about passwords If you are using a PHP version prior to 5.5 there is a compatibility pack available here

    点赞 评论

相关推荐