在PHP中创建注册页面

时间:2014-11-13 15:16:37

标签: php mysql

大家好,所以我在php中为我的网站创建这个注册页面。这是PHP脚本

 # Script 9.5 - register.php #2
// This script performs an INSERT query to add a record to the users table.


$page_title = 'Register';
include ('includes/header.html');

// Check for form submission:
if ($_SERVER['REQUEST_METHOD'] == 'POST') {

$errors = array(); // Initialize an error array.

// Check for a name:
if (empty($_POST['name'])) {
    $errors[] = 'You forgot to enter your name.';
} else {
    $n = mysqli_real_escape_string($dbh, trim($_POST['name']));
}

// Check for an email:
if (empty($_POST['email'])) {
    $errors[] = 'You forgot to enter your email.';
} else {
    $e = mysqli_real_escape_string($dbh, trim($_POST['email']));
}

// Check for a password and match against the confirmed password:
if (!empty($_POST['pass1'])) {
    if ($_POST['pass1'] != $_POST['pass2']) {
        $errors[] = 'Your password did not match the confirmed password.';
    } else {
        $p = mysqli_real_escape_string($dbh, trim($_POST['pass1']));
    }
} else {
    $errors[] = 'You forgot to enter your password.';
}

// Check for contact number:
if (empty($_POST['contact_no'])) {
    $errors[] = 'You forgot to enter your contact no.';
} else {
    $cn = mysqli_real_escape_string($dbh, trim($_POST['contact_no']));
}

if (empty($errors)) { // If everything's OK.

        require 'connect_db.php';
        $conn= mysqli_connect('*****' , '*****', '*****' , '*****' ,****);


    // Make the query:
    $q = ("INSERT INTO register_user(name, email, pass, contact_no) VALUES ('$n', '$e','$p','$cn')");       
    $r = @mysqli_query ($dbh, $q);// Run the query.
    if ($r) { // If it ran OK.

        // Print a message:
        echo '<h1>Thank you!</h1>
    <p>You are now registered. </p>
    <p><a href = "index.php">Login</a> </p>';   

    } else { // If it did not run OK.

        // Public message:
        echo '<h1>System Error</h1>
        <p class="error">You could not be registered due to a system error. We apologize for any inconvenience.</p>'; 

        // Debugging message:
        echo '<p>' . mysqli_error($dbh) . '<br/><br/> Query: ' . $q . '</p>';

    } // End of if ($r) IF.

    mysqli_close($dbh); // Close the database connection.

    // Include the footer and quit the script:
    include ('includes/footer.html'); 
    exit();

} else { // Report the errors.

    echo '<h1>Error!</h1>
    <p class="error">The following error(s) occurred:<br>';
    foreach ($errors as $msg) { // Print each error.
        echo " - $msg<br>";
    }
    echo 'Please try again.</p>';

} // End of if (empty($errors)) IF.

mysqli_close($dbh); // Close the database connection.

但事情是,一旦我注册这是输出:

System Error

 You could not be registered due to a system error. We apologize for any inconvenience.

 Query: INSERT INTO register_user(name, email, pass, contact_no) VALUES ('', '','','')

所以我很乐意为任何帮助感到高兴

1 个答案:

答案 0 :(得分:0)

您正在呼叫mysqli_real_escape_string() 之前建立数据库连接。这是不允许的。 必须在进行转义操作之前有连接。

这意味着每个表单字段都将是一个布尔值为FALSE的值,表示失败。

您的代码应该是结构化的

1. connect to db
2. process form inputs
3. if form inputs ok, insert into db

你有#1和#2逆转。

相关问题
最新问题