首先,我已经被告知我在这里问了一个重复的问题,但没有。同样的代码是的,但我遇到了一个不同的问题。其次,生病也添加我的HTML表单,我认为可能不会导致我的错误。 当我通过wamp服务器SQL控制台查看时,除了fname / lname之外,我的表单数据都没有保存/显示在我的数据库中。另外,我只允许向我的表添加一行数据,然后当我尝试添加更多行时,我的表查询会不断死亡。我出错了什么建议?
<?php
require_once 'log.php';
$salt1 = "qm&h*";
$salt2 = "pg!@";
$user = isset($_POST['user']) ? $_POST['user'] : '';
$password = isset($_POST['password']) ? $_POST['password'] : '';
$vpassword = isset($_POST['vpassword']) ? $_POST['vpassword'] : '';
$email = isset($_POST['email']) ? $_POST['email'] : '';
$fname = isset($_POST['fname']) ? $_POST['fname'] : '';
$lname =isset($_POST['lname']) ? $_POST['lname'] : '';
$gend = isset($_POST['gend']) ? $_POST['gend'] : '';
$token = md5("$salt1$password$salt2");
$query = "INSERT INTO members(user,password,vpassword,fname,lname,email,gend) VALUES('$user','$password','$vpassword','$fname','$lname','$email','$gend')";
$result = mysqli_query($conn, $query);
if (!$result) die ("Database access failed: " . mysql_error());
echo "You have been successfully registered";
echo '<br /> <br /><a href ="index.php" >Return to home page</a>';
mysqli_close($conn);
?>
HTML页面
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Registration</title>
<link type="text/css" rel="stylesheet" href="style.css" />
<script type="text/javascript" src="twitch_val.js"></script>
</head>
<body>
<div id="d1">
<img src="bann.png" style="float:right;" alt="ban"/><br/>
<h1>Chaguramas <br/>Twitchers <br/>Collective</h1>
</div>
<div id="d4">
<ul>
<li><a href="index.php">Home</a></li>
<li><a href="Login.php">Login</a></li>
<li><a href="Regis.php">Register</a></li>
<li><a href="contact.php">Contact Us</a></li>
<li> <form method="post" action="" name="Search" id="search" ><fieldset>
<input type="text" name="sitesearch"/></fieldset><!--Search bar included in ul to keep inline with div container-->
</form></li>
</ul>
</div>
<div id="d5">
<div id="f4"> <h1>Register <img src="fea2.png" alt="fe"/></h1></div>
<form method="post" action="Regis_populate.php" name="Regis" id="regis" onsubmit="validation();"><fieldset>
<br/>
<h2>Account Information</h2> <!--Registration split between account items and personal items-->
Username:<input type="text" name="user" id="user"/>
<br/><br/>
Password:<input type="password" name="password" id="password"/>
<br/><br/>
Verify Password:<input type="password" name="vpassword" id="vpassword"/>
<br/><br/>
Email:<input type="text" name="email" id="email"/>
<br/><br/></fieldset>
</form>
</div>
<div id="d6">
<form method="post" action="Regis_populate.php" name="Regis" id="regis" onsubmit="validation();"><fieldset>
<h2>Personal Information</h2>
First name:<input type="text" name="fname" id="fname"/> Last name:<input type="text" name="lname" id="lname"/>
<br/><br/>
Gender:<input type="radio" name="sex1" id="gend"/>Male
<input type="radio" name="sex2" id="gend"/>Female
<br/><br/>
<img src="cap.jpg" id="captchaimg" alt="cpa"/> <!--CAPCHA code borrowed from http://webdesignpub.com/html-contact-form-captcha/-->
<br/>
<label for="message">Enter the code above here to complete registration:</label><br/>
<input id="letters_code" name="letters_code" type="text"/>
<br/><br/>
<input type="submit" value="Submit" id="Submit" onclick="validation();"/>
<br/><br/></fieldset>
</form>
</div>
</body>
</html>
的Javascript
function validation(){
var us = document.getElementById("user").value;
var ps = document.getElementById("password").value;
var vps = document.getElementById("vpassword").value;
var em = document.getElementById("email").value;
var fn = document.getElementById("fname").value;
var ln = document.getElementById("lname").value;
var us_names= new RegExp (/[a-zA-Z0-9._-]$/);
var pass = new RegExp (/[a-zA-Z0-9._-]$/);
var names = new RegExp (/[a-zA-Z]$/);
var email = new RegExp (/[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/);
var u = document.forms["Regis"]["user"].value;
if (u == null || u == "") {
alert("Please enter a user name");
return false;
}
var user = us_names.test(us);
if (user == false){
alert("Invalid user name. Please re-enter.");
return false;
}
var p = document.forms["Regis"]["password"].value;
if (p == null || p == "") {
alert("Please enter a password");
return false;
}
var passwrd = pass.test(ps);
if (passwrd == false){
alert("Invalid password. Please re-enter.");
return false;
}
var vp = document.forms["Regis"]["vpassword"].value;
if (vp == null || vp == "") {
alert("Please enter identical password");
return false;
}
if (vps != ps){
alert("Passwords not identical. Please re-enter");
return false;
}
var e = document.forms["Regis"]["email"].value;
if (e == null || e == "") {
alert("Please enter an email address");
return false;
}
var f = document.forms["Regis"]["fname"].value;
if (f == null || f == ""){
alert("Please enter your first name");
return false;
}
var fname = names.test(fn);
if (fname == false){
alert(" First name entered cannot be recorded. Please re-enter");
return false;
}
var l = document.forms["Regis"]["lname"].value;
if (l == null || l == ""){
alert("Please enter your last name");
return false;
}
var lname = names.test(nn);
if (lname == false){
alert("Last name entered cannot be recorded. Please re-enter");
return false;
}
if(document.Regis.sex1.checked == false && document.Regis.sex2.checked == false){
alert("Please select a gender. Either male or female");
return false;
}
}
答案 0 :(得分:2)
在这段时间之后,我终于发现了问题所在。
您正在使用两种单独的表单( 3技术上),其中一些元素正在丢失,这是一个超出范围的问题。
将所有表单元素放在一个一组<form></form>标记内。
mysql_error()混合API,该mysqli_error($conn)应为table,并且无法查看可能发生的数据库错误。 旁注:您目前的代码向SQL injection开放。使用mysqli with prepared statements或PDO with prepared statements,他们更安全。
关于密码存储:
我注意到你正在使用MD5。这种散列方法很旧并且被认为是破碎的,不再被认为是安全的。
我建议您使用CRYPT_BLOWFISH或PHP 5.5&#39 {s} password_hash()功能。对于PHP&lt; 5.5使用password_hash() compatibility pack。