mysqli insert查询不从表单读取值,插入空白数据

ubof19bj  于 2021-06-20  发布在  Mysql
关注(0)|答案(3)|浏览(328)

现在我遇到的问题是表单提交的数据没有插入到数据库中。我的代码正在向users表中插入一条记录,但只插入静态值“active”。表单字段中的任何内容都不包括在内,并且为空。
connection.php是初始数据库连接文件,它的作用是插入一行,尽管是空的(acc\u active set to active hardcoded除外)。search.php并不重要
这是我的密码。

<?php
        require "connection.php";
        require "search.php";
        $var_username = mysqli_real_escape_string($conn, $_POST['username']);
        $var_password = mysqli_real_escape_string($conn, $_POST['password']);
        $var_email = mysqli_real_escape_string($conn, $_POST['email']);

        if (isset($_GET['reg'])){
                if ($_GET['reg']=='1'){
                        $verify         =       mysqli_query("SELECT COUNT(*) AS NUM FROM users WHERE username = '$var_username'");
                        $result         =       mysqli_fetch_array($verify);
                        if($result[0]==1){
                                $error_msg      =       "Username exists";
                        }else{
                                $query          =       "INSERT INTO users(username, password, email, acc_active)VALUES('$var_username','$var_password','$var_email','active')";
                                if (mysqli_query($conn, $query)){
                                echo "success";
                                }else{
                                echo "failed". $sql ."<br>". mysqli_error($conn);
                                }
                        }
                }
        }
mysqli_close($conn);
?>

这是html表单,在

<form method="post" action="/rail/register.php?reg=1" style="text-align:center">
                            <input type="text" placeholder="Username..." name="username" />
                            <input type="text" placeholder="Email..." name="email" />
                            <input type="password" placeholder="Password..." name="password" />
                            <input type="password" placeholder="Confirm Password..." name="password-confirm" />

                           <a href="/rail/login">Return / Cancel</a>
                           <input type="submit" name="Register" value="Register" />
                    </form>

因此,我正在重新加载值为reg=1的页面以指示插入,我正在验证是否没有其他具有该用户名的记录,然后运行插入查询
任何帮助都将不胜感激。提前谢谢。我在这个阶段留下了上面的代码非常基本,我会做错误消息,验证密码/确认密码字段匹配等,以及哈希一旦基本设置完成。

iaqfqrcu

iaqfqrcu1#

尝试

$var_username = $_POST['username'];

而不是

$var_username = mysqli_real_escape_string($conn, $_POST['username']);

您可以使用mysqli\u real\u escape\u string()进行查询;

yvfmudvl

yvfmudvl2#

<?php
        require "connection.php";
        require "search.php";
        // You can remove the need to escape your strings by using prepared statements.

没有必要用reg检查。最好把它去掉。

if(isset($_POST['Register'])){

$stmt = $conn->prepare("SELECT null FROM users WHERE username = ? ");
$stmt->bind_param("s", $_POST['username']);
$stmt->execute();
if($stmt->fetch()){
$error = "Username exists.";
}
else{
$error = "";
}
$stmt->close();

if($error == ""){
$param = "Active";
$stmt = $conn->prepare("INSERT INTO users(username, password, email, acc_active) VALUES(?,?,?,?)");
$stmt->bind_param("ssss", $_POST['username'], $_POST['password'], $_POST['email'], $param);
$stmt->execute();
$stmt->close();    
}
else
{
  echo $error;
}

}

假设表单位于同一页上,只需删除前面添加的操作即可。否则你可以保留它,但删除注册表。

<form method="post" action="" style="text-align: center">
       <input type="text" placeholder="Username..." name="username" >
       <input type="text" placeholder="Email..." name="email" />
       <input type="password" placeholder="Password..." name="password">
       <input type="password" placeholder="Confirm Password..." name="password-confirm">

       <a href="/rail/login">Return / Cancel</a>
       <input type="submit" name="Register" value="Register">
  </form>
j7dteeu8

j7dteeu83#

请使用post方法,您正在使用get
您还可以以更快的方式编写代码:

if (isset($_POST['reg']) && $_POST['reg']=='1'){

而不是:

if (isset($_GET['reg'])){
                if ($_GET['reg']=='1'){

相关问题