我正在尝试插入名字、姓氏等。但是,我认为我的值(value)观有问题。关于如何表达值(value)观有什么帮助吗?
$query="INSERT INTO `users` (`firstname`, `lastname`,`email`, `password`, `gender`, `country`, `state`) VALUES('".mysqli_real_escape_string($link, $_POST['email'])."', '".md5(md5($_POST['email']).$_POST['password'])."')";
mysqli_query($link, $query);
$_SESSION['id']=mysqli_insert_id($link);
header("Location: dashboard.php");
}
}
}
如果需要的话,这里是全部内容......
if ($_POST['submit']=="Sign Up") {
if (!$_POST['firstname']) $error.="<br />Please enter your first name";
if (!$_POST['lastname']) $error.="<br />Please enter your last name";
if (!$_POST['email']) $error.="<br />Please enter your email";
else if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) $error.="<br />Please enter a valid email address";
if (!$_POST['password']) $error.="<br />Please enter your password";
else {
if (strlen($_POST['password'])<8) $error.="<br />Please enter a password with at least 8 characters";
if (!preg_match('`[A-Z]`', $_POST['password'])) $error.="<br />Please enter at least 1 capital letter";
}
if ($_POST['password'] !== $_POST['confirmpassword'])
$error.="<br />Your passwords do not match.";
if (!$_POST['gender']) $error.="<br />Please enter your gender";
if (!$_POST['country']) $error.="<br />Please enter your country";
if (!$_POST['state']) $error.="<br />Please enter your state";
if ($error) $error = "There were error(s) in your signup details:".$error;
else {
$query = "SELECT * FROM `users` WHERE email='".mysqli_real_escape_string($link, $_POST['email'])."'";
$result = mysqli_query($link, $query);
$results = mysqli_num_rows($result);
if ($results) $error = "That email address is already registered";
else {
$query="INSERT INTO `users` (`firstname`, `lastname`,`email`, `password`, `gender`, `country`, `state`) VALUES('".mysqli_real_escape_string($link, $_POST['email'])."', '".md5(md5($_POST['email']).$_POST['password'])."')";
mysqli_query($link, $query);
$_SESSION['id']=mysqli_insert_id($link);
header("Location: dashboard.php");
}
}
}
最佳答案
您的查询如下所示;代码重新格式化为多行以更好地显示问题:
$query = "INSERT INTO `users` (`firstname`, `lastname`,`email`, `password`, `gender`, `country`, `state`)"
. " VALUES('".mysqli_real_escape_string($link, $_POST['email'])."', '".md5(md5($_POST['email']).$_POST['password'])."')"
;
因此,您有七 (7) 个要插入的值,但实际的 VALUES 只有两 (2) 项。这就是你的问题所在。理解我的意思的快速方法是添加空值,如下所示:
$query = "INSERT INTO `users` (`firstname`, `lastname`,`email`, `password`, `gender`, `country`, `state`)"
. " VALUES('','','".mysqli_real_escape_string($link, $_POST['email'])."', '".md5(md5($_POST['email']).$_POST['password'])."','','','')"
;
但我相信您想要插入所有 $POST 数据,如下所示:
$query = "INSERT INTO `users` (`firstname`, `lastname`,`email`, `password`, `gender`, `country`, `state`)"
. " VALUES('".mysqli_real_escape_string($link, $_POST['firstname'])."','".mysqli_real_escape_string($link, $_POST['lastname'])."','".mysqli_real_escape_string($link, $_POST['email'])."', '".md5(md5($_POST['email']).$_POST['password'])."','".mysqli_real_escape_string($link, $_POST['gender'])."','".mysqli_real_escape_string($link, $_POST['country'])."','".mysqli_real_escape_string($link, $_POST['state'])."')"
;
但更大的问题是您直接将 $POST 数据插入 MySQL 数据库,而没有进行真正的过滤。所以你应该考虑做一些更好的验证。但就您当前的数据库问题而言,这应该可以立即解决问题。
关于php - INSERT/VALUES 未提交,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/26081624/