好的,这对于所有 PHP/MYSQL 专家来说可能 super 简单,但我只是在学习,遇到了障碍。我用 HTML 制作了一个注册表单,我想用 PHP 将用户输入的信息插入到 MSQL 数据库中。
这是我的表格:
<form action="" method="post">
<p>First Name: <br><input type="text" name="user_firstname" size="25 maxlength="25"/</p>
<p>Last Name: <br><input type="text" name="user_lastname" size="25" maxlength="25" /></p>
<p>Email Address: <br><input type="email" id="email" name="user_email" size="25" maxlength="40"/><p>
<p>Create a Password: <br><input type="password" name="user_password" size="25" maxlength="40"/></p>
<p><br><input type="submit" value="register"/></p>
</form>
这是我的 php 代码:
$host = "localhost";
$user = "root";
$password = "";
$database = "listings_db";
$tbl_name = "users"
$link = mysqli_connect($host, $user, $password, $database) or die("Error " . mysqli_error($link));
if (isset($_POST['user_firstname'],
$_POST['user_lastname'],
$_POST['user_email'],
$_POST['user_password'],
$_POST['user_type']))
{
$firstname = $_POST['user_firstname'];
$lastname = $_POST['user_lastname'];
$email = $_POST['user_email'];
$password = $_POST['user_password'];
$type = $_POST['user_type'];
$errors = array();
if(empty($firstname)
|| empty($lastname)
|| empty($email)
|| empty($email)
|| empty($password)
|| empty($type))
{$errors [] = '*All fields are required!';}
else {
if(filter_var($email, FILTER_VALIDATE_EMAIL) === false)
{$errors[] = '*The email address you entered is not valid!' ;}
if(strlen($firstname) > 25) {$errors[] = '*The email address you entered contains too many characters!';}
if(strlen($lastname) > 25) {$errors[] = '*The first name you entered contains too many characters!';}
if(strlen($email) > 40) {$errors[] = '*The last name you entered contains too many characters!';}
if(strlen($password) > 40) {$errors[] = '*The password you entered contains too many characters!';}
if(strlen($type) != true){$errors[] = '*Please select an account type!';}
}
$firstname1 = mysqli_real_escape_string($firstname);
$lastname1 = mysqli_real_escape_string($lastname);
$email1 = mysqli_real_escape_string($email);
$password1 = mysqli_real_escape_string($password);
$query = mysqli_query($link, "INSERT INTO users (user_id, user_firstname, user_lastname, user_email, user_password) VALUES ('', '$firstname', '$lastname', '$email', '$password')");
}
我的代码有什么问题?在此先感谢您的帮助!
最佳答案
如果您是 PHP/MySQL 的新手,您真的不应该开始使用过程式风格,因为它很笨拙,而且真的不推荐。如果您现在就掌握 OOP(面向对象编程),从长远来看,它将为您省去麻烦!
例子:
mysqli_connect($host, $user, $password, $database) or die("Error " . mysqli_error($link));
应该变成
$conn = new mysqli($host, $user, $password, $database);
// check connection
if ($conn->connect_error) {
trigger_error('Database connection failed: ' . $conn->connect_error, E_USER_ERROR);
}
和
$firstname1 = mysqli_real_escape_string($firstname);
到
$firstname1 = $conn->real_escape_string($firstname);
当您开始使用 OOP 编写高级 PHP(即类等)时,您已经知道了!
无论如何,您遇到的问题:
1.您缺少第一个表单元素的结尾 >
<p>First Name: <br><input type="text" name="user_firstname" size="25 maxlength="25"/></p>
2.您还请求了未设置为表单元素的帖子数据“user_type”
3 您已将 1 添加到变量中,这不是必需的(而且您也没有将 1 添加到您的查询中,理想情况下您应该重命名它们以便它们合乎逻辑)
$firstname1 = mysqli_real_escape_string($firstname);
$lastname1 = mysqli_real_escape_string($lastname);
$email1 = mysqli_real_escape_string($email);
$password1 = mysqli_real_escape_string($password);
应该改为
$firstname_escaped = mysqli_real_escape_string($firstname);
$lastname_escaped = mysqli_real_escape_string($lastname);
$email_escaped = mysqli_real_escape_string($email);
$password_escaped = mysqli_real_escape_string($password);
4 您不需要插入列(应设置为自动递增),因为它会自动执行
$query = mysqli_query($link, "INSERT INTO users (user_id, user_firstname, user_lastname, user_email, user_password) VALUES ('', '$firstname', '$lastname', '$email', '$password')");
应该是
$query = mysqli_query($link, "INSERT INTO users (user_firstname, user_lastname, user_email, user_password) VALUES ('$firstname', '$lastname', '$email', '$password')");
5 !!!!你没有加密输入数据库的密码!!!!!! 至少你应该用
$password = md5($_POST['user_password']); //added md5 encryption
尽管强烈建议使用 PHPass library因为它使用 PHP 的 crypt() 功能而无需解决所有令人头疼的问题!
关于php - HTML 表单插入到 MYSQL,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/23299420/