最受欢迎

尝试使用php和html将记录添加到mysql

Trying to Add record to mysql using php and html

本文关键字:记录 添加 mysql html php | 更新日期: 2023-09-27

我正试图向sql表中添加一条记录,但遇到了问题。

我有一个注册页面,它将接收用户的用户名、密码和电子邮件,并将它们传递给一个小的php脚本,该脚本从一个较大的php文件中调用函数。

当我尝试按下注册按钮时,页面会刷新,并且不会向表中添加任何内容。

欢迎提出任何建议。

html:

  <body>
    <div class="body"></div>
    <div class="grad"></div>
        <div class="header">
        </div>
        <br>
        <div class="signup">
    <script     src='http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js'></script>
    <script type = "text/javascript" src="js/js_functions.js"></script>
    <form method="post" action ="signup_script.php" onsubmit = "return checkEmailandPassword(this);" method = "post" >
                <input   type="text" placeholder="username" name="username"      required = "required" maxlength = "15"><br>
                <input type ="email" placeholder = "email" name = "email" required = "required" maxlength = "50"><br>
                <input type ="email" placeholder = "re-enter email" name = "reemail" required = "required" maxlength = "50"><br>
                <input  type="password" placeholder="password" name="password" required = "required" pattern = "(?=.*'d)(?=.*[A-Z]).{10,}"><br>
                <input  type="password" placeholder="re-enter password"name="repassword" required = "required"><br>
                <p class = "passwordreq">Password must:</p>
                <ol class = "passwordreq"> 
                    <li>Have 10 characters</li>
                    <li>Have one number</li>
                    <li>Have one uppercase letter</li>
                </ol>
                <input type="submit" value="sign up"> <input type="button" value="go back"  onclick="window.location='index.html'">
            </form>
  </body>
</html>

php小文件:

include_once('profile_Functions.php');
    $username = $_POST['username']; 
    $password = $_POST['password'];
    $email = $_POST['email'];
    createUser($username,$password,$email);

大型php文件:

<?php
    extract($_GET);
    extract($_POST);
    extract($_SERVER);
    function setup(){
    extract($_GET);
    extract($_POST);
    extract($_SERVER);
    $host="localhost";
    $user="root";
    $passwd="";
    $connect=mysql_connect($host,$user,$passwd) or die("error connecting mysql server");
    mysql_select_db('oddjob',$connect) or die("error accessing db");
}

function createUser($name, $pass, $email){
    setup();
    $hashed_password = password_hash($pass, PASSWORD_DEFAULT);
    $sql = "insert into profiles (UserName, Password, Email) values ($name,         $hashed_password, $email); ";
    $res = mysql_query($sql);
} ?>

您的insert语句失败。您应该用引号将values部分中的字符值括起来:

$sql = "insert into profiles (UserName, Password, Email) 
        values ('$name', '$hashed_password', '$email'); ";

在执行mysql_query之后实际检查$res不是false将是有益的。

请注意,将用户输入值直接注入SQL语句是不安全的。阅读有关SQL注入攻击以及如何保护数据库免受攻击的信息。

相关文章:
最新更新
www.56WenDa.com 2012-2023 | php问答网 | php学习