最受欢迎

这是将准备好的插入语句与 oop PHP 一起使用的正确方法吗?

is this the right way to use prepared insert statement with oop php?

本文关键字:一起 方法 oop 准备好 插入 语句 PHP | 更新日期: 2023-09-27

大家好,我已经编写了这个注册页面脚本,我想将用户信息注册到数据库中,但我正在尝试通过使用带有 oop 语法的准备好的插入语句来安全地执行此操作,但不确定我是否这样做正确,因为当我注册虚拟数据时,它不会在数据库中放置任何东西。

索引.php 页

    <!DOCTYPE html>
    <html>
    <head>
    <title>Registration form</title>
    <link rel="stylesheet" type="text/css" href="regisform.css">
    </head>
    <body>
        <div id="form">
        <div id="header"><h2>Registration Form</h2></div>
            <form method="post" action="process.php">
                <label>Username:</label>
                <input type="text" name="username" placeholder="Enter a Username please" required="required" />
                <label>Email:</label>
                <input type="text" name="email" placeholder="Enter your email please" required="required" />
                <label>Password:</label>
                <input type="text" name="password" placeholder="Enter a Password please" required="required" />
                <input type="submit" name="signup" value="Sign up"/>
            </form>
        </div>
    </body>
    </html>
    <?php 
    include "process.php";
       $db = new db();
    if(isset($_POST['signup'])) {
       $user = $_POST['username'];
       $email = $_POST['email'];
       $password = $_POST['password'];
       $query = "INSERT INTO users (user_name, user_email, user_pass) VALUES (?, ?, ?)";
       $run = $db->insert($query);
       $run->bind_param('sss', $user, $email, $password);
       $run->execute();
       $run->close();
    }
?>

进程.php页

<?php
class db {
    public $host = "localhost";
    public $user = "root";
    public $pass = "";
    public $db_name = "pros";
    public $link;
    public function __construct(){
        $this->connect();
    }
    private function connect() {
        $this->link = new mysqli($this->host, $this->user, $this->pass, $this->db_name);
    }
    public function insert ($query) {
        $result = $this->link->prepare($query);
        if($result){
            echo "<center><h2>Registration Successfull!</h2></center>";
        }
        else
        {
            echo "<center><h2>Registration failed!</h2></center>";
        }
      return $result;
    }
}
?>

我会使用一个函数或方法来执行所有插入

public function insert_new_user($username, $email, $password){
    $mysqli = $this->link;
    $sql = "INSERT INTO users"
        . " (user_name, user_email, user_pass)"
        . " VALUES (?, ?, ?)";
    $stmt = $mysqli->prepare( $sql );
    $stmt->bind_param("sss", $username, $email, $password );
    if($stmt->execute()){
        return "success";
    } else {
        return "failed: " . $mysqli->error;
    }
}
相关文章:
最新更新
www.56WenDa.com 2012-2023 | php问答网 | php学习