所以我是php/mysql的新手,我希望你在询问之前先看一些代码
这是我在数据库中的两张表
网站用户(针对我的注册页面)
CREATE TABLE WebsiteUsers
(
userID int(9) NOT NULL auto_increment,
fullname VARCHAR(50) NOT NULL,
userName VARCHAR(40) NOT NULL,
email VARCHAR(40) NOT NULL,
pass VARCHAR(40) NOT NULL,
PRIMARY KEY(userID)
);
和用户名(登录页面使用mysql)
CREATE TABLE UserName
(
UserNameID int(9) NOT NULL auto_increment,
userName VARCHAR(40) NOT NULL,
pass VARCHAR(40) NOT NULL,
PRIMARY KEY(UserNameID)
);
这是我的两个php脚本
connectivity.php(用于登录页面)
<?php
define('DB_HOST', 'localhost');
define('DB_NAME', 'hhh');
define('DB_USER','root');
define('DB_PASSWORD','');
$con=mysql_connect(DB_HOST,DB_USER,DB_PASSWORD) or die("Failed to connect to MySQL: " . mysql_error());
$db=mysql_select_db(DB_NAME,$con) or die("Failed to connect to MySQL: " . mysql_error());
/*
$ID = $_POST['user'];
$Password = $_POST['pass'];
*/
function SignIn()
{
session_start(); //starting the session for user profile page
if(!empty($_POST['user'])) //checking the 'user' name which is from Sign-In.html, is it empty or have some text
{
$query = mysql_query("SELECT * FROM UserName where userName = '$_POST[user]' AND pass = '$_POST[pass]'") or die(mysql_error());
$row = mysql_fetch_array($query) or die(mysql_error());
if(!empty($row['userName']) AND !empty($row['pass']))
{
$_SESSION['userName'] = $row['pass'];
echo "SUCCESSFULLY LOGIN TO USER PROFILE PAGE...";
}
else
{
echo "SORRY... YOU ENTERD WRONG ID AND PASSWORD... PLEASE RETRY...";
}
}
}
if(isset($_POST['submit']))
{
SignIn();
}
?>
和connectivity-sign-up.php(用于注册页面)
<?php
define('DB_HOST', 'localhost');
define('DB_NAME', 'hhh');
define('DB_USER','root');
define('DB_PASSWORD','');
$con=mysql_connect(DB_HOST,DB_USER,DB_PASSWORD) or die("Failed to connect to MySQL: " . mysql_error());
$db=mysql_select_db(DB_NAME,$con) or die("Failed to connect to MySQL: " . mysql_error());
function NewUser()
{
$fullname = $_POST['name'];
$userName = $_POST['user'];
$email = $_POST['email'];
$password = $_POST['pass'];
$query = "INSERT INTO websiteusers (fullname,userName,email,pass) VALUES ('$fullname','$userName','$email','$password')";
$data = mysql_query ($query)or die(mysql_error());
if($data)
{
echo "YOUR REGISTRATION IS COMPLETED...";
}
}
function SignUp()
{
if(!empty($_POST['user'])) //checking the 'user' name which is from Sign-Up.html, is it empty or have some text
{
$query = mysql_query("SELECT * FROM websiteusers WHERE userName = '$_POST[user]' AND pass = '$_POST[pass]'") or die(mysql_error());
if(!$row = mysql_fetch_array($query) or die(mysql_error()))
{
newuser();
}
else
{
echo "SORRY...YOU ARE ALREADY REGISTERED USER...";
}
}
}
if(isset($_POST['submit']))
{
SignUp();
}
?>
所以我的问题是,当用户注册时,他/她会自动插入我的用户名数据库,我该如何做到这一点?
编辑不,我把它连接到一个表上,并把它改为mysqli,但一直收到这个错误。。
注意:第12行C:''examplep''htdocs''test2''Sign-in''connectivity.php中的未定义变量:con
警告:mysqli_query()要求参数1为mysqli,在第12行的C:''examplep''htdocs''test2''Sign-in''connectivity.php中给定null
注意:第12行C:''examplep''htdocs''test2''Sign-in''connectivity.php中的未定义变量:con
警告:mysqli_error()要求参数1为mysqli,在第12行的C:''examplep''htdocs''test2''Sign-in''connectivity.php中给定null
已编辑,以便使用mysqli_:
<?php
$DB_HOST= "localhost";
$DB_NAME = "hhh";
$DB_USER = "root";
$DB_PASSWORD= "";
$con= mysqli_connect($DB_HOST,$DB_USER,$DB_PASSWORD,$DB_NAME) or die("Failed to connect to MySQL");
function SignIn($con)
{
session_start();
if(!empty($_POST['user'])){
$query = mysqli_query($con,"SELECT * FROM websiteusers WHERE userName = '$_POST[user]' AND pass = '$_POST[pass]'") or die(mysqli_error($con)); //changed
$row = mysqli_fetch_array($query) or die(mysqli_error($con));
if(!empty($row['userName']) && !empty($row['pass'])) //changed to a more modern operator
{
$_SESSION['userName'] = $row['pass'];
echo "SUCCESSFULLY LOGIN TO USER PROFILE PAGE...";
}
else
{
echo "SORRY... YOU ENTERD WRONG ID AND PASSWORD... PLEASE RETRY...";
}
}
}
if(isset($_POST['submit']))
{
SignIn($con);
}
?>
您只需要一个表。当他们注册时,将他们插入数据库,然后调用登录函数,并在登录过程中使用$_SESSION cookie将他们标记为已登录。此外,上帝保佑,你是在乞求注射攻击。mysql_query不赞成使用PDO或MySQLi并使用参数。