我在最后一个小时试图解决这个问题。我有一个很长的表单,我正在尝试将信息上传到mysql数据库中。我做了一张桌子。这是我正在使用的mysql查询:
mysql_query("INSERT INTO `users_temp`(`first_name`, `surname`, `birthday`, `nationality`, `email`, `mobile`, `landline`, `address`, `town`, `post_code`, `country`, `password`, `code_conf`) VALUES ([$f_name],[$s_name],[$bday],[$nationality],[$email],[$mobile],[$landline],[$address],[$town],[$post_code],[$country],[$pass],[$conf_code])");
如果有人看到任何问题为什么它不起作用,请告诉我。非常感谢。
$f_name = $_POST["f_name"];
$s_name = $_POST["s_name"];
$pass = $_POST["pass"];
$birthday = $_POST["bday"];
$nationality = $_POST["nationality"];
$email = $_POST["email"];
$mobile = $_POST["mobile"];
$landline = $_POST["landline"];
$address = $_POST["address"];
$town = $_POST["town"];
$post_code = $_POST["post_code"];
$country = $_POST["country"];
$conf_code = substr(md5(uniqid(rand(), true)), 1, 70);
include("connect_into_mysql.php");
mysql_select_db("jzperson_edu", $conn);
$res_01 = mysql_query("SELECT * FROM users WHERE email='$email'");
$count_01 = mysql_num_rows($res_01);
if($count_01==0)
{
mysql_query("INSERT INTO users_temp ('first_name','surname','birthday','nationality','email','mobile','landline','address','town','post_code','country','password','code_conf') VALUES ('$f_name','$s_name','$bday','$nationality','$email','$mobile','$landline','$address','$town','$post_code','$country','$pass','$conf_code')");
header("Location: home.php");
}else{echo "This email is already registered. If you lost your password you can reset it here.";}
1/您必须了解SQL注入:请阅读本文。使用mysql_real_eescape_string封装所有$_POST数据,例如:
$f_name = mysql_real_escape_string($_POST["f_name"]);
2/MySQL将很快被弃用,请参阅此处的红框。
3/在所有的头之后,放一个die()(否则,代码的执行将一直持续到最后,如果客户端的brwoser重定向被禁用,他可能会看到一些未经授权的内容)。
4/不要在一行中写很长的请求,这样可以避免麻烦,让工作更容易。要调试它,请在末尾添加一个"or die(mysql_error())
",它将显示一条消息,帮助您获得解决方案。
mysql_query("
INSERT INTO users_temp (
'first_name','surname','birthday',
'nationality','email','mobile',
'landline','address','town',
'post_code','country','password',
'code_conf'
) VALUES (
'$f_name','$s_name','$bday',
'$nationality','$email','$mobile',
'$landline','$address','$town',
'$post_code','$country','$pass',
'$conf_code'
)
") or die(mysql_error());
顺便说一下,您正在用户表中进行检查,然后插入到user_tmp表中。你可能会以这种方式遇到冲突和麻烦,不是吗?