我的网站上有一个注册表单,我认为我应该防止 SQL 注入。我不能恶意删除该表。
使用POST,我从表单中收集输入,检查它,然后将其添加到数据库中。我的代码如下。我一直在测试表单,虽然表单提交成功,但表中填充了一个空行……而不是表单中的数据。
这里发生了什么?
<?php
$type = $_POST['type']; // a dropdown
$color = $_POST['color']; // a dropdown
$name = mysql_real_escape_string($_POST['name']);
$address = mysql_real_escape_string($_POST['address']);
$city = mysql_real_escape_string($_POST['city']);
$state = $_POST['state']; // a dropdown
$zip = mysql_real_escape_string($_POST['zip']);
$phone = mysql_real_escape_string($_POST['phone']);
$email = mysql_real_escape_string($_POST['email']);
$where = mysql_real_escape_string($_POST['where']);
$price = mysql_real_escape_string($_POST['price']);
$use = mysql_real_escape_string($_POST['use']);
include 'php/Connect.php';
$ct = new Connect();
$con = $ct->connect();
if(check($email, $con)) {
if(register($type, $color, $name, $address, $city, $state, $zip, $phone, $email, $where, $price, $use, $con)) {
echo '<h1>Success!</h1><p>Thanks for registering your product. A confirmation email has been sent to '.$email.'.</p>';
}
else {
echo '<h1>Error!</h1><p>There were errors processing your registration. Please try again.</p>';
}
}
else {
echo '<h1>Error!</h1><p>This product has already been registered.</p>';
}
function check($email, $con) {
$query = "SELECT * FROM registrations WHERE email='$email'";
$res = mysql_query($query, $con);
if ($con) {
$row = mysql_fetch_assoc($res);
if($row) {
return false; // product registration exists
}
else {
return true; // product registration does not exist
}
}
else {
return false;
}
}
function register($type, $color, $name, $address, $city, $state, $zip, $phone, $email, $where, $price, $use, $con) {
$query = "INSERT INTO registrations VALUES ('$type', '$color', '$name', '$address', '$city', '$state', '$zip', '$phone', '$email', '$where', '$price', '$use')";
$res = mysql_query($query, $con);
if (!$con) {
return false;
}
else {
mysql_close($con);
return true;
}
}
?>