0

我的网站上有一个注册表单,我认为我应该防止 SQL 注入。我不能恶意删除该表。

使用POST,我从表单中收集输入,检查它,然后将其添加到数据库中。我的代码如下。我一直在测试表单,虽然表单提交成功,但表中填充了一个空行……而不是表单中的数据。

这里发生了什么?

<?php

        $type = $_POST['type']; // a dropdown
        $color = $_POST['color']; // a dropdown 
        $name = mysql_real_escape_string($_POST['name']);
        $address = mysql_real_escape_string($_POST['address']);
        $city = mysql_real_escape_string($_POST['city']);
        $state = $_POST['state']; // a dropdown
        $zip = mysql_real_escape_string($_POST['zip']);
        $phone = mysql_real_escape_string($_POST['phone']);
        $email = mysql_real_escape_string($_POST['email']);
        $where = mysql_real_escape_string($_POST['where']);
        $price = mysql_real_escape_string($_POST['price']);
        $use = mysql_real_escape_string($_POST['use']);

        include 'php/Connect.php';
        $ct = new Connect();
        $con = $ct->connect();  

        if(check($email, $con)) {
            if(register($type, $color, $name, $address, $city, $state, $zip, $phone, $email, $where, $price, $use, $con)) {
                echo '<h1>Success!</h1><p>Thanks for registering your product. A confirmation email has been sent to '.$email.'.</p>';
            }
            else {
                echo '<h1>Error!</h1><p>There were errors processing your registration. Please try again.</p>'; 
            }
        }
        else {
            echo '<h1>Error!</h1><p>This product has already been registered.</p>';
        }

        function check($email, $con) {
            $query = "SELECT * FROM registrations WHERE email='$email'";
            $res = mysql_query($query, $con);
            if ($con) {
                $row = mysql_fetch_assoc($res);
                if($row) {
                    return false; // product registration exists    
                }
                else {
                    return true; // product registration does not exist
                }
            }
            else {
                return false; 
            }
        }

        function register($type, $color, $name, $address, $city, $state, $zip, $phone, $email, $where, $price, $use, $con) {
            $query = "INSERT INTO registrations VALUES ('$type', '$color', '$name', '$address', '$city', '$state', '$zip', '$phone', '$email', '$where', '$price', '$use')";
            $res = mysql_query($query, $con);
            if (!$con) {
                return false;
            }
            else {
                mysql_close($con);
                return true; 
            }
        }
    ?>
4

2 回答 2

0

使用前连接数据库mysql_real_escape_string
但是最好使用较新的版本

$connect=mysqli_connect(.......);  
mysqli_real_escape_string($connect,$string);
于 2012-07-12T16:42:36.790 回答
0

在 PeeHaa 的帮助下修复了它。这是更正后的代码:

<?php

        include 'php/Connect.php';
        $ct = new Connect();
        $db = $ct->connect();

        $type = $_POST['type'];
        $color = $_POST['color'];
        $name = $_POST['name'];
        $address = $_POST['address'];
        $city = $_POST['city'];
        $state = $_POST['state'];
        $zip = $_POST['zip'];
        $phone = $_POST['phone'];
        $email = $_POST['email'];
        $where = $_POST['where'];
        $price = $_POST['price'];
        $use = $_POST['use'];   

        if(check($email, $db)) {
            if(register($type, $color, $name, $address, $city, $state, $zip, $phone, $email, $where, $price, $use, $db)) {
                echo '<h1>Success!</h1><p>Thanks for registering your product. A confirmation email has been sent to '.$email.'.</p>';
            }
            else {
                echo '<h1>Error!</h1><p>There were errors processing your registration. Please try again.</p>'; 
            }
        }
        else {
            echo '<h1>Error!</h1><p>This product has already been registered.</p>';
        }

        function check($email, $db) {

            $stmt = $db->prepare("SELECT * FROM registrations WHERE email=?");
            $stmt->execute(array($email));
            $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
            if ($db) {
                if($rows) {
                    return false; // product registration exists    
                }
                else {
                    return true; // product registration does not exist
                }
            }
            else {
                return false; 
            }
        }

        function register($type, $color, $name, $address, $city, $state, $zip, $phone, $email, $where, $price, $use, $db) {

            $stmt = $db->prepare("INSERT INTO registrations VALUES(?,?,?,?,?,?,?,?,?,?,?,?)");
            $stmt->execute(array($type, $color, $name, $address, $city, $state, $zip, $phone, $email, $where, $price, $use));

            if (!$db) {
                return false;
            }
            else {
                mysql_close($db);
                return true; 
            }
        }
    ?>
于 2012-07-12T18:06:50.200 回答