0

我正在尝试允许用户注册,并且代码返回时没有任何错误,但我的数据库中没有显示任何内容。我无法终生找出原因。我没有发现任何问题,但也许你们中的一个可以帮助我?

这是完整的 php 文件:

<?php

require "includes/constants.php";

$conn = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_NAME);

if(isset($_POST['username'])) {
    $username = $_POST['username'];
    $uLength = strlen($username);
}

if ($uLength >= 4 && $uLength <= 15)
{
}
else
{
    die("Your username must be between 4 and 15 characters.");
}

if($username == "")
{
    die("You didn't tell me what to call you! Please enter a username.");
}

if(isset($_POST['pwd'])) {
    $pwd = $_POST['pwd'];
    $pLength = strlen($pwd);
}

if ($pLength >= 6 && $pLength <= 41)
{
}
else
{
    die("Password must be between 6 and 41 characters.");
}

if($pwd == "")
{
    die("Please enter a password and verify it.");
}

if(isset($_POST['pwd_conf'])) {
    $pwd_conf = $_POST['pwd_conf'];
}
if($pwd != $pwd_conf)
{
    die("Ouch! Your passwords don't match! Try again.");
}

if(isset($_POST['email'])) {
    $email = $_POST['email'];
    $email1 = "@";
    $email_check = strpos($email,$email1);
}

$user_check = "SELECT username FROM users WHERE username='$username'";
if($stmt = mysqli_prepare($conn,$user_check)) {
    mysqli_stmt_execute($stmt);

    if(mysqli_stmt_num_rows($stmt) > 0){
        die("Username is already in use!<br>");
    }
}

$query = "INSERT INTO users (username, password, email) VALUES ('$username', '$pwd', '$email')";

if(!$query)
{
    die("Unfortunately, we can't sign you up because we have problems: ".mysql_error());
}
else
{
    header("Location: login.php");
}

?>    
4

2 回答 2

1

您构建了一个查询字符串,但永远不会执行它......

1. $sql = "INSERT ..."
2. ???
3. come to SO to ask why

另请注意,您正在混合 mysqli 和 mysql 调用(特别是在定义 INSERT 查询之后 mysql_error 调用。这两个库不可互换且彼此不兼容

另请注意,当您使用准备好的语句(耶!)时,您完全错误地使用它们(嘘声)并且容易受到SQL 注入攻击

于 2013-01-16T16:52:06.253 回答
-1

您需要在 if(!$query) 之前使用 mysql_query() 函数

$result = mysql_query($query);
if(!$result){
于 2013-01-16T16:57:28.783 回答