我有一个用户注册脚本,除了 PDO 准备好的语句不会将值插入数据库之外,它都可以正常工作。该脚本没有返回错误。MySQL 用户确实拥有我正在执行的操作的权限。
Signup.php :
echo "<?xml version=\"1.0\" ?>";
if(isset($_POST['email'], $_POST['username'], $_POST['p'], $_POST['fname'], $_POST['lname'], $_POST['gender'])) {
foreach ($_POST as $entry) {
strip_tags($entry);
}
if(strlen($_POST['email']) < 1) {
echo "<response>Please enter an email address!</response>";
exit();
}
if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
echo "<response>Please enter a valid email address!</response>";
exit();
}
if(strlen($_POST['p']) < 6) {
echo "<response>Please enter a password that is longer than 6 characters!</response>";
exit();
}
if(strlen($_POST['username']) < 5 || strlen($_POST['username']) > 30) {
echo "<response>Please enter a username that is between 5 and 30 characters in length!</response>";
exit();
}
if(strlen($_POST['fname']) < 1 || strlen($_POST['lname']) < 1) {
echo "<response>Please enter a name!</response>";
exit();
}
if(strlen($_POST['gender']) < 1) {
echo "<response>Please select your gender!</response>";
exit();
}
//if(strlen($_POST['recaptcha_response_field']) < 1) {
// echo "<response>Please answer the Captcha!</response>";
// exit();
//}
if($_POST['gender'] === "Male") {
$_POST['gender'] = "m";
} else {
$_POST['gender'] = "f";
}
//$recaptcha_response = null;
//$recaptcha_error = null;
//$recaptcha_response = recaptcha_check_answer($recaptcha_private_key, $_SERVER['REMOTE_ADDR'], $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']);
//if($recaptcha_response->is_valid) {
$salt = hash("sha512", uniqid(mt_rand(1, mt_getrandmax()), true));
$password = $_POST['p'];
$password = hash("sha512", $password.$salt);
$info = array(
"email" => $_POST['email'],
"password" => $password,
"salt" => $salt,
"username" => $_POST['username'],
"fname" => $_POST['fname'],
"lname" => $_POST['lname'],
"gender" => $_POST['gender']
);
if(register($info, $database) === true) {
echo "<response>Registration Successfull! Please check your inbox for an activation email!</response>";
exit();
}
//} else {
// echo "<response>Incorrect Captcha! Please click the reCaptcha refresh button and try again!</response>";
// exit();
//}
} else {
echo "<response>Invalid Sign-Up Request!</response>";
exit();
}
寄存器()函数:
function register($info, $database) {
try {
$query = $database -> prepare("SELECT email FROM members WHERE email = :email LIMIT 1");
$query -> execute(
array(
":email" => $info['email']
)
);
$result = $query -> fetch();
$result = $result[1];
if(strlen($result) > 0) {
echo "<response>Email already in use!</response>";
exit();
} else {
$query = $database -> prepare("SELECT username FROM members WHERE username = :username LIMIT 1");
$query -> execute(
array(
":username" => $info['username']
)
);
$result = $query -> fetch();
$result = $result[1];
if(strlen($result) > 0) {
echo "<response>Username already in use!</response>";
exit();
} else {
$query = $database -> prepare("SELECT password FROM members WHERE password = :password LIMIT 1");
$query -> execute(
array(
":password" => $info['password']
)
);
$result = $query -> fetch();
$result = $result[1];
if(strlen($result) > 0) {
echo "<response>Password already in use!</response>";
exit();
} else {
$time = time();
/*
* This is where it isn't working
*/
$query = $database -> prepare("INSERT INTO members (email, password, salt, username, first_name, last_name, signup, last_login, gender) VALUES (:email, :password, :salt, :username, :fname, :lname, :signup, :last_login, :gender)");
$query -> execute(
array(
":email" => $info['email'],
":password" => $info['password'],
":salt" => $info['salt'],
":username" => $info['username'],
":fname" => $info['fname'],
":lname" => $info['lname'],
":signup" => $time,
":last_login" => $time,
":gender" => $info['gender']
)
) or die(print_r($query->errorInfo(), true));
$rc = hash("sha512", uniqid(mt_rand(1, mt_getrandmax()), true));
$query = $database -> prepare("SELECT id FROM members WHERE email = :email LIMIT 1");
$query -> execute(
array(
":email" => $info['email']
)
);
$user_id = $query -> fetch();
$query = $database -> prepare("INSERT INTO regcodes (user_id, reg_code) VALUES (:id, :rc)");
$query -> execute(
array(
":id" => $user_id['id'],
":rc" => $rc
)
);
mail($info['email'], "Activate your account for Code-Cluster!", "Please click the following link to activate your account for Code-Cluster!\r\n http://www.ablp.x10.mx/code-cluster/activate.php?rc=".$rc);
return true;
exit();
}
}
}
} catch(PDOException $e) {
echo "<response>An error occured whilst creating your account! An email has been sent to tech support!</response>";
mail("admin@codecluster.x10.mx", "Code-Cluster Sign-Up Error", "Sign-Up Error; Timestamp @ " . date() . " ; IP Address : " . $_SERVER['REMOTE_ADDR'] . " ;\r\n" . $e);
exit();
}
}
这是数据库结构:
