-1

在任何人投反对票并批评我之前,我是开发新手,我需要在我的查询中使用 php 和 mysql

所以我试图让用户在注册页面中插入一些信息,这些信息将向具有这些字段的名为 user 的表提交信息:

  • 用户名,
  • 名,
  • 姓,
  • 地址,
  • 区名,
  • 村名,
  • 出生日期,
  • 电子邮件地址,
  • 专业化名称,
  • 密码,
  • 注册日期

我有另一个具有这些字段的名称专业化表:

  • 专业化_id
  • 规格名称

我需要的是用户在注册页面中选择专业化,但在用户表中我需要使用 specialization_id 作为专业化表的外键

我使用的插入查询是:

   $query = mysql_query("INSERT INTO user(user_name, first_name, last_name, address, district_name, village_name, birth_date, email_address, specialization_name, password, registered_date)VALUES('$username', '$fname', '$lname', '$country', '$district', '$village', '$bdate', '$email', '$specialization', '$pass1',  now())")or die("could not insert data");

注册.php

<?php require_once('for members/scripts/connect.php'); ?>


<?php
ob_start();
 function countryQuery(){

  $countryData = mysql_query("SELECT * FROM country") or die("could select database");

  while($record = mysql_fetch_array($countryData)){

     echo'<option value="' . $record['country_name'] .  '">' . $record['country_name'] . '</option>';

  }

}


function specializationQuery(){

$specData = mysql_query("SELECT * FROM specialization");

  while($recordJob = mysql_fetch_array($specData)){

     echo'<option value="' . $recordJob['specialization_name'] .  '">' . $recordJob['specialization_name'] . '</option>';

  }


}

function districtQuery(){

$distData = mysql_query("SELECT * FROM districts");

  while($recorddist = mysql_fetch_array($distData)){

     echo'<option value="' . $recorddist['district_name'] .  '">' . $recorddist['district_name'] . '</option>';

  }


}

function villageQuery(){

$villageData = mysql_query("SELECT * FROM village");

  while($recordvillage = mysql_fetch_array($villageData)){

     echo'<option value="' . $recordvillage['village_name'] .  '">' . $recordvillage['village_name'] . '</option>';

  }


}



 //default value
$message = "Fields Marcked with an [*] are Required";
  $username = "";
  $fname = "";
  $lname = "";
  $specialization = "";
  $email = "";
  $pass1 = "";
  $pass2 = "";
  $district = "";
  $village = "";

if(isset($_POST['username'])){
  $username = mysql_real_escape_string($_POST['username']);
  $fname = mysql_real_escape_string($_POST['fname']);
  $lname = mysql_real_escape_string($_POST['lname']);
  $email = mysql_real_escape_string($_POST['email']);
  $pass1 = mysql_real_escape_string($_POST['pass1']);
  $pass2 = mysql_real_escape_string($_POST['pass2']);
  $bdate = mysql_real_escape_string($_POST['birthdate']);
  $country = mysql_real_escape_string($_POST['country']);
  //$local_adress = $_POST['adress'];
  $specialization = mysql_real_escape_string($_POST['specialization']);
  $district = mysql_real_escape_string($_POST['district']);
  $village = mysql_real_escape_string($_POST['village']);

  //error handeling
  if((!$username)||(!$fname)||(!$lname)||(!$email)||(!$pass1)||(!$pass2)||(!$specialization)||(!$district)||(!$village)){
  $message = "**** Please insert the Required Fields below ****<br />";

  if($fname == "")
 {
     $message = $message . "Enter First name<br/>";
 }
  if($lname == "")
 {
     $message = $message . "Enter Last name<br/>";
 }

 if($specialization == 0)
 {
     $message = $message . "Select Your Job<br />";
 }
 if($district == 0)
 {
     $message = $message . "Select Your District<br />";
 }
 if($village == 0)
 {
     $message = $message . "Select Your Village<br />";
 }
 if($email == "")
 {
     $message = $message . "Enter Email Adress<br/>";
 }
  if ($username == "") {
    $message = $message . "Enter User Name<br/>";
  }

  if($pass1 == "")
 {
     $message = $message . "Enter password<br/>";
 }

  if($pass2 == "")
 {
     $message = $message . "rechek the password <br/>";
 }

 } 

     elseif(strlen($pass1) <= 8)
    {
     $message = $message . "Your Password must be at least 8 charachters<br />";
}
   else if($pass1!=$pass2){
   $message = "your password do not match!";
   }else{
   //securing the data
   $username = preg_replace("#[^0-9a-z]#i","",$username);
   $fname = preg_replace("#[^0-9a-z]#i","",$fname);
   $lname = preg_replace("#[^0-9a-z]#i","",$lname);
   //$pass1 = sha1($pass1);

   $email = mysql_real_escape_string($email);
   // checking for duplicate
   $user_query = mysql_query("SELECT user_name FROM user WHERE user_name = '$username'LIMIT 1") or die("could not check the username");
   $count_username = mysql_num_rows($user_query);

    $email_query = mysql_query("SELECT email_address FROM user WHERE email_address = '$email'LIMIT 1") or die("could not check the email");
   $count_email = mysql_num_rows($email_query);

    if($count_username > 0){
     $message = " your username is alredy in use";
    }elseif($count_email > 0){
      $message = "your email is alredy in use";
    }
   else{

      $query = mysql_query("INSERT INTO user(user_name, first_name, last_name, address, district_name, village_name, birth_date, email_address, specialization_name, password, registered_date)VALUES('$username', '$fname', '$lname', '$country', '$district', '$village', '$bdate', '$email', '$specialization', '$pass1',  now())")or die("could not insert data");  
      //var_dump($query);
      //exit();

    $message = "Registered Success <a href='profile.php'>Your Profile</a> ";
    //from the social website


        if ($query) 
       {
       $_SESSION['user_id'] = mysql_insert_id();
       $_SESSION['login'] = 'true';
       $_SESSION['login_user'] = $username;
       }

    }
   }
 }




?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Register Page</title>
<link href="style/stylesheet.css" rel="stylesheet" type="text/css" />
<link href="style/imagesGallery.css"rel="stylesheet" type="text/css"/>
<script src="js/main.js" type="text/javascript"></script>
<script src="js/jquery.js" type="text/javascript"></script>
</head>

<body>

<div class="container">
<table width="200" border="0" align="center">
<tr>
  <tr>
    <td><img src="web_header copy.jpg" alt="visitor header" width="1080" height="128" /></td>
  </tr>
  <tr>




     <td>
       <marquee direction="left" width="99%" behavior="alternate">
        <img src="imggallery/images/akoura/akoura_small.jpg" width="119" height="91">
        <img src="imggallery/images/ballaa2/ballaa2_small.jpg" width="119" height="91">
        <img src="imggallery/images/baalbeck/baalbek_small.jpg" height="92">
        <img src="imggallery/images/barouk/cedre_barouk_small.jpg" width="119" height="91">
        <img src="imggallery/images/batroun/batroun_small.jpg" width="119" height="91">
        <img src="imggallery/images/bchareh/bchareh_small.jpg" width="119" height="91">
        <img src="imggallery/images/beiteldin/beiteldine_small.jpg" width="119" height="91">
        <img src="imggallery/images/beyrouth/beyrouth_small.jpg" width="119" height="91">
        <img src="imggallery/images/beyrouth/beyroyj frm sky/beyrouthfromSky_small.jpg" width="119" height="91">
        <img src="imggallery/images/deir el mara/deirelamar_small.jpg" width="119" height="91">
        </marquee>
        <hr />
       <h2 class="registerTitle">Registration Fields</h2>
       <h4 class="registerTitle">Sign Up Today....</h4>
 <!-- <div class="container center"> -->
       <p style="color:#FF0000" align="center"><?php print("$message")?></p>
    </td>

    <tr>
        <table width="680" border="0" align="center">
        <form action="register.php" method="post">

        <tr>


        <td><span class="Fields">First Name</span> <span class="requiredField">*</span></td>
        <td>
        <input type="text" name="fname" placeholder="Firstname" /></td>

      <td><span class="Fields">Last Name</span><span class="requiredField">*</span></td>

      <td><input type="text" name="lname" placeholder="Lastname" /></td>
      </tr>


    <tr>
      <td><label for="birthdate" class="Fields">Birth Date                     </label></td>
      <td><input type="date" name="birthdate" value= "YYYY_MM_DD"  onfocus="if (this.value == 'YYYY_MM_DD') {this.value = '';}" onblur="if (this.value == '') {this.value = 'YYYY_MM_DD';}" />
        <br /></td>

    </tr>

    <tr>
      <td class="Fields"><label for="country">Country</label></td>
      <td><select name="country"  class="select">
      <option value="0">-- Select Your Country --</option>
        <?php countryQuery(); ?>
      </select></td>
      <td class="Fields"><label for="specialisation">Specialisation <span class="requiredField">*</span></label></td>
      <td><select name="specialization"  class="select">
      <option value="0">-- Select Your Specialization --</option>

        <?php specializationQuery(); ?>
      </select></td>

    </tr>

    <tr>
      <td class="Fields"><label for="district">District<span class="requiredField">*</span></label></td>
      <td><select name="district"  class="select">
      <option value="0">-- Select Your District --</option>

        <?php districtQuery(); ?>
      </select></td>

      <td class="Fields"><label for="village">Village<span class="requiredField">*</span></label></td>
      <td><select name="village"  class="select">
      <option value="0">-- Select Your Village --</option>

        <?php villageQuery(); ?>
      </select></td>

    </tr>

    <tr>
      <td class="Fields"><label for="email">Email Adress<span class="requiredField">*</span></label></td>
      <td><input type="text" name="email" placeholder="Email Adress" />
        <br /></td>
      <td><label for="username"><span class="Fields">User Name</span> <span class="requiredField">*</span></label></td>
      <td><input type="text" name="username" placeholder="Username" />
        <br /></td>

    </tr>

    <tr>
      <td class="Fields"><label for="password">Password<span class="requiredField">*</span></label></td>
      <td><input type="password" name="pass1" placeholder="Password" />
        <br /></td>
      <td class="Fields"><label for="password2">Re_Password<span class="requiredField">*</span></label></td>
      <td><input type="password" name="pass2" placeholder="Validate Password" />
        <br /></td>

    </tr>

    <tr>
      <td></td>
      <td></td>
      <td><input type="submit" value="Register"/></td>
      <td></td>
    </tr>

  </form>
</table>
<!--</div>-->
  </tr>



  <tr>
    <td><?php require_once('footer.php'); ?></td>
  </tr>
  </tr>
  </tr>
</table>


</div>
</body>
</html>
<?php ob_end_flush(); ?>

所以任何人都可以帮助我???

4

5 回答 5

0

“**specialization_name**”肯定会导致问题。* 是 SQL 查询中的一条语句,它基本上代表所有内容(例如,SELECT * FROM someTable... 表示从 someTable 中选择所有内容)。您应该删除星号,假设您设置正确,您的查询将正常工作

于 2013-04-13T18:36:30.640 回答
0

试试PHP PDO,php 中的 mysql_ 函数将被贬低,而且 PDO 更安全,是将您的应用程序移植到其他数据库的最佳实践。不能用 Mysql_ 做到这一点

像这样 :

 //We connect to the database
    $host="xxxxxx"; // Host name
    $username="xxxxxxx"; // Mysql username
    $password="xxxxxxxxxx"; // Mysql password
    $db_name="xxxxxxxx"; // Database name

    // Connect to server via PHP Data Object
    $dbh = new PDO("mysql:host=localhost;dbname=DBFinaid", $username, $password);
    $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    $dbh->setAttribute(PDO::ATTR_EMULATE_PREPARES, FALSE);

        try {
                $query = $dbh->prepare("
                      INSERT INTO user(user_name, 
                                        first_name, 
                                        last_name,
                                        address, 
                                        district_name, 
                                        village_name, 
                                        birth_date, 
                                        email_address, 
                                        specialization_name, 
                                        password, 
                                        registered_date)
                    VALUES(':username', 
                                        ':fname', 
                                        ':lname', 
                                        ':country', 
                                        ':district', 
                                        ':village', 
                                        ':bdate', 
                                        ':email', 
                                        ':specialization', 
                                        ':pass1',  
                                         now())"
                                    );

                $query->bindParam(':YOURVALUES', $YOURVALUE); // Make sure the number values in bindParam equal your values in the query
                .....................................
                $query->execute();
        catch (PDOException $e) {
                error_log($e->getMessage());
                die($e->getMessage());
            }

            $dbh= null;


  [1]: http://php.net/manual/en/book.pdo.php
于 2013-04-13T18:49:11.370 回答
0

您的specializationQuery函数应该打印字符串,<option value="' . $recordJob['specialization_id'] . '">' . $recordJob['specialization_name'] . '</option>而不是<option value="' . $recordJob['specialization_name'] . '">' . $recordJob['specialization_name'] . '</option>,因此您获得了specialization_id必须插入用户数据库的值。

于 2013-04-13T19:01:08.860 回答
0

我认为你不应该使用specialization_namespecialization_id在你的user-table 中。我假设specialization_id是表中的键,specialization您的表中应该有user一个外键 ( ),它引用表 ( )user.specialization_id的主键。specializationspecialization.id

假设您有以下专业:

  1. 规格1
  2. 规格2
  3. 规格3

那么您在 HTML 中的 Selection 元素应如下所示:

<select name="specialization"  class="select">
  <option value="0">-- Select Your Specialization --</option>
  <option value="1">Spec1</option>
  <option value="2">Spec2</option>
  <option value="3">Spec3</option>
</select>

现在,如果用户选择让我们说Spec2,那么您的变量$specialization应该具有值 2 并且您应该能够将其插入到数据库中。

希望能帮助到你!

于 2013-04-13T18:39:50.697 回答
0

为了使事情变得更简单,我相信您可以在用户表中使用 ENUM 字段,而不是使用另一个表。这可能是您的替代方案。

于 2013-04-13T18:42:36.260 回答