-2

我有一个需要用户输入的注册表单。该表单工作正常,但现在它没有向数据库插入任何值。谁能帮我?

我将显示所有代码,但我需要的是有关插入查询的帮助:

注册.php

<?php require_once('for members/scripts/connect.php'); ?>

<?php
function specializationQuery(){

$specData = mysql_query("SELECT * FROM specialization");

  while($recordJob = mysql_fetch_array($specData)){

     echo'<option value="' . $recordJob['specialization_id'] .  '">' . $recordJob['specialization_name'] . '</option>';

  }


}

 //default value
$message = "Fields Marcked with an [*] are Required";
  $username = "";
  $fname = "";
  $lname = "";
  $specialization = "";
  $email = "";
  $pass1 = "";
  $pass2 = "";
  $governorate="";
  $district = "";
  $village = "";

if(isset($_POST['username'])){
  $username = mysql_real_escape_string($_POST['username']);
  $fname = mysql_real_escape_string($_POST['fname']);
  $lname = mysql_real_escape_string($_POST['lname']);
  $email = mysql_real_escape_string($_POST['email']);
  $pass1 = mysql_real_escape_string($_POST['pass1']);
  $pass2 = mysql_real_escape_string($_POST['pass2']);
  $bdate = mysql_real_escape_string($_POST['birthdate']);


  $specialization = mysql_real_escape_string($_POST['specialization']);
  $governorate = mysql_real_escape_string($_POST['governorate']);
  @$district = mysql_real_escape_string($_POST['district']);
  @$village = mysql_real_escape_string($_POST['village']);


      var_dump($fname);
      var_dump($username);
      var_dump($governorate);
      var_dump($email);

  //error handeling
  if((!$username)||(!$fname)||(!$lname)||(!$email)||(!$pass1)||(!$pass2)||(!$specialization)||(!$governorate)||(!$district)||(!$village)){
  $message = "**** Please insert the Required Fields below ****<br />";

      if($fname == "")
     {
         $message = $message . "Enter First name<br/>";
     }
      if($lname == "")
     {
         $message = $message . "Enter Last name<br/>";
     }

     if( $specialization == 0)
     {
         $message = $message . "Select Your Job<br />";

     }
     if($governorate == 0)
     {
         $message = $message . "Select Your Governorate<br />";
     }

     if($district == '0')
     {
         $message = $message . "Select Your District<br />";
     }
     if($village == '0')
     {
     $message = $message . "Select Your Village<br />";

     }
     if($email == "")
     {
         $message = $message . "Enter Email Adress<br/>";
     }
      if ($username == "") {
        $message = $message . "Enter User Name<br/>";
      }

      if($pass1 == "")
     {
         $message = $message . "Enter password<br/>";
     }

      if($pass2 == "")
     {
         $message = $message . "rechek the password <br/>";
     }


 } 

     elseif(strlen($pass1) <= 8)
    {
         $message = $message . "Your Password must be at least 8 charachters<br />";
    }
   else if($pass1!=$pass2){
   $message = "your password do not match!";
 }
 else
 {
   //securing the data
   $username = preg_replace("#[^0-9a-z]#i","",$username);
   $fname = preg_replace("#[^0-9a-z]#i","",$fname);
   $lname = preg_replace("#[^0-9a-z]#i","",$lname);
   //$pass1 = sha1($pass1);

   $email = mysql_real_escape_string($email);
   // checking for duplicate
   $user_query = mysql_query("SELECT user_name FROM user WHERE user_name = '$username'LIMIT 1") or die("could not check the username");
   $count_username = mysql_num_rows($user_query);

    $email_query = mysql_query("SELECT email_address FROM user WHERE email_address = '$email'LIMIT 1") or die("could not check the email");
   $count_email = mysql_num_rows($email_query);

    if($count_username > 0){
     $message = " your username is alredy in use";
    }elseif($count_email > 0){
      $message = "your email is alredy in use";
    }
   else{

      $query = mysql_query("INSERT INTO user(user_name, first_name, last_name, governorate, district, village, birth_date, email_address, specialization, password, registered_date)VALUES('$username', '$fname', '$lname', '$governorate', '$district', '$village', '$bdate', '$email', '$specialization', '$pass1',  now())")or die("could not insert data"); 




    $message = "you have  now been registered";
    //from the social website


        if ($query) 
       {
       $_SESSION['user_id'] = mysql_insert_id();
       $_SESSION['login'] = 'true';
       $_SESSION['login_user'] = $username;
       }
?>
4

1 回答 1

0

您需要在文件中分隔代码。你写了很长的故事。$username = mysql_real_escape_string($_POST['username']); //这种类型的代码很多次。我的代码不好,但比你的好。尽量在函数中划分代码,在函数中分离各个逻辑。这样它就很容易理解和改变(一个地方的改变应该在所有地方改变)。尝试将 JS、HTML、PHP、错误处理等分开。我还没有编写完整的工作代码,但会向您展示如何改进。

function getPostedField($var){
    if(!empty($_POST[$var]) and ($_POST[$var]!=0) ){
        $var = mysql_real_escape_string($_POST[$var]);
        return ($var);
    }
    return false;
}

if(isset($_POST['username'])){
    $fields = array('username','fname','lname'.....); 
    $errors = 0;
    $posted_arr = array();
    foreach($fields as $field){
        $value = getPostedField($field);
        if($value){
            $posted_arr[$field] = $value;
        }else{
            $errors++;
        $error_msg .= "<p>$field should not be empty.</p>";
        }
    }
    if($posted_arr['pass1']==$posted_arr['pass2'] and (strlen($posted_arr['pass2']<=8) ) ){
    $errors++;
    }
    //do more checking here
    if($error==0){
    $query = "insert into `table`";
        foreach($fields as $field){
        $query .= "`$field`='".$posted_arr[$field]."',";
        }
    $len = strlen($query) - 1;
    $query = substr($query,0,$len); //removing last ,
    $sql_query = mysql_query($query);
    }
}
于 2013-04-27T13:40:04.487 回答