0

我正在努力从 mysql 掌握 PDO,这是我的注册表单。

我收到的错误对我来说不太有意义,谁能帮我完成我的注册表单?

<? include 'includes/overall/head.php'; 
include 'core/init.php';?>
<div id="page" class="container">
<div id="box1">
    <h2 class="title"><? echo $welcome; ?></h2>
    <div style="clear: both;">&nbsp;</div>
    <div class="entry"> 
        <form method="POST" action="process_user.php">
        Username*: <br/>
        <input type="text" name="username" /><br/>
        Password*: <br/>
        <input type="password" name="password" /><br/>
        Confirm Password*: <br/>
        <input type="password" name="password_confirm" /><br/>
        Email*: <br/>
        <input type="text" name="email" /><br/>
        Confirm Email*: <br/>
        <input type="text" name="email_confirm" /><br/>
        <?require_once('recaptchalib.php');
        $publickey = "*****";
        echo recaptcha_get_html($publickey);?>
        <input type="submit" name="submit" value="Register">
        </form>
    </div>
</div>
<? include 'includes/overall/footer.php'; ?>

这是 prcess_user.php

<? include 'includes/overall/head.php'; 
include 'core/init.php';?>
 <div id="page" class="container">
<div id="box1">
    <h2 class="title"><? echo $welcome; ?></h2>
    <div style="clear: both;">&nbsp;</div>
    <div class="entry"> 
        <?
          require_once('recaptchalib.php');
          $privatekey = "*****";
          $resp = recaptcha_check_answer ($privatekey,
                                            $_SERVER["REMOTE_ADDR"],
                                            $_POST["recaptcha_challenge_field"],
                                            $_POST["recaptcha_response_field"]);

          if (!$resp->is_valid) {
            die ("The reCAPTCHA wasn't entered correctly. Go back and     try it again.");
          } else {  

        if (empty($_POST) === false) {
            $required_fields = array('username', 'password', 'password_confirm', 'email', 'email_confirm');
            foreach($_POST as $key=>$value) {
                if (empty($value) && in_array($key,    $required_fields) === true) {
                $errors[] = 'Fields marked with an asterisk are    required.';
                break 1;
                }
            }
        }
        if (empty($errors) === true) {
                if(user_exists($_POST['username'] === true)) {
                    $errors[] = 'Sorry, the username   \''.$_POST['username'].'\' is already taken.';
                }
                if (preg_match("/\\s/", $_POST['username'] ==   true)) {
                    $errors[] = 'Your username cannot contain    any spaces';
                }
                if (strlen($_POST['password']) < 6 ||   strlen($_POST['password'] > 32)) {
                    $errors[] = 'Your password must be between    6 and 32 characters';
                }
                if ($_POST['password'] !==     $_POST['password_confirm']) {
                    $errors[] = 'Your passwords did not match';
                }
                if (filter_var($_POST['email'],     FILTER_VALIDATE_EMAIL) === false) {
                    $errors[] = 'Please enter a valid email address.';
                }   
                if (email_exists($_POST['email']) === true) {
                    $errors[] = 'The email address     \''.$_POST['email'].'\' is arealdy registered.';
                }                   
            }                   
        }
        if (isset($_GET['success']) && empty($_GET['success'])) {
            echo 'You\'ve been successfully registered, please check     your email inbox to activate your account';
        } else {
            if (empty($_POST) === false && empty($errors) === true) {
                $register_data = array(
                    'username' => $_POST['username'],
                    'password' => $_POST['password'],
                    'email' => $_POST['email'],
                    'email_code' => md5($_POST['username'] +          microtime())
                );
                register_user($register_data);
                header('location: register.php?success');
                exit();
            } else if(empty($errors) === false) {
                echo output_errors($errors);
            }

            //LINK TO GO BACK AND TRY AGAIN
        }

        ?>
    </div>
</div>
<? include 'includes/overall/footer.php'; ?>

最后,与它们一起使用的功能

<?php
function user_exists($username) {
$username = sanitize($username);
$query = "SELECT COUNT(`user_id`) FROM `users` WHERE `username` = `$username`";
$stmt = $dbh->prepare($query);
$stmt->execute();
return ($stmt->rowCount() == 1) ? true : false;
}
function email_exists($email) {
$email = sanitize($email);
$query = "SELECT COUNT (`user_id`) FROM `users` WHERE `email` = $email";
$stmt = $dbh->prepare($query);
$stmt->execute();
return ($stmt->rowCount() == 1) ? true : false;
}
function register_user($register_data) {
array_walk($register_data, 'array_sanitize');
$register_datapw = $register_data['password'];
require ('../../includes/blowfish.class.php');
$bcrypt = new Bcrypt(4);
$register_data['password'] = $bcrypt->hash($_POST['password']);

$fields = '`' . implode('`, `', array_keys($register_data)) . '`';
$data = '\'' . implode('\', \'', $register_data) . '\'';

$query = "INSERT INTO `USERS` ($fields) VALUES ($data)";
$stmt->prepare($query);
$stmt->execute();   
}
?>

这是我收到的错误

[08-May-2013 09:44:52 America/Denver] PHP Parse error: syntax error, unexpected '$' in .../process_user.php on line 50哪个是 if (isset($_GET['success']) && empty($_GET['success'])) {

4

1 回答 1

1

PHP 中的empty()函数有一些非常奇怪的语义。根据精美手册

PHP 5.5 之前,empty()只支持变量;其他任何事情都会导致解析错误。换句话说,以下内容将不起作用:empty(trim($name)). 相反,使用trim($name) == false.

同样,您将需要使用$_GET['success'] == false而不是empty($_GET['success']).

顺便说一句:您正在使用 PDO,这很好,但您仍在将用户输入插入到 SQL 查询中,这非常、非常、非常糟糕。在继续之前了解如何正确使用 PDO 和绑定变量。

于 2013-05-08T23:31:34.147 回答