HTML / PHP表单问题
[英]HTML/PHP Form Problems
问题描述
I'm relatively new to web coding, but I know quite a bit, I was making a registration form earlier, which also checks if the fields are empty. 
我是Web编码的新手,但我知道很多,我早先制作了一份注册表格,该表格还检查这些字段是否为空。 It comes up OK, but nothing seems to work, when the fields are empty, the message doesn't come up, and when the fields are fine, it just loads but doesn't actually insert it into the database. 它可以正常运行,但是似乎没有任何作用,当这些字段为空时,不会出现消息,而当这些字段正常时,它只是加载但实际上并未将其插入数据库。 Also, once I press the submit button, the form just disappears as well. 同样,一旦我按下提交按钮,表格也将消失。 Any help would be much appreciated. 任何帮助将非常感激。
<form method="post">
<?php
if(isset($_POST['submit'])){
$username=$_POST['username'];
$password=$_POST['password'];
$password=md5(hash("sha512",$password));
if(empty($username) or empty($password)){
$message="Please enter information into the fields.";
} else {
mysql_query("INSERT INTO `users` VALUES('',$username,$password)");
$message="Register successful!";
}
echo "<div id='box>$message</div>";
}
?>
Username: <input type="text" name="username" /><br>
Password: <input type="password" name="password" /><br>
<input type="submit" name="submit" value="Sign Up">
</form>
5 个解决方案
解决方案1
2 2014-02-22 16:59:10
It looks like you are not printing out mysql errors, you just need to add or die(mysql_error()); 看来您没有打印出mysql错误,您只需要添加or die(mysql_error()); at the end of the query as in my example i did. 在查询的结尾,就像我的例子一样。 Anyway you should surround your strings with quotes . 无论如何,您都应该在字符串两边加上quotes 。 The page came out blank when you press because if condition is met. 按下时,该页面空白,因为如果满足条件。 So change as follow 所以改变如下
mysql_query("INSERT INTO `users` VALUES('','$username','$password')") or die(mysql_error());
As side note i would stop using mysql_ function since they are derecated and use instead either PDO or mysqli with prepared statements to avoid any risk of mysql injections since your code is highly vulnerable. 作为mysql_由于它们已被废弃,因此我将停止使用mysql_函数,而应使用带有准备好的语句的PDO或mysqli来避免mysql注入的任何风险,因为您的代码极易受到攻击。 LEARN MORE HERE 了解更多信息
As CodeBird correctly stated 正如CodeBird正确指出的
md5 of an empty string will return a 32 chars string, so the password you are testing will never be empty
解决方案2
1 2014-02-22 17:02:58
Change the query statement to 将查询语句更改为
mysql_query("INSERT INTO `users` VALUES('','$username','$password')");
Start using mysqli_* functions instead of mysql_* as the latter are deprecated 开始使用mysqli_ *函数而不是mysql_ *,因为后者已被弃用
解决方案3
1 2014-02-22 17:22:20
check this out "(`id`, `username`, `password`)" example column name use what you have made it.
<?php
if(isset($_POST['submit']))
{
$username=$_POST['username'];
$password=$_POST['password'];
enter code here
if(empty($username) || empty($password)){
$message="Please enter information into the fields.";
} else {
$password=md5(hash("sha512",$password));
mysql_query("INSERT INTO `users` (`id`, `username`, `password`) VALUES('','$username','$password');");
$message="Register successful!";
}
echo "<div id='box'>".$message."</div>";
}
?>
<form method="post" action="">
<input type="text" name="username" /><br>
<input type="password" name="password" /><br>
<input type="submit" name="submit" value="Sign Up">
</form>
解决方案4
0 2014-02-22 16:59:22
Your insert query is wrong, use: 您的插入查询错误,请使用:
INSERT INTO tablename (col1, col2) VALUES('data1', 'data2' )
Or you can use 或者你可以使用
INSERT INTO tablename SET col1 = "data1", col2 = "data2"
解决方案5
0 2014-02-22 17:01:18
You are having an issue because you are misusing empty() 您遇到问题是因为您滥用empty()
A variable is considered empty if it does not exist or if its value equals FALSE
Also you should use double-pipes || 另外,您应该使用双管道|| for or in your if() 用于或在您的if()
This: 这个:
if(empty($username) or empty($password)){
Should be: 应该:
if($username === '' || $password === ''){
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.