PHP的插入MySQL无法正常工作

Question

I 've been struggling with this one for a couple of days and since this is my first project using PHP it's kinda hard to figure it out by myself.I rewrote my code with the help from other threads but I still can't find the solution.

So, I want to make a simple user registration.I get the user's input from this form , which is included in registration_page.html , the code is this:

<form id="registerForm" action="http://localhost//register.php" method="post">
  <fieldset align="center">
    <legend id="legendText">Register</legend>
    <p>Name:
      <input type="text" name="fname" value="" required autofocus maxlength="16"></p>
    <p>Last name:
      <input type="text" name="lname" value="" required maxlength="16"></p>
    <p>E-mail:
      <input type="email" name="mail" value="" placeholder="@mail.com" maxlength="32" required></p>
    <p>Age:
      <input type="number" name="age" value="" maxlength="2" max="99" maxlength="2" size="2" min="1" required></p>
    <p>Job:
      <input type="text" name="job" value="" maxlength="16" required></p>
      <table align="center" id="registerPwdAndUsrTable" border="1" width="30%">
        <tr>
          <td>
            <p>Username:
              <input type="text" name="username" value="" required  maxlength="16"></p>
          </td>
          <td>
            <p>Password:
              <input type="password" name="password" value="" required  maxlength="16"></p>
          </td>
        </tr>
      </table>
      <input form="registerForm" type="Submit" value="Εγγραφή">
      <input form="registerForm" type="Reset" value="Ακύρωση">
  </fieldset>
</form>

After submitting the form the php script that is called is register.php (as you see in the action=" " my script is handled by the server ). Now,the register.php is:

register.php

<!Doctype html>
<html>
<head>
  <meta charset="utf-8"><!--characters recognised-->
  <title>Register</title>
<style>

body{
  background-image: url(my_images//background_homepage.jpg);
  background-repeat: no-repeat;
  background-size:cover;
}
</style>
</head>
<body>

<?php
  extract( $_POST );//superglobal variable

if( isset($_POST['submit'] ) ) {

  print_r($_POST);

  //Getting the variables from 'registerForm' ++  /* checking if user inputs are set */
  $first_name = (isset($_POST['fname'])) ? $_POST['fname'] : NULL;
  $last_name = (isset($_POST['lname'])) ? $_POST['lname'] : NULL;
  $age = (isset($_POST['age'])) ? $_POST['age'] : NULL;
  $job = (isset($_POST['job'])) ? $_POST['job'] :NULL;
  $email = (isset($_POST['mail'])) ? $_POST['mail'] : NULL;
  $username = (isset($_POST['username'])) ? $_POST['username'] : NULL;
  $password = (isset($_POST['password'])) ? $_POST['password'] : NULL;

//INSERT INTO Query Creation
$sqlQuery = "INSERT INTO registered_user ( age,email,fname,job,lname,password,username )
 VALUES ('$age','$email','$first_name','$job','$last_name','$password','$username')";

//MySQL connection
if( !( $database = mysql_connect( "localhost","root","" ) ) )//server name , a username , password
  die( "Couldn't connect to DB </body></html>" );//if false --> script gets terminated

//Opening database "htmlproject"
if( !mysql_select_db("htmlproject",$database) )//Database to be used , htmlproject
  die( "Couldnt open htmlproject db </body></html>" );

//Query
mysql_query( $sqlQuery, $database);
if( !( $result = mysql_query( $sqlQuery, $database) ) )
{
  print( "failed query! <br />" );
  die( mysql_error() . "</body></html>" );
}else{
  print("success query!");
}//end if

//Free resources
mysql_close( $database );

}//end ifisset
?><!--end php script.To be executed by server-->

<script type="text/javascript">//registration completed
var r=window.confirm("registration completed");
if( r == true){
  document.location.href = "HOMEPAGE.html";
}else{
    document.location.href = "HOMEPAGE.html";
}
</script>

</body>
</html>

So my problem is that the INSERT INTO registered_user... doesn't work.I don't get an entry to my database, nothing. I am using XAMPP and the table is this:

registered_user table SQL script

Answer 1

You never, ever define 'submit'. You don't have a form element with that name. Therefore this:

if( isset($_POST['submit'] ) ) {

will fail every time. You're not outputting any error messages, have you checked your error logs? You're making an assumption the queries are working. Add error reporting to the top of your file(s) right after your opening <?php tag error_reporting(E_ALL); ini_set('display_errors', 1); error_reporting(E_ALL); ini_set('display_errors', 1); Add error checking, such as or die(mysql_error()) to your queries. Or you can find the issues in your current error logs. Error checking will reveal $_POST['submit'] is undefined.

---

In addition:

Little Bobby says your script is at risk for SQL Injection Attacks. . Even escaping the string is not safe!

Please stop using mysql_* functions . These extensions have been removed in PHP 7. Learn about prepared statements for PDO and MySQLi and consider using PDO, it's really pretty easy .

Never store plain text passwords! Please use PHP's built-in functions to handle password security. If you're using a PHP version less than 5.5 you can use the password_hash() compatibility pack . Make sure you don't escape passwords or use any other cleansing mechanism on them before hashing. Doing so changes the password and causes unnecessary additional coding.