[英]i cant get php to put information into mysql
I have a form that talks to 'process_register.php' to register a user. 我有一个与“ process_register.php”对话的表单来注册用户。 That file talks to a class called 'user'.
该文件与名为“用户”的类对话。
<form method="post" action="process_register.php">
User Name: <input type="text" name="userName" maxlength="32"><br>
Password: <input type="password" name="userPassword" maxlength="32"><br>
<input type="submit">
</form>
process_register.php process_register.php
<?php
// process_register.php
include('userclass.php');
$newUser = new User;
// Call the registerUser() method, passing in the required variables
$newUser->registerUser($userName, $userPassword);
// If it was an error, the class will kill the script, if not, it will reach this point
$newUser->displayUserInfo();
?>
userclass.php userclass.php
<?
// process_register.php
class User {
var $userID,
$userName,
$userPassword,
$dbHost,
$dbUser,
$dbName,
$dbPass,
$dbUserTable;
function registerUser($userName, $userPassword) {
// Connect to database
$dbLink = mysql_connect($this->dbHost, $this->dbUser, $this->dbPass);
if(!$dbLink) die("Could not connect to database. " . mysql_error());
// Select database
mysql_select_db($this->dbName);
$query = "insert into $this->dbUserTable values (NULL, \"$userName\", \"$userPassword\")";
$result = mysql_query($query);
// Test to make sure query worked
if(!$result) die("Query didn't work. " . mysql_error());
// Get the user ID
$this->userID = mysql_insert_id();
// Close database connection
mysql_close($dbLink);
// Assign the values to the data members
$this->userName = $userName;
$this->userPassword = $userPassword;
} // End registerUser()
function displayUserInfo() {
echo '<b>User ID: </b>' . $this->userID . '<br>';
echo '<b>User Name: </b>' . $this->userName . '<br>';
echo '<b>User Password: </b>' . $this->userPassword . '<br>';
} // End displayUserInfo()
The problem is when process_register.php calls 'displayUserInfo' it creates a slot in the DB for the new user but it is blank. 问题是,当process_register.php调用“ displayUserInfo”时,它将在DB中为新用户创建一个插槽,但该插槽为空。
any help is much appreciated 任何帮助深表感谢
You need to assign values to variables from the array $ _POST in "process_register.php" file before line 您需要在行之前为“ process_register.php”文件中的$ _POST数组中的变量赋值
$newUser->registerUser($userName, $userPassword);
. 。 For example,
例如,
$userName = $_POST['userName'];
$userPassword = $_POST['userPassword'];
But do not forget to filter user input data. 但是不要忘记过滤用户输入数据。
Are you following an old tutorial? 您是否在遵循旧教程?
On the line, $newUser->registerUser($userName, $userPassword); 在线上,$ newUser-> registerUser($ userName,$ userPassword); It assumes $userName, $userPassword are global variables.
假定$ userName,$ userPassword是全局变量。 Older versions of PHP had regisrered globals on by default.
较早版本的PHP默认情况下已重新注册全局变量。 In current versions of PHP you must do this:
在当前版本的PHP中,您必须执行以下操作:
$newUser->registerUser($_REQUEST['userName'], $_REQUEST['userPassword']); $ newUser-> registerUser($ _ REQUEST ['userName'],$ _REQUEST ['userPassword']);
Also, please make sure that you use mysql_real_escape_string() on all data added to the query - you are open to an SQL injection if you don't do this. 另外,请确保对添加到查询中的所有数据使用mysql_real_escape_string()-如果不这样做,则可以进行SQL注入。
you may also want to change the insert statement to put in MD5 passwords instead of clear text. 您可能还想更改插入语句以输入MD5密码,而不要输入明文。
$userPassword = md5($userPassword); before the insert
not "necessary", but a good security measure for future reference. 不是“必需的”,而是很好的安全措施,以供将来参考。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.