This is my php code , I am warning at the line of inserting the data please provide the answer
if($_POST['submitted'] == 1){
$q = "INSERT INTO user(fullname,email,password,conform-password,mobileno) VALUES ('$_POST[form-full-name]','$_POST[form-email]','$_POST[form-password]','$_POST[form-conform-password]','$_POST[form-mobile-no]')";
$r= mysqli_query($dbc,$q);
if($r){
echo '<p>you are REGISTERED SUCCESSFULLY !</p>';
}
else{
echo '<p>your REGISTRATION FAILED !</p>'.mysqli_error($dbc);
echo '<p>'.$q.'</p>';
}
}
//"plz give me the solution for my problem"
Blockquote
In case if you don't want to assign variables so that no memory allocation occurs then you can try using this:
<?php
if($_POST['submitted'] == 1){
$q = "INSERT INTO user(`fullname`,`email`,`password`,`conform-password`,`mobileno`) VALUES (?,?,?,?,?)";
$stmt = $mysqli->prepare($q);
if ( false===$stmt ) {
die('prepare() failed: ' . htmlspecialchars($mysqli->error));
}
$rc = $stmt->bind_param("sssss", $_POST['form-full-name'], $_POST['form-email'], $_POST['form-password'], $_POST['form-conform-password'],$_POST['form-mobile-no']);
if ( false===$rc ) {
die('bind_param() failed: ' . htmlspecialchars($stmt->error));
}
$rc = $stmt->execute();
if ( false===$rc ) {
die('execute() failed: ' . htmlspecialchars($stmt->error));
}
$stmt->close();
}
According to this example you have to use mobile number datatype as string in table field.
Do not need to save confirm password in table and you should use prepare statement for insertion. It will make your query secure for insertion in this case
try this
if($_POST['submitted'] == 1)
{
$full_name =$_POST['form-full-name'];
$form_email=$_POST['form-email'];
$password = $_POST['form-password'];
$conform_pass=$_POST['form-conform-password'];
$mobile =$_POST['form-mobile-no'];
$q = "INSERT INTO user(fullname,email,password,conform-password,mobileno) VALUES ('$full_name','$form_email','$password','$conform_pass','$mobile')";
$r= mysqli_query($dbc,$q);
if($r)
{
echo '<p>you are REGISTERED SUCCESSFULLY !</p>';
}
else{
echo '<p>your REGISTRATION FAILED !</p>'.mysqli_error($dbc);
echo '<p>'.$q.'</p>';
}
}
you missing the single quote $_POST['']
method
Just try saving your posted form data to php variable and then use that in your insert query.
For ex:
$fullname = $_POST['form-full-name'];
$email = $_POST['form-email'];
$password = $_POST['form-password'];
$confirmpassword = $_POST['form-conform-password'];
$mobilenumber = $_POST['form-mobile-no'];
And then the query as
$q = "INSERT INTO user(fullname,email,password,conform-password,mobileno) VALUES ('$fullname','$email ','$password ','$confirmpassword ','$mobilenumber ')";
Hope this help.
谢谢大家的答复,我解决了一个我犯了2个错误的问题1)使用“-”,我用_下划线(ex:form_email)代替了2)我使用过isset()函数更改以上2件事后,我正在获取数据我的数据库
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.