stackoom
  简体   繁体   中英

phpmyAdmin errors I don't understand

 原文  2016-06-09 02:28:51       php/ mysql/ sql/ phpmyadmin

Question

Today I was using this tutorial about creating a forum with a sign up using phpmyAdmin. It was going great until I reached this line of code, which I was supposed to enter in the SQL. 

1. INSERT INTO
2.        users(user_name, user_pass, user_email ,user_date, user_level)
3. VALUES('" . mysql_real_escape_string($_POST['user_name']) . "',
4.        '" . sha1($_POST['user_pass']) . "',
5.        '" . mysql_real_escape_string($_POST['user_email']) . "',
6.        NOW(),   
7.        0);

So I entered it in phpmyAdmin and I get this error:

1064 - You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'user_name']) . "', '" . sha1($_POST['user_pass']) . "', '" . mys' at line 3

And this is the PHP I used for signup.php 

<?php
//signup.php
include 'connect.php';
include 'header.php';

echo '<h3>Sign up</h3>';

if($_SERVER['REQUEST_METHOD'] != 'POST')
{
    /*the form hasn't been posted yet, display it
      note that the action="" will cause the form to post to the same page it is on */
    echo '<form method="post" action="">
        Username: <input type="text" name="user_name" />
        Password: <input type="password" name="user_pass">
        Password again: <input type="password" name="user_pass_check">
        E-mail: <input type="email" name="user_email">
        <input type="submit" value="Add category" />
     </form>';
}
else
{
    /* so, the form has been posted, we'll process the data in three steps:
        1.  Check the data
        2.  Let the user refill the wrong fields (if necessary)
        3.  Save the data
    */
    $errors = array(); /* declare the array for later use */

    if(isset($_POST['user_name']))
    {
        //the user name exists
        if(!ctype_alnum($_POST['user_name']))
        {
            $errors[] = 'The username can only contain letters and digits.';
        }
        if(strlen($_POST['user_name']) > 30)
        {
            $errors[] = 'The username cannot be longer than 30 characters.';
        }
    }
    else
    {
        $errors[] = 'The username field must not be empty.';
    }


    if(isset($_POST['user_pass']))
    {
        if($_POST['user_pass'] != $_POST['user_pass_check'])
        {
            $errors[] = 'The two passwords did not match.';
        }
    }
    else
    {
        $errors[] = 'The password field cannot be empty.';
    }

    if(!empty($errors)) /*check for an empty array, if there are errors, they're in this array (note the ! operator)*/
    {
        echo 'Uh-oh.. a couple of fields are not filled in correctly..';
        echo '<ul>';
        foreach($errors as $key => $value) /* walk through the array so all the errors get displayed */
        {
            echo '<li>' . $value . '</li>'; /* this generates a nice error list */
        }
        echo '</ul>';
    }
    else
    {
        //the form has been posted without, so save it
        //notice the use of mysql_real_escape_string, keep everything safe!
        //also notice the sha1 function which hashes the password
        $sql = "INSERT INTO
                    users(user_name, user_pass, user_email ,user_date, user_level)
                VALUES('" . mysql_real_escape_string($_POST['user_name']) . "',
                       '" . sha1($_POST['user_pass']) . "',
                       '" . mysql_real_escape_string($_POST['user_email']) . "',
                        NOW(),
                        0)";

        $result = mysql_query($sql);
        if(!$result)
        {
            //something went wrong, display the error
            echo 'Something went wrong while registering. Please try again later.';
            //echo mysql_error(); //debugging purposes, uncomment when needed
        }
        else
        {
            echo 'Successfully registered. You can now <a href="signin.php">sign in</a> and start posting! :-)';
        }
    }
}

include 'footer.php';
?>

I have no idea what its talking about. Please give me a alternative way to do this!

2 answers

solution1
 3  2016-06-09 02:34:55

You can't paste PHP into phpMyAdmin, phpMyAdmin works with SQL only.

You can test out the SQL with hard-coded data under phpMyAdmin, for example: 

INSERT INTO
    users(user_name, user_pass, user_email ,user_date, user_level)
VALUES('admin',
    sha1('password'),
   'admin@example.com',
   NOW(),   
   0);

If you add an echo statement to display the contents of the $sql variable, you can take that value and paste it into phpMyAdmin.

Also, don't work with the mysql extension - it is deprecated in PHP 5.x and removed from PHP 7. Use mysqli or PDO instead.

solution2
 0  2016-06-09 02:42:57

SQL is spelling mistakes, the output debugged 

$sql = "INSERT INTO 
    users(user_name, user_pass, user_email ,user_date, user_level) 
    VALUES('" . mysql_real_escape_string($_POST['user_name']) . "', 
    '" . sha1($_POST['user_pass']) . "', 
    '" . mysql_real_escape_string($_POST['user_email']) . "', 
    NOW(), 
    0)";

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question I don't understand routing I don't understand PHP references I Don't Understand This Array Syntax Error with php variables, i don't understand Character Encoding - I don't understand I don't understand this Textile Regex I don't understand PHP sleep() behavior I don't understand this array usage Don't understand serialize() I don't understand why this redirect doesn't work
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM