I have received:
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '5538ac14bb2ca7514f9f4d8826f3c45e'')' at line 1' in C:\\xampp\\htdocs\\register.php:19 Stack trace: #0 C:\\xampp\\htdocs\\register.php(19): PDO->exec('insert into use...') #1 {main} thrown in C:\\xampp\\htdocs\\register.php on line 19.
How can this be solved, like what should be done?
<?php
session_start();
// If the form has been submitted
if (isset($_POST['submitted'])){
// Create a database connection
$db = new PDO("mysql:dbname=johnsoa7_db;host=localhost", "root", "");
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// Get and sanitise the inputs, we don't need to do
// this with the password as we hash it anyway
$safe_forename = $db->quote($_POST['forename']);
$safe_lastname = $db->quote($_POST['lastname']);
$safe_email = $db->quote($_POST['email']);
$hashed_password = $db->quote(md5($_POST['password']));
// Insert the entry into the database
$query = "insert into users values (default, $safe_forename, $safe_lastname, $safe_email, '$hashed_password')";
$db->exec($query);
// Get the ID
$id = $db->lastInsertId();
// Output success or the errors
echo "Congratulations! You are now registered. Your ID is: $id";
}
?>
You have an error in this line:
$query = "insert into users values (default, $safe_forename, $safe_lastname, $safe_email,'$hashed_password')";
default
should be quoted if it is string.
If it is a variable, you missed $
.
Please see the comment by @ceejayoz:
As he said you don't need quoted around $hashed_password...
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.