[英]I am attempting to make a login using phpmyadmin, but, when I click submit, it inserts blank entries into the database
我的课正在尝试制作自己的游戏。.但是,我们无法将提交页面发送到PhpMyAdmin中的数据库。 当您单击提交时,它将向数据库发送空白条目,就像您没有填写任何空白一样。 有人可以解决这个问题吗? 谢谢!!
我的index.php页面。
<html>
<head>
<meta charset="UTF-8">
<title> Register New Account </title>
<link rel="stylesheet" type="text/css" href="td.css">
</head>
<body>
<?php
/* $count=$count+1;
echo " count " . $count; */
if($_POST['submit_id'] == 1)
{
/* echo "testing"; */
if($_POST['Username'] == NULL)
{
$message = 'Please enter your Username.';
}
if($_POST['Email'] == NULL)
{
$message = 'Please enter your Email.';
}
if($_POST['Confirm'] == NULL)
{
$message = 'Please re-enter your Email.';
}
if($_POST['Password'] == NULL)
{
$message = 'Please enter your Password.';
}
if($_POST['Email'] != $_POST['Confirm'])
{
$message = 'Your emails did not match, Please enter your emails again.';
}
}
if( $message == NULL )
{
// if there is no error, test to see if there is already an account by the player_name
$MySQLlink = new mysqli("localhost", "root", "******", "Tower_Defense");
// check connection - take out later
if ( !$MySQLlink )
{
printf( "Could not connect to MySQL server : %s", mysqli_connect_error() );
exit();
}
else
{
printf( "Connected to the MySQL server" );
echo "<br>";
}
$result = mysqli_query( $MySQLlink, "SELECT * FROM Users WHERE ( email = 'email' ) " );
if($row = mysqli_fetch_array($result))
{
$message = "There is an account with that email address already. Please choose another email account";
}
mysqli_free_result($result);
$result = mysqli_query( $MySQLlink, "SELECT * FROM Users WHERE ( Username = '$Username' ) " );
if( $row = mysqli_fetch_array($result) && $message == NULL )
{
$message = "There is an account by that player name already. Please choose another Login name";
mysqli_free_result($result);
}
else
{
//echo "next date <br>";
// create account
$Username = ($_POST['Username']);
$Password = ($_POST['Password']);
$Email = ($_POST['Email']);
$email = ($_POST['email']);
//echo "Next one<br>";
$TableList = " `Username`, `Password`, `Email`, `Confirm` ";
$Values = " '$Username', '$Password', '$Email', '$Confirm' ";
if($message != NULL)
{
echo "$message";
}
?>
<div id="container" >
<div id="header">
<h1 id="h1">Besco's Biscuits</h1>
<a href= "http://192.168.131.**/towerdefence/about/index.html" id="a1">About</a>
<a href="http://192.168.131.**/towerdefence/instruction/index.html" id="a2">Instructions</a>
<a href="http://192.168.131.**/towerdefence/create/index.html" id="a3"> The Creation Of The Game</a>
<a href="http://192.168.131.**/towerdefence/cu/index.html" id="a4">Contact Us</a>
</div>
<br /> <br /> <br />
<table align = "center">
<tr>
<td>
Welcome to <b> Besco's Biscuits </b>. Please fill out the following <br />
areas and we will begin your adventure soon. :)
</td>
</tr>
</table>
<br /> <br /> <br /> <br /> <br />
<table align = "center">
<tr>
<td>
<form action = "<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="post"> <br />
Username: <input type="text" name="Username" id= "Username"> <br />
Email: <input type = "text" name = "Email" id= "Email"> <br />
Confirm: <input type = "text" name = "Confirm" id= "Confirm"> <br />
Password: <input type = "password" name = "Password" id = "Password"> <br />
<input type = "submit" value = "Register" id="submit_id" value = "1">
<input type = "reset" name="Reset" value="Check if Available!" class = "account">
</form>
</td>
</tr>
</table>
</body>
</html>
我的insert.php页面
<html>
<body>
<?php
$Username = $_POST['name'];
$con=mysqli_connect("localhost", "root", "******", "Tower_Defense");
//Check Connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql="INSERT INTO Users (Username, Email, Confirm, Password)
VALUES
('$_POST[Username]','$_POST[Email]',' $_POST[Confirm]',' $_POST[Password]')";
if (!mysqli_query($con,$sql))
{
die ('Error: ' . mysqli_error($con));
}
else
{
echo "1 record added";
echo $_POST[Username];
//echo "Where is Username?";
echo $_POST[Email];
//echo "Where is Email?";
echo $_POST[Confirm];
//echo "Where is Confirm";
echo $_POST[Password];
//echo "Where is Password";
}
mysqli_close($con);
?>
</body>
更新:
我添加了有人建议将支票移至insert.php的更改,现在电子邮件和确认电子邮件支票不起作用。 有人可以帮忙吗?
index.php
<html>
<body>
<div id="container" >
<div id="header">
<h1 id="h1">Besco's Biscuits</h1>
<a href= "http://192.168.131.34/towerdefence/about/index.html" id="a1">About</a>
<a href="http://192.168.131.34/towerdefence/instruction/index.html" id="a2">Instructions</a>
<a href="http://192.168.131.34/towerdefence/create/index.html" id="a3"> The Creation Of The Game</a>
<a href="http://192.168.131.34/towerdefence/cu/index.html" id="a4">Contact Us</a>
</div>
<br /> <br /> <br />
<table align = "center">
<tr>
<td>
Welcome to <b> Besco's Biscuits </b>. Please fill out the following <br />
areas and we will begin your adventure soon. :)
</td>
</tr>
</table>
<br /> <br /> <br /> <br /> <br />
<table align = "center">
<tr>
<td>
<form action = "insert.php" method = "post"> <br />
Username: <input type="text" name="Username" id= "Username" required = "1"> <br />
Email: <input type = "text" name = "Email" id= "Email" required = "1"> <br />
Confirm: <input type = "text" name = "Confirm" id= "Confirm" required = "1"> <br />
Password: <input type = "password" name = "Password" id = "Password" required = "1"> <br />
<input type = "submit" value = "Register" id="submit_id" value = "1">
<input type = "reset" name="Reset" value="Reset Page" class = "account">
</form>
</td>
</tr>
</table>
</body>
</html>
insert.php
<html>
<body>
<?php
if($_POST['submit_id'] == 1)
{
echo "testing";
if($_POST['Email'] != $_POST['Confirm'])
{
$message = 'Your emails did not match, Please enter your emails again.';
}
}
if( $message == NULL )
{
// if there is no error, test to see if there is already an account by the player_name
$MySQLlink = new mysqli("localhost", "root", "abc123", "tower_defense");
// check connection - take out later
if ( !$MySQLlink )
{
printf( "Could not connect to MySQL server : %s", mysqli_connect_error() );
exit();
}
else
{
printf( "Connected to the MySQL server" );
echo "<br>";
}
$result = mysqli_query( $MySQLlink, "SELECT * FROM Users WHERE ( email = 'email' ) " );
if($row = mysqli_fetch_array($result))
{
$message = "There is an account with that email address already. Please choose another email account";
}
mysqli_free_result($result);
$result = mysqli_query( $MySQLlink, "SELECT * FROM Users WHERE ( Username = '$Username' ) " );
if( $row = mysqli_fetch_array($result) && $message == NULL )
{
$message = "There is an account by that player name already. Please choose another Login name";
mysqli_free_result($result);
}
else
{
//echo "next date <br>";
// create account
$Username = ($_POST['Username']);
$Password = ($_POST['Password']);
$Email = ($_POST['Email']);
$email = ($_POST['email']);
//echo "Next one<br>";
}
}
if($message != NULL)
{
echo "$message";
}
$con=mysqli_connect("localhost", "root", "abc123", "tower_defense");
//Check Connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql="INSERT INTO Users (Username, Email, Confirm, Password)
VALUES
('$_POST[Username]','$_POST[Email]',' $_POST[Confirm]',' $_POST[Password]')";
if (!mysqli_query($con,$sql))
{
die ('Error: ' . mysqli_error($con));
}
else
{
echo "1 record added";
echo $_POST[Username];
//echo "Where is Username?";
echo $_POST[Email];
//echo "Where is Email?";
echo $_POST[Confirm];
//echo "Where is Confirm";
echo $_POST[Password];
//echo "Where is Password";
}
mysqli_close($con);
?>
</body>
</html>
我在这里看到两个主要问题-
首先 ,表单的动作指向自身。 这意味着$ _POST数组提交给index.php,而您的insert.php页面无权访问该信息 。 Index.php运行验证检查,如果一切检查完毕,它将为变量分配$ _POST值并退出。 那就是数据死亡的地方。 没有将信息获取到文件insert.php的方法。 因此,如果您在浏览器中手动打开文件insert.php,则$ _POST数组将为空,并且只会插入空格。
有几种解决方法。 最简单,最快捷的方法是单页解决方案-将insert.php代码移到最后else块内的index.php文件中。
else {
//echo "next date <br>";
// create account
$Username = $_POST['name'];
//etc.. code to insert data from insert.php
另一种解决方案是将所有验证代码移至insert.php,在该页面上显示任何表单错误,并在验证失败时使用户返回页面。 在这种情况下,您可以将表单的操作更改为insert.php:
<form action="insert.php" method="post">
这种方法不太用户友好,也不是理想的解决方案。 确实更好的做法是使用Javascript进行表单验证,使用PHP进行表单处理。 那可能超出了你的课程范围...
其次 ,此代码可广泛用于SQL注入。 您需要使用参数化查询,而不是直接将变量放入SQL语句中。 看一下关于如何使用mysqli参数化查询的SO问题 。
我发现的错误:
首先,您的代码首先将从表单接收的值提交到index.php本身,因此不会因为插入查询未运行而首先获取插入值。
在index.php中,检查查询以选择电子邮件和用户名。 运行查询时,变量没有任何值,因为在查询之后,这些值会转移到几行(在您有$ email = $ _POST ['Email']的行)。 此外,您在与电子邮件相关的查询中错过了$号。
即将插入insert.php时,您会在插入查询viz中的全局变量$ _POST []中缺少引号。 $ _POST ['email']。
检查这些错误,让我知道它是否有效。
当我在php表单上单击Submit时,登录页面变为空白,并且它不向数据库提交日期
[英]When I click submit on my php form the landing page comes up blank and it does not submit date to the database
当我在phpmyadmin中打开一个字段时,mySQL数据库发生了变化,但我没有做任何改动
[英]mySQL database changes when I open a field in phpmyadmin, but I don't make any change
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.