[英]Can I display a query error number, or how can I find out what's wrong with my MySQL query?
我正在编写register.php来创建用户并将其添加到MySQL表“ workers”。 它具有基本的验证功能,并使用会话来检查用户是否已经登录。但是,我的INSERT查询遇到问题,它不起作用。 我制作了一条错误消息,显示文本:“出了点问题,请稍后再试...”,应该显示mysqli错误。 但是,它仅显示消息,并且不起作用。 如何显示mysql查询错误号以及查询出了什么问题? register.php:
<?php
session_start();
include_once ('db.php');
$error = false;
$nameError = '';
$passwordError = '';
$usernameError = '';
$surnameError = '';
$emailError = '';
$MSG = '';
if (!isset($_SESSION['login_user'])) {
if (isset($_POST['Register'])) {
$name = $_POST['name'];
$surname = $_POST['surname'];
$email = $_POST['email'];
$password = $_POST['password'];
$username = $_POST['username'];
// Username validation
if (empty($username)) {
$error = true;
$usernameError = 'Please enter your username';
} else {
if (!preg_match('/^[a-zA-Z0-9]{5,}$/', $username)) {
$error = true;
$usernameError = 'Invalid Username';
}
}
//Name validation
if (empty($name)) {
$error = true;
$nameError = "Please enter your full name.";
} else if (strlen($name) < 3) {
$error = true;
$nameError = "Name must have at least 3 characters.";
} else if (!preg_match("/^[a-zA-Z ]+$/", $name)) {
$error = true;
$nameError = "Name must contain alphabets and space.";
}
//surname validation
if (empty($surname)) {
$error = true;
$surnameError = "Please enter your surname";
} else if (strlen($surname) < 3) {
$error = true;
$surnameError = "Surname must have at least 3 characters";
} else if (!preg_match("/^[a-zA-Z ]+$/", $surname)) {
$error = true;
$surnameError = "Surname must contain alphabets";
}
//basic email validation
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error = true;
$emailError = "Please enter valid email";
} else {
// check email exist or not
$query = "SELECT email FROM workers WHERE email='$email'";
$result = mysqli_query($conn, $query);
$count = mysqli_num_rows($result);
if ($count != 0) {
$error = true;
$emailError = "Provided Email is already in use.";
}
}
// password validation
if (empty($password)) {
$error = true;
$passwordError = "Please enter password.";
} else if (strlen($password) < 6) {
$error = true;
$passwordError = "Password has to be at least 6 charachters long";
}
$name = mysqli_real_escape_string($conn, $name);
$surname = mysqli_real_escape_string($conn, $name);
$email = mysqli_real_escape_string($conn, $name);
$password = mysqli_real_escape_string($conn, md5($password));
$user = mysqli_real_escape_string($conn, $username);
if (!$error) {
$query = "INSERT INTO 'workers' (id,user_name,password,email,surname,name) VALUES(NULL ,$user,$password,$email,$surname,$name)";
$result = mysqli_query($conn, $query);
if ($result) {
$MSG = "Successfully registered, you may login now";
unset($name, $password, $username, $surname, $name);
} else {
$MSG = "Something went wrong, try again later...";
echo mysqli_error($conn);
}
}
}
}else{
echo "<script type='text/javascript'> document.location = 'welcome.php'; </script>";
exit();
}
?>
您的查询中有一个错误,当您要在查询中定义表时不能使用' 。
是真的
INSERT INTO `workers` (id,user_name,password,email,surname,name) VALUES(NULL ,$user,$password,$email,$surname,$name)";
正如Barmar所建议的那样,您应该将此查询更改为使用准备好的语句 。
我会更进一步,建议您使用PDO并完全使用mysqli进行废弃。
话虽如此,正如pedram指出的那样,您的表名规范存在问题,但是我发现有时粘贴人员会遇到问题。
mysql中的所有表名说明符都需要使用backtics。 所以:
INSERT INTO 'workers'
是行不通的。
INSERT INTO `workers`
威力。
在我看来,除非您的表名是保留字,否则没有充分的理由使用后缀。 除非绝对必要,否则我不会使用它们。
但这只是查询问题的一部分,因为您需要在任何CHAR / VARCHAR / STRING数据周围加引号。
因此,您需要:
$query = "INSERT INTO `workers` (id,user_name,password,email,surname,name) VALUES (NULL, '$user','$password','$email','$surname','$name')";
最后但并非最不重要的是,您具有以下代码:
if ($result) {
$MSG = "Successfully registered, you may login now";
unset($name, $password, $username, $surname, $name);
} else {
$MSG = "Something went wrong, try again later...";
echo mysqli_error($conn);
}
目前尚不清楚您实际看到的内容,但是此代码应回显mysqli_error()。 您设置了$ MSG变量,但从未回显它。 在生产代码中,您不应向最终用户回显mysqli_error(),因为这将泄漏数据库内部。 仅用于调试是可以的,但很容易忘记。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.