-1

私は弁護士_ユーザーと呼ばれるテーブルを作成したmysql dbに接続できます。何が欠けているのか、間違っているのか知りたいですか?以下に関数コードを投稿しました。ユーザーを登録すると、成功が確認されますが、テーブルは更新されません。

<?php
  require_once('appvars.php');
  require_once('connectvars.php');

  // Connect to the database
  $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);

  if (isset($_POST['submit'])) {
    // Grab the profile data from the POST
    $username = mysqli_real_escape_string($dbc, trim($_POST['username']));
    $firstname = mysqli_real_escape_string($dbc, trim($_POST['firstname']));
    $lastname = mysqli_real_escape_string($dbc, trim($_POST['lastname']));
    $firmname = mysqli_real_escape_string($dbc, trim($_POST['firmname']));
    $email = mysqli_real_escape_string($dbc, trim($_POST['email']));
    $password = mysqli_real_escape_string($dbc, trim($_POST['password']));
    $password2 = mysqli_real_escape_string($dbc, trim($_POST['password2']));

    if (!empty($username) && !empty($password) && !empty($password2) && ($password == $password2)) {
      // Make sure someone isn't already registered using this username
      $query = "SELECT * FROM attorney_users WHERE username = '$username'";
      $data = mysqli_query($dbc, $query);
      if (mysqli_num_rows($data) == 0) {
        // The username is unique, so insert the data into the database
        $query = "INSERT INTO attorney_users (username, firstname, lastname, firmname, email, password, date) VALUES ('$username', '$firstname', '$lastname', $firmname, $email, SHA('$password'), NOW())";
        mysqli_query($dbc, $query);

        // Confirm success with the user
        echo '<p>Your new account has been successfully created. You\'re now ready to <a href="index.php">log in</a>.</p>';

        mysqli_close($dbc);
        exit();
      }
      else {
        // An account already exists for this username, so display an error message
        echo '<p class="error">An account already exists for this username. Please use a different username.</p>';
        $username = "";
      }
    }
    else {
      echo '<p class="error">You must enter all of the sign-up data, including the desired password twice.</p>';
    }
  }

  mysqli_close($dbc);
?>
<div id="main-wrapper">
            <div id="register-wrapper">
                <form method="post" action = "<?php echo $_SERVER['PHP_SELF'];?>">
                <fieldset>
                    <ul>
                         <label for="username">Username : </label>
                         <input type="text" id="username" name = "username" value = "<?php if (!empty($username)) echo $username; ?>"  />

                         <label for="firstname">First Name : </label>
                         <input type="text" id="firstname"  name = "firstname"  />

                         <label for="lastname">Last Name : </label>
                         <input type="text" id="lastname"  name = "lastname" />

                         <label for="firmn">Firm Name : </label>
                         <input type="text" id="firmname"  name = "firmname" />

                         <label for="email">Email : </label>
                         <input type="text" id="email"  name = "email"  />

                         <label for="password">Password : </label>
                         <input type="password" id="password"  name="password" />

                         <label for="password2">Verify Password : </label>
                         <input type="password" id="password2"  name="password2" />

                        </li>
                        <li class="buttons">
                         <input type="submit" value="Register" name="submit"  />
                            <input type="button" name="cancel" value="Cancel" onclick="location.href='index.php'" />
                     </li>
                    </ul>
                </fieldset>
                </form>
            </div>
        </div>

    </body>
</html>  
4

2 に答える 2

0

$クエリを次から変更してください

$query = "INSERT INTO attorney_users (username, firstname, lastname, firmname, email, password, date) VALUES ('$username', '$firstname', '$lastname', $firmname, $email, SHA('$password'), NOW())";

$password = SHA1($password);  
$query = "INSERT INTO attorney_users (`username`, `firstname`, `lastname`, `firmname`, `email`, `password`, `date`) VALUES ('{$username}', '{$firstname}', '{$lastname}', '{$firmname}', '{$email}', '{$password}', NOW())";
于 2013-04-25T09:41:48.320 に答える
0

dateは で予約されてmysqlいます。列名の前後に ` を使用します

$query = "INSERT INTO attorney_users (`username`, `firstname`, 
`lastname`, `firmname`, `email`, `password`, `date`) 
VALUES ('$username', '$firstname', '$lastname', $firmname, 
$email, SHA('$password'), NOW())";

そして、なぜmysqli_real_escape_stringエスケープに使用しているのですか。ここで準備済みステートメントを使用できます。

編集

これを使用して、クエリのエラーをチェックします

$data = mysqli_query($dbc, $query) or die(mysqli_error());
于 2013-04-25T09:36:55.390 に答える