phpMyAdmin 数据库已连接但未插入数据
Posted
技术标签:
【中文标题】phpMyAdmin 数据库已连接但未插入数据【英文标题】:phpMyAdmin database is connected but not inserting data 【发布时间】:2018-09-15 11:11:47 【问题描述】:我正在创建一个婚礼策划 Web 应用程序。我的数据库已连接,但在尝试注册用户时没有插入任何数据,也没有收到任何错误消息。
我被直接引导到链接的登录页面。我尝试从 php 和 mysql 匹配日期格式(用户输入为 dd/mm/yyyy 并存储为 yyyy/mm/dd),但不确定它是否有效/是否是问题。
我花了几个小时试图找出一个解决方案,但我面临着解决它的压力,所以我可以完成我的论文。
<?php
//Starts the session
session_start();
require_once 'DBConnect.php';
$firstname = "";
$lastname = "";
$email_address = "";
$phone_num = "";
$acc_password = "";
$weddingdate = "";
// REGISTER USER
if (isset($_POST['btn-Register']))
// receive all input values from the form
$firstname = mysqli_real_escape_string($DBcon, $_POST['firstname']);
$lastname = mysqli_real_escape_string($DBcon, $_POST['lastname']);
$email_address = mysqli_real_escape_string($DBcon,
$_POST['email_address']);
$phone_num = mysqli_real_escape_string($DBcon, $_POST['phone_num']);
$acc_password = mysqli_real_escape_string($DBcon,
$_POST['acc_password']);
$weddingdate = mysqli_real_escape_string($DBcon,
$_POST['weddingdate']);
// form validation: ensure that the form is correctly filled ...
// by adding (array_push()) corresponding error unto $errors array
// phone_num and weddingdate can be NULL
if (empty($firstname)) array_push($errors, "First Name is
required");
if (empty($lastname)) array_push($errors, "Last Name is
required");
if (empty($email_address)) array_push($errors, "Email is
required");
if (empty($acc_password)) array_push($errors, "Password is
required");
// first check the database to make sure
// a user does not already exist with the same username and/or email
$user_check_query = "SELECT * FROM customer WHERE email_address =
'$email_address' LIMIT 1";
$result = mysqli_query($db, $user_check_query);
$user = mysqli_fetch_assoc($result);
//if user exists
if ($user['email_address'] === $email_address)
array_push($errors, "User already exists");
// Finally, register user if there are no errors in the form
if (count($errors) == 0)
//encrypt the password before saving in the database
$acc_password = md5($acc_password);
$query = "INSERT INTO customer (firstname, lastname,
email_address, phone_num, acc_password, weddingdate)
VALUES('$firstname', '$lastname' '$email_address',
'$phone_num', '$acc_password', '$weddingdate')";
mysqli_query($DBcon, $query);
$_SESSION['email_address'] = $email_address;
$_SESSION['success'] = "You are now Registered";
header('location: Login.php');
//This should format the date with phpMyAdmin
$weddingdate = date('Y-m-d H:i', strtotime($_POST["weddingdate"]));
// LOGIN USER
if (isset($_POST['btn-Login']))
$email_address = mysqli_real_escape_string($DBcon,
$_POST['email_address']);
$acc_password = mysqli_real_escape_string($DBcon,
$_POST['acc_password']);
if (empty($email_address))
array_push($errors, "Email Address is required");
if (empty($acc_password))
array_push($errors, "Password is required");
if (count($errors) == 0)
$acc_password = md5($acc_password);
$query = "SELECT * FROM customer WHERE
email_address='$email_address' AND
acc_password='$acc_password'";
$results = mysqli_query($DBcon, $query);
if (mysqli_num_rows($results) == 1)
$_SESSION['email_address'] = $email_address;
$_SESSION['success'] = "You are now logged in";
header('location: Main.php');
else
array_push($errors, "Wrong username/password
combination");
?>
【问题讨论】:
避免使用MD5,使用password_hash()和password_verify()
mysqli 不会像 PHP 错误那样抛出错误。您需要一路检查mysqli errors,以确保一切正常。
将ini_set('display_errors', 1); ini_set('log_errors',1); error_reporting(E_ALL); mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT); 添加到脚本的顶部。这将强制任何mysqli_ 错误生成一个您可以在浏览器上看到的异常,并且其他错误也将在您的浏览器上可见。
存储yyyy/mm/dd ? MySQL 期望 DATE 或 DATETIME 列中的日期为 YYYY-MM-DD 那么您是否使用 VARCHAR 来保存您的日期?如果是这样不要
小记 phpMyAdmin是工具... MySQL是数据库
【参考方案1】:
insert 查询行存在语法错误。
$query = "INSERT INTO customer (firstname, lastname, email_address, phone_num, acc_password, weddingdate)
VALUES('$firstname', '$lastname', '$email_address', '$phone_num', '$acc_password', '$weddingdate')";
'$lastname' 后面缺少一个逗号 ,
【讨论】:
谢谢你,刚刚修好了。虽然,我认为问题在于数据没有发布。我将信息插入到这些字段中,但它没有发布到数据库中。你知道为什么会这样吗?? 您需要回显查询,然后复制并粘贴到phpmyadmin 的SQL 控制台中。在那里它将显示确切的错误。或者你也可以在这里发帖,我可以指导你。【参考方案2】:问题可能是变量没有被视为它们的值。您需要先转义序列,然后才能添加变量。所以,而不是拥有
$query = "INSERT INTO customer (firstname, lastname,
email_address, phone_num, acc_password, weddingdate)
VALUES('$firstname', '$lastname', '$email_address',
'$phone_num', '$acc_password', '$weddingdate')";
你需要这样做
$query = "INSERT INTO customer (firstname, lastname, email_address,
phone_num, acc_password, weddingdate) VALUES(
'" . $firstname . "', '" . $lastname . "',
'" . $email_address . "', '" . $phone_num . "',
'" . $acc_password . "', '" . $weddingdate . "')";
这应该可以解决您的问题,但正如其他一些评论者所提到的,这可能会让您对 SQL 注入持开放态度。您应该使用准备好的语句来保护自己免受这些漏洞的影响。
【讨论】:
以上是关于phpMyAdmin 数据库已连接但未插入数据的主要内容,如果未能解决你的问题,请参考以下文章
Hibernate 无法访问 phpMyAdmin 插入的数据