PHP PDO 语句准备时崩溃
PHP Crashing on PDO Statement Prepare
我正在开发一个具有 registration/login 功能的网站。我有一个注册 php 文件,其中仅包含注册表单和 post 变量。然后我有一个连接到数据库的函数文件(这是在一个外部文件中完成的,但我移动它以使故障排除更简单),一个验证表单输入的函数(所有内容都已填写,密码相对安全),确保当前没有用户使用此用户提供的电子邮件,然后尝试注册。注册表单只是 运行 post 上的 signUpSubmit() 功能。
问题是我一尝试准备语句它就崩溃了。下面的代码大部分工作。如果我在表单中输入无效数据(不要输入相当安全的密码,不要填写任何内容),它就会抛出错误。如果我 运行 将其与代码一起检查是否已评论此电子邮件的用户,它工作正常,只是将您带回注册页面。但是,如果我取消注释下面注释代码的第一行 ($stmt = $db->prepare("SELECT * FROMusersWHERE email = :email");),它只会加载一个空白页面,就好像存在某种语法错误一样。它必须正确连接到数据库,就好像我弄乱了连接的用户名或密码一样,它确实会抛出错误,如果一切设置正确,就会出现 none。我真的很困惑。
<?php
//include_once 'db_connect.php';
session_start();
$DB_host = "localhost";
$DB_user = "root";
$DB_pass = "password";
$DB_name = "database";
try
{
$db = new PDO("mysql:host={$DB_host};dbname={$DB_name}",$DB_user,$DB_pass);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch(PDOException $e)
{
echo $e->getMessage();
}
function signUpSubmit() { // Validates inputs (makes sure they're all filled in, email has valid email,
// password has password that's relatively secure. Email and email
// confirmation and password and password confirmation match. Then
// checks if the user already exists.
if(empty($_POST['first_name'])) {
$firstNameError = "<span style='color: red'>*Please enter your first name.</span><br />";
}
if(empty($_POST['last_name'])) {
$lastNameError = "<span style='color: red'>*Please enter your last name.</span><br />";
}
if(empty($_POST['email'])) {
$emailError = "<span style='color: red'>*Please enter your email.</span><br />";
} else if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false) {
$emailError = "<span style='color: red'>*Email Address not valid.</span><br />";
}
if(empty($_POST['email_confirm'])) {
$emailConfirmError = "<span style='color: red'>*Please confirm your email.</span><br />";
} else if ($_POST['email'] != $_POST['email_confirm']) {
$emailConfirmError = "<span style='color: red'>*Email addresses do not match.</span><br />";
}
if(empty($_POST['password'])) {
$passwordError = "<span style='color: red'>*Please enter your password.</span><br />";
} else { // Validate password has one uppercase and one lowercase letter,
// 1 numer, at least 8 characters
$passwordError = "<span style='color: red'>*";
if (strlen($_POST['password']) < 8) {
$passwordError = $passwordError . "Password must be at least 8 characters long. ";
}
if(!preg_match('/[a-z]/', $_POST['password'])){
$passwordError = $passwordError . "Password must contain at least 1 lowercase letter. ";
}
if(!preg_match('/[A-Z]/', $_POST['password'])){
$passwordError = $passwordError . "Password must contain at least 1 uppercase letter. ";
}
if(!preg_match('/[0-9]/', $_POST['password'])){
$passwordError = $passwordError . "Password must contain at least 1 number. ";
}
$passwordError = $passwordError . "</span><br />";
if($passwordError == "<span style='color: red'>*</span><br />") {
$passwordError = "";
}
}
if(empty($_POST['password_confirm'])) {
$passwordConfirmError = "<span style='color: red'>*Please confirm your password.</span><br />";
} else if($_POST['password'] != $_POST['password_confirm']) {
$passwordConfirmError = "<span style='color: red'>*Passwords do not match.</span><br />";
}
// Add all the errors generated into an array to return
$errors = array($firstNameError, $lastNameError, $emailError, $emailConfirmError, $passwordError, $passwordConfirmError);
if(!array_filter($errors)) { // There were no errors, check if there is already
// a user with this email address
/*$stmt = $db->prepare("SELECT * FROM `users` WHERE email = :email");
$stmt->bindParam(':email', $_POST['email']);
$stmt->execute();
$row = $stmt->fetch();
if($row['email'] == $_POST['email']) { // If a user with this email address exists, return an error
$emailError = "<span style='color: red'>*Email Address already taken. Please choose another.</span><br />";
$errors = array($firstNameError, $lastNameError, $emailError, $emailConfirmError, $passwordError, $passwordConfirmError);
} else { // Register the user
if(register($_POST['first_name'], $_POST['last_name'], $_POST['email'], $_POST['password'])) { // Registration successful
redirect("index.php?signed-up=1");
} else { // Registration failed
redirect("index.php?signed-up=0");
}
}*/
} else {
return $errors; // Return errors
}
}
function register($first_name, $last_name, $email, $password)
{
$new_password = password_hash($password, PASSWORD_DEFAULT);
$stmt = $db->prepare("INSERT INTO users(first_name, last_name, email, password)
VALUES(:first_name, :last_name, :email, :password)");
$stmt->bindparam(":first_name", $first_name);
$stmt->bindparam(":last_name", $last_name);
$stmt->bindparam(":email", $email);
$stmt->bindparam(":password", $new_password);
if($stmt->execute()) {
return true;
} else {
return false;
}
}
?>
您的 redirect() 函数可能不存在,因此会给您带来问题。
我注意到的另一件事是您正试图从那里的函数内部访问 $db。由于范围不同,他们不会看到变量。这实际上可能是原因。
我正在开发一个具有 registration/login 功能的网站。我有一个注册 php 文件,其中仅包含注册表单和 post 变量。然后我有一个连接到数据库的函数文件(这是在一个外部文件中完成的,但我移动它以使故障排除更简单),一个验证表单输入的函数(所有内容都已填写,密码相对安全),确保当前没有用户使用此用户提供的电子邮件,然后尝试注册。注册表单只是 运行 post 上的 signUpSubmit() 功能。
问题是我一尝试准备语句它就崩溃了。下面的代码大部分工作。如果我在表单中输入无效数据(不要输入相当安全的密码,不要填写任何内容),它就会抛出错误。如果我 运行 将其与代码一起检查是否已评论此电子邮件的用户,它工作正常,只是将您带回注册页面。但是,如果我取消注释下面注释代码的第一行 ($stmt = $db->prepare("SELECT * FROMusersWHERE email = :email");),它只会加载一个空白页面,就好像存在某种语法错误一样。它必须正确连接到数据库,就好像我弄乱了连接的用户名或密码一样,它确实会抛出错误,如果一切设置正确,就会出现 none。我真的很困惑。
<?php
//include_once 'db_connect.php';
session_start();
$DB_host = "localhost";
$DB_user = "root";
$DB_pass = "password";
$DB_name = "database";
try
{
$db = new PDO("mysql:host={$DB_host};dbname={$DB_name}",$DB_user,$DB_pass);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch(PDOException $e)
{
echo $e->getMessage();
}
function signUpSubmit() { // Validates inputs (makes sure they're all filled in, email has valid email,
// password has password that's relatively secure. Email and email
// confirmation and password and password confirmation match. Then
// checks if the user already exists.
if(empty($_POST['first_name'])) {
$firstNameError = "<span style='color: red'>*Please enter your first name.</span><br />";
}
if(empty($_POST['last_name'])) {
$lastNameError = "<span style='color: red'>*Please enter your last name.</span><br />";
}
if(empty($_POST['email'])) {
$emailError = "<span style='color: red'>*Please enter your email.</span><br />";
} else if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false) {
$emailError = "<span style='color: red'>*Email Address not valid.</span><br />";
}
if(empty($_POST['email_confirm'])) {
$emailConfirmError = "<span style='color: red'>*Please confirm your email.</span><br />";
} else if ($_POST['email'] != $_POST['email_confirm']) {
$emailConfirmError = "<span style='color: red'>*Email addresses do not match.</span><br />";
}
if(empty($_POST['password'])) {
$passwordError = "<span style='color: red'>*Please enter your password.</span><br />";
} else { // Validate password has one uppercase and one lowercase letter,
// 1 numer, at least 8 characters
$passwordError = "<span style='color: red'>*";
if (strlen($_POST['password']) < 8) {
$passwordError = $passwordError . "Password must be at least 8 characters long. ";
}
if(!preg_match('/[a-z]/', $_POST['password'])){
$passwordError = $passwordError . "Password must contain at least 1 lowercase letter. ";
}
if(!preg_match('/[A-Z]/', $_POST['password'])){
$passwordError = $passwordError . "Password must contain at least 1 uppercase letter. ";
}
if(!preg_match('/[0-9]/', $_POST['password'])){
$passwordError = $passwordError . "Password must contain at least 1 number. ";
}
$passwordError = $passwordError . "</span><br />";
if($passwordError == "<span style='color: red'>*</span><br />") {
$passwordError = "";
}
}
if(empty($_POST['password_confirm'])) {
$passwordConfirmError = "<span style='color: red'>*Please confirm your password.</span><br />";
} else if($_POST['password'] != $_POST['password_confirm']) {
$passwordConfirmError = "<span style='color: red'>*Passwords do not match.</span><br />";
}
// Add all the errors generated into an array to return
$errors = array($firstNameError, $lastNameError, $emailError, $emailConfirmError, $passwordError, $passwordConfirmError);
if(!array_filter($errors)) { // There were no errors, check if there is already
// a user with this email address
/*$stmt = $db->prepare("SELECT * FROM `users` WHERE email = :email");
$stmt->bindParam(':email', $_POST['email']);
$stmt->execute();
$row = $stmt->fetch();
if($row['email'] == $_POST['email']) { // If a user with this email address exists, return an error
$emailError = "<span style='color: red'>*Email Address already taken. Please choose another.</span><br />";
$errors = array($firstNameError, $lastNameError, $emailError, $emailConfirmError, $passwordError, $passwordConfirmError);
} else { // Register the user
if(register($_POST['first_name'], $_POST['last_name'], $_POST['email'], $_POST['password'])) { // Registration successful
redirect("index.php?signed-up=1");
} else { // Registration failed
redirect("index.php?signed-up=0");
}
}*/
} else {
return $errors; // Return errors
}
}
function register($first_name, $last_name, $email, $password)
{
$new_password = password_hash($password, PASSWORD_DEFAULT);
$stmt = $db->prepare("INSERT INTO users(first_name, last_name, email, password)
VALUES(:first_name, :last_name, :email, :password)");
$stmt->bindparam(":first_name", $first_name);
$stmt->bindparam(":last_name", $last_name);
$stmt->bindparam(":email", $email);
$stmt->bindparam(":password", $new_password);
if($stmt->execute()) {
return true;
} else {
return false;
}
}
?>
您的 redirect() 函数可能不存在,因此会给您带来问题。
我注意到的另一件事是您正试图从那里的函数内部访问 $db。由于范围不同,他们不会看到变量。这实际上可能是原因。