无法插入 PHP 到 MYSQL 数据库
Cannot Insert Into PHP to MYSQL database
我可以从数据库中读取,但是当我向数据库中插入数据时,它说"Successfully Registered!",然后我检查我的数据库,它没有插入任何数据。
Register.php
<!DOCTYPE HTML>
<html>
<head>
<title>Register page</title>
<br>
<font size="5" color="black"><b> Register Page<br><br></b></font>
</head>
<body background=" images/background.jpg">
<form action="index.php">
<input type="submit" value="Home">
</form>
<br>
<form action="Register.php" method="POST">
<fieldset>
<legend>Enter your information</legend>
<table>
<tr>
<td>Username:</td>
<td><input type="text" name="username" required="required"/><br></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="text" name="password" required="required"/><br></td>
</tr>
<tr>
<td>Email:</td>
<td><input type="text" name="email" required="required"/><br></td>
</tr>
<tr>
<td>First Name:</td>
<td><input type="text" name="firstname" required="required"/><br></td>
</tr>
<tr>
<td>Last Name:</td>
<td><input type="text" name="lastname" required="required"/><br></td>
</tr>
<tr>
<td>Date of Birth:</td>
<td><input type="date" name="dateofbirth" required="required" ><br></td>
</tr>
<tr>
<td><input type="submit" value="Register"/></td>
</tr>
</table>
</fieldset>
</form>
</body>
</html>
<?php
if($_SERVER["REQUEST_METHOD"] == "POST")
{
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$email = mysql_real_escape_string($_POST['email']);
$dateofbirth= $_POST['dateofbirth'];
echo "user is :".$username;
$bool = true;
mysql_connect("localhost", "root", "") or die(mysql_error());
mysql_select_db("userdata") or die(mysql_error("Cannot Connect to Database"));
$query = mysql_query("SELECT * FROM users");
while($row = mysql_fetch_array($query))
{
$table_users = $row['username'];
if($username == $table_users)
{
$bool = false;
Print '<script>alert("username is used!");</script>';
Print '<script>window.location.assign("Register.php");</script>';
}
}
if($bool)
{
mysql_query("INSERT INTO users ('username','password','email','firstname','lastname','dateofbirth') VALUES ('$username','$password','$email','$firstname','$lastname','$dateofbirth')");
Print '<script>alert("Successfully Registered!");</script>';
Print '<script>window.location.assign("Register.php");</script>';
}
}
?>
已解决:
我使用 PDO 而不是 mysql_ 和 mysqli_ 。
更新你的底码
if($bool)
{
mysql_query("INSERT INTO users ('username','password','email','firstname','lastname','dateofbirth') VALUES ('$username','$password','$email','$firstname','$lastname','$dateofbirth')");
Print '<script>alert("Successfully Registered!");</script>';
Print '<script>window.location.assign("Register.php");</script>';
}
您在 mysql 查询中的用户名前缺少开头 '。不确定这是否是问题所在,但它会导致问题。
更正 SQL:
mysql_query("INSERT INTO users (username','password','email','firstname','lastname','dateofbirth') VALUES ('$username','$password','$email','$firstname','$lastname','$dateofbirth')");
到
mysql_query("INSERT INTO users (username,password,email,firstname,lastname,dateofbirth) VALUES ('$username','$password','$email','$firstname','$lastname','$dateofbirth')");
解释:
在MySQL中,字段名称没有用单引号引起来。相当
它们可以用反引号 (`) 括起来以避免与
保留关键字。
注意:不要使用mysql_*
函数。它们已被弃用,您 mysqli_*
或 PDO
代替。
这与 INSERT 问题本身无关,而是与检查用户名是否存在于数据库中的例程有关:
...
$bool = true;
$query = mysql_query("SELECT * FROM users");
while($row = mysql_fetch_array($query))
{
$table_users = $row['username'];
if($username == $table_users)
{
$bool = false;
Print '<script>alert("username is used!");</script>';
}
}
if($bool)
{
...
无需在代码中遍历用户 table 的所有记录,您可以使用 SQL 为您完成这项工作:
...
$username_esc = mysql_real_escape_string($username);
$query = mysql_query("SELECT * FROM users where username = '$username_esc'");
...
然后只检查查询 returns 是否有任何行。
希望对您有所帮助。
我测试了您的代码,发现连接不正确,其次您在字段名称中使用的引号语法不正确,因此查询未执行。我的意见是使用 mysqli_connect 而不是 mysql_connect 它已经过时且已弃用。我已经更新了您的代码,希望对您有所帮助:
<?php
//your values from post I just assign test for all
$username = 'test';//mysql_real_escape_string($_POST['username']);
$password = 'test';//mysql_real_escape_string($_POST['password']);
$firstname = 'test';//mysql_real_escape_string($_POST['firstname']);
$lastname = 'test';//mysql_real_escape_string($_POST['lastname']);
$email = 'test';//mysql_real_escape_string($_POST['email']);
$dateofbirth= 'test';//mysql_real_escape_string($_POST['dateofbirth']);
$bool = true;
//database connection
$servername = "localhost";
$username1 = "root";
$password1 = "";
$db = 'test_001';
// Create connection
$conn = new mysqli($servername, $username1, $password1, $db);
$result = $conn->query("SELECT * FROM users");
while($row = $result->fetch_assoc())
{
$table_users = $row['username'];
if($username == $table_users)
{
$bool = false;
Print '<script>alert("username is used!");</script>';
//Print '<script>window.location.assign("Register.php");</script>';
}
}
if($bool)
{
//mysql_query("INSERT INTO users ('username','password','email','firstname','lastname','dateofbirth') VALUES ('$username','$password','$email','$firstname','$lastname','$dateofbirth')");
$query = "INSERT INTO users (username,password,email,firstname,lastname,dateofbirth) VALUES ('$username','$password','$email','$firstname','$lastname','$dateofbirth')";
$x = $conn->query($query);
if ($x)
Print '<script>alert("Successfully Registered!");</script>';
Print '<script>window.location.assign("Register.php");</script>';
}
您需要删除字段名称周围的引号,因此您的任务应该是
插入用户(用户名、密码、电子邮件、名字、姓氏、出生日期)
VALUES ('$username','$password','$email','$firstname','$lastname','$dateofbirth')
我还建议使用数据库包装器自动转义变量。
http://www.chris-shaw.com/b/How-to-connect-to-a-database-using-a-class
PDO解决这个问题
MYSQL 出了很多问题,但当我使用 PDO 时,它解决了问题
$sql = "INSERT INTO users (name,username,password,status,picture) VALUES ('$name','$uname','$pass',0,'$picture')";
我可以从数据库中读取,但是当我向数据库中插入数据时,它说"Successfully Registered!",然后我检查我的数据库,它没有插入任何数据。
Register.php
<!DOCTYPE HTML>
<html>
<head>
<title>Register page</title>
<br>
<font size="5" color="black"><b> Register Page<br><br></b></font>
</head>
<body background=" images/background.jpg">
<form action="index.php">
<input type="submit" value="Home">
</form>
<br>
<form action="Register.php" method="POST">
<fieldset>
<legend>Enter your information</legend>
<table>
<tr>
<td>Username:</td>
<td><input type="text" name="username" required="required"/><br></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="text" name="password" required="required"/><br></td>
</tr>
<tr>
<td>Email:</td>
<td><input type="text" name="email" required="required"/><br></td>
</tr>
<tr>
<td>First Name:</td>
<td><input type="text" name="firstname" required="required"/><br></td>
</tr>
<tr>
<td>Last Name:</td>
<td><input type="text" name="lastname" required="required"/><br></td>
</tr>
<tr>
<td>Date of Birth:</td>
<td><input type="date" name="dateofbirth" required="required" ><br></td>
</tr>
<tr>
<td><input type="submit" value="Register"/></td>
</tr>
</table>
</fieldset>
</form>
</body>
</html>
<?php
if($_SERVER["REQUEST_METHOD"] == "POST")
{
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$email = mysql_real_escape_string($_POST['email']);
$dateofbirth= $_POST['dateofbirth'];
echo "user is :".$username;
$bool = true;
mysql_connect("localhost", "root", "") or die(mysql_error());
mysql_select_db("userdata") or die(mysql_error("Cannot Connect to Database"));
$query = mysql_query("SELECT * FROM users");
while($row = mysql_fetch_array($query))
{
$table_users = $row['username'];
if($username == $table_users)
{
$bool = false;
Print '<script>alert("username is used!");</script>';
Print '<script>window.location.assign("Register.php");</script>';
}
}
if($bool)
{
mysql_query("INSERT INTO users ('username','password','email','firstname','lastname','dateofbirth') VALUES ('$username','$password','$email','$firstname','$lastname','$dateofbirth')");
Print '<script>alert("Successfully Registered!");</script>';
Print '<script>window.location.assign("Register.php");</script>';
}
}
?>
已解决: 我使用 PDO 而不是 mysql_ 和 mysqli_ 。
更新你的底码
if($bool)
{
mysql_query("INSERT INTO users ('username','password','email','firstname','lastname','dateofbirth') VALUES ('$username','$password','$email','$firstname','$lastname','$dateofbirth')");
Print '<script>alert("Successfully Registered!");</script>';
Print '<script>window.location.assign("Register.php");</script>';
}
您在 mysql 查询中的用户名前缺少开头 '。不确定这是否是问题所在,但它会导致问题。
更正 SQL:
mysql_query("INSERT INTO users (username','password','email','firstname','lastname','dateofbirth') VALUES ('$username','$password','$email','$firstname','$lastname','$dateofbirth')");
到
mysql_query("INSERT INTO users (username,password,email,firstname,lastname,dateofbirth) VALUES ('$username','$password','$email','$firstname','$lastname','$dateofbirth')");
解释:
在MySQL中,字段名称没有用单引号引起来。相当 它们可以用反引号 (`) 括起来以避免与 保留关键字。
注意:不要使用mysql_*
函数。它们已被弃用,您 mysqli_*
或 PDO
代替。
这与 INSERT 问题本身无关,而是与检查用户名是否存在于数据库中的例程有关:
...
$bool = true;
$query = mysql_query("SELECT * FROM users");
while($row = mysql_fetch_array($query))
{
$table_users = $row['username'];
if($username == $table_users)
{
$bool = false;
Print '<script>alert("username is used!");</script>';
}
}
if($bool)
{
...
无需在代码中遍历用户 table 的所有记录,您可以使用 SQL 为您完成这项工作:
...
$username_esc = mysql_real_escape_string($username);
$query = mysql_query("SELECT * FROM users where username = '$username_esc'");
...
然后只检查查询 returns 是否有任何行。
希望对您有所帮助。
我测试了您的代码,发现连接不正确,其次您在字段名称中使用的引号语法不正确,因此查询未执行。我的意见是使用 mysqli_connect 而不是 mysql_connect 它已经过时且已弃用。我已经更新了您的代码,希望对您有所帮助:
<?php
//your values from post I just assign test for all
$username = 'test';//mysql_real_escape_string($_POST['username']);
$password = 'test';//mysql_real_escape_string($_POST['password']);
$firstname = 'test';//mysql_real_escape_string($_POST['firstname']);
$lastname = 'test';//mysql_real_escape_string($_POST['lastname']);
$email = 'test';//mysql_real_escape_string($_POST['email']);
$dateofbirth= 'test';//mysql_real_escape_string($_POST['dateofbirth']);
$bool = true;
//database connection
$servername = "localhost";
$username1 = "root";
$password1 = "";
$db = 'test_001';
// Create connection
$conn = new mysqli($servername, $username1, $password1, $db);
$result = $conn->query("SELECT * FROM users");
while($row = $result->fetch_assoc())
{
$table_users = $row['username'];
if($username == $table_users)
{
$bool = false;
Print '<script>alert("username is used!");</script>';
//Print '<script>window.location.assign("Register.php");</script>';
}
}
if($bool)
{
//mysql_query("INSERT INTO users ('username','password','email','firstname','lastname','dateofbirth') VALUES ('$username','$password','$email','$firstname','$lastname','$dateofbirth')");
$query = "INSERT INTO users (username,password,email,firstname,lastname,dateofbirth) VALUES ('$username','$password','$email','$firstname','$lastname','$dateofbirth')";
$x = $conn->query($query);
if ($x)
Print '<script>alert("Successfully Registered!");</script>';
Print '<script>window.location.assign("Register.php");</script>';
}
您需要删除字段名称周围的引号,因此您的任务应该是
插入用户(用户名、密码、电子邮件、名字、姓氏、出生日期) VALUES ('$username','$password','$email','$firstname','$lastname','$dateofbirth')
我还建议使用数据库包装器自动转义变量。
http://www.chris-shaw.com/b/How-to-connect-to-a-database-using-a-class
PDO解决这个问题 MYSQL 出了很多问题,但当我使用 PDO 时,它解决了问题
$sql = "INSERT INTO users (name,username,password,status,picture) VALUES ('$name','$uname','$pass',0,'$picture')";