从表格插入数据
问题描述:
我对PHP相当陌生,我正在阅读通过学习PHP,MySQL,JavaScript &由罗宾尼克松第二版CSS。我正在通过脚本将用户名和密码插入到数据库中。这本书说输入代码从表单域中插入数据。我试图做到这一点(/ * /之间),但查询给我错误。另外,当我省略查询时,没有错误。当我将查询放入时,在/ * /中的注释之后,javascript中显示错误。从表格插入数据
<?php // adduser.php
require_once 'login.php';
$forename = $surname = $username = $password = $age = $email = "";
if (isset($_POST['forename']))
$forename = fix_string($_POST['forename']);
if (isset($_POST['surname']))
$surname = fix_string($_POST['surname']);
if (isset($_POST['username']))
$username = fix_string($_POST['username']);
if (isset($_POST['password']))
$password = fix_string($_POST['password']);
if (isset($_POST['email']))
$email = fix_string($_POST['email']);
$fail = validate_forename($forename);
$fail .= validate_surname($surname);
$fail .= validate_username($username);
$fail .= validate_password($password);
$fail .= validate_age($age);
$fail .= validate_email($email);
echo "<html><head><title>An Example Form</title>";
if ($fail == "") {
echo "</head><body>Form data successfully validated: $forename,
$surname, $username, $password, $age, $email.</body></html>";
/* require_once 'login.php';
$db_server = mysqli_connect($db_hostname, $db_username, $db_password,
$db_database) or die('Error connecting to MySQL server.');
$forename = mysqli_real_escape_string(db_server, trim($_POST['forename']));
$surname = mysqli_real_escape_string(db_server, trim($_POST['surname']));
$username = mysqli_real_escape_string(db_server, trim($_POST['username']));
$password = mysqli_real_escape_string(db_server, trim($_POST['password']));
$email = mysqli_real_escape_string(db_server, trim($_POST['email']));
$query = "INSERT INTO users VALUES" . "('$forename', '$surname', ".
"'$username', '$password', '$email');
$result = mysqli_query($db_server, $query); ".
"or die('Error querying database.');
mysqli_close($db_database); */
exit;
}
echo <<<_END
<style>.signup { border: 1px solid #999999;
font: normal 14px helvetica; color:#444444; }</style>
<script type="text/javascript">
function validate(form)
{
fail = validateForename(form.forename.value)
fail += validateSurname(form.surname.value)
fail += validateUsername(form.username.value)
fail += validatePassword(form.password.value)
fail += validateEmail(form.email.value)
if (fail == "") return true
else { alert(fail); return false }
}
</script></head><body>
<table class="signup" border="0" cellpadding="2"
cellspacing="5" bgcolor="#eeeeee">
<th colspan="2" align="center">Signup Form</th>
<tr><td colspan="2">Sorry, the following errors were found<br />
in your form: <p><font color=red size=1><i>$fail</i></font></p>
</td></tr>
<form method="post" action="adduser.php"
onSubmit="return validate(this)">
<tr><td>Forename</td><td><input type="text" maxlength="32"
name="forename" value="$forename" /></td>
</tr><tr><td>Surname</td><td><input type="text" maxlength="32"
name="surname" value="$surname" /></td>
</tr><tr><td>Username</td><td><input type="text" maxlength="16"
name="username" value="$username" /></td>
</tr><tr><td>Password</td><td><input type="text" maxlength="12"
name="password" value="$password" /></td>
</tr><tr><td>Age</td><td><input type="text" maxlength="3"
name="age" value="$age" /></td>
</tr><tr><td>Email</td><td><input type="text" maxlength="64"
name="email" value="$email" /></td>
</tr><tr><td colspan="2" align="center">
<input type="submit" value="Signup" /></td>
</tr></form></table>
<script type="text/javascript">
function validateForename(field) {
if (field == "") return "No Forename was entered.\\n"
return ""
}
function validateSurname(field) {
if (field == "") return "No Surname was entered.\\n"
return ""
}
function validateUsername(field) {
if (field == "") return "No Username was entered.\\n"
else if (field.length < 5)
return "Usernames must be at least 5 characters.\\n"
else if (/[^a-zA-Z0-9_-]/.test(field))
return "Only letters, numbers, - and _ in usernames.\\n"
return ""
}
function validatePassword(field) {
if (field == "") return "No Password was entered.\\n"
else if (field.length < 6)
return "Passwords must be at least 6 characters.\\n"
else if (! /[a-z]/.test(field) ||
! /[A-Z]/.test(field) ||
! /[0-9]/.test(field))
return "Passwords require one each of a-z, A-Z and 0-9.\\n"
return ""
}
function validateAge(field) {
if (isNaN(field)) return "No Age was entered.\\n"
else if (field < 18 || field > 110)
return "Age must be between 18 and 110.\\n"
return ""
}
function validateEmail(field) {
if (field == "") return "No Email was entered.\\n"
else if (!((field.indexOf(".") > 0) &&
(field.indexOf("@") > 0)) ||
/[^[email protected]_-]/.test(field))
return "The Email address is invalid.\\n"
return ""
}
</script></body></html>
_END;
function validate_forename($field) {
if ($field == "") return "No Forename was entered<br />";
return "";
}
function validate_surname($field) {
if ($field == "") return "No Surname was entered<br />";
return "";
}
function validate_username($field) {
if ($field == "") return "No Username was entered<br />";
else if (strlen($field) < 5)
return "Usernames must be at least 5 characters<br />";
else if (preg_match("/[^a-zA-Z0-9_-]/", $field))
return "Only letters, numbers, - and _ in usernames<br />";
return "";
}
function validate_password($field) {
if ($field == "") return "No Password was entered<br />";
else if (strlen($field) < 6)
return "Passwords must be at least 6 characters<br />";
else if (!preg_match("/[a-z]/", $field) ||
!preg_match("/[A-Z]/", $field) ||
!preg_match("/[0-9]/", $field))
return "Passwords require 1 each of a-z, A-Z and 0-9<br />";
return "";
}
function validate_email($field) {
if ($field == "") return "No Email was entered<br />";
else if (!((strpos($field, ".") > 0) &&
(strpos($field, "@") > 0)) ||
preg_match("/[^[email protected]_-]/", $field))
return "The Email address is invalid<br />";
return "";
}
function fix_string($string) {
if (get_magic_quotes_gpc()) $string = stripslashes($string);
return htmlentities ($string);
}
?>
答
/*
和*/
是用于插入块注释的运营商,尝试取出并运行该脚本
此外,什么是错误说?
编辑:
您收到该错误是由您不关闭了你的PHP代码有?>
标签,这意味着服务器尝试读取前面的JavaScript代码的PHP代码引起的。
您仍应该省略注释运算符/**/
,因为这些会导致服务器不执行代码。
你能告诉我们你会得到什么错误吗? – MarcinWolny 2013-02-14 19:11:29
不,不,不,不。 **请勿**以明文形式存储密码。这可能只是一个测试应用程序,而你正在学习怎么做,但你可能会(第一次做对)(https://github.com/ircmaxell/password_compat)(或[这里](http: //php.net/password_hash)如果你使用PHP> = 5.5)。 – Mike 2013-02-14 19:25:24
您正在使用[an **过时的**数据库API](http://*.com/q/12859942/19068),并应使用[现代替换](http://php.net/manual/en/) mysqlinfo.api.choosing.php)。 – Quentin 2013-02-14 22:29:03