我正在使用php注册表单,但是当我点击注册按钮时,它会在电子邮件和密码字段中保存1,1而不是给定的电子邮件和密码。php数据库数据保存
<?php
include("connection.php")
?>
<?php
$email=isset($_POST['email']);
$password=isset($_POST['password']);
if(isset($_POST['register']))
{
$q= "insert into admin (email, password) values ('$email', '$password')";
$qr=mysqli_query($con, $q);
if($qr)
{
echo "data added sucessfully";
}
else
{
die();
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Log in</title>
</head>
<body>
<form method="post" action="">
<input type="email" name="email">
<br>
<input type="password" name="password">
<br>
<button type="submit" name="register" value="register">register</button>
</form>
</body>
</html>
http://php.net/manual/en/function.isset.php,isset函数返回一个布尔值,更改为if(isset($ _ POST ['email'])){$ email = $ _ POST ['email'];}编辑:张贴为答案 –
[您的脚本存在SQL注入攻击风险。](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql -injection-in-php) –
请使用PHP的[内置函数](http://jayblanchard.net/proper_password_hashing_with_PHP.html)来处理密码安全性。如果您使用的PHP版本低于5.5,则可以使用'password_hash()'[兼容包](https://github.com/ircmaxell/password_compat)。 –