1. 首页
  2. 问答
  3. 为什么数据不会存储在我的数据库中?错误地提示“你的SQL语法错误; ...”

为什么数据不会存储在我的数据库中?错误地提示“你的SQL语法错误; ...”

2013-03-25 73 views
0

对不起,我是PHP新手,请耐心等待。我正在创建一个用户界面,当我注册时说我已经注册,但它不会将数据存储到数据库中。此外,我每次注册时都会出现错误“您的SQL语法有错误;请查看与您的MySQL服务器版本相对应的手册,以便在第1行''testing101''附近使用正确的语法。”有人可以帮帮我吗!为什么数据不会存储在我的数据库中?错误地提示“你的SQL语法错误; ...”

<?PHP 

$uname = ""; 
$pword = ""; 
$errorMessage = ""; 
$num_rows = 0; 

function quote_smart($value, $handle) { 

    if (get_magic_quotes_gpc()) { 
     $value = stripslashes($value); 
    } 

    if (!is_numeric($value)) { 
     $value = "'" . mysql_real_escape_string($value, $handle) . "'"; 
    } 
    return $value; 
} 

if ($_SERVER['REQUEST_METHOD'] == 'POST'){ 


    $uname = $_POST['username']; 
    $pword = $_POST['password']; 

    $uname = htmlspecialchars($uname); 
    $pword = htmlspecialchars($pword); 


    $uLength = strlen($uname); 
    $pLength = strlen($pword); 

    if ($uLength >= 10 && $uLength <= 20) { 
     $errorMessage = ""; 
    } 
    else { 
     $errorMessage = $errorMessage . "Username must be between 10 and 20 characters" . "<BR>"; 
    } 

    if ($pLength >= 8 && $pLength <= 16) { 
     $errorMessage = ""; 
    } 
    else { 
     $errorMessage = $errorMessage . "Password must be between 8 and 16 characters" . "<BR>"; 
    } 


    if ($errorMessage == "") { 

    $user_name = "root"; 
    $pass_word = ""; 
    $database = "user authentication"; 
    $server = "127.0.0.1"; 

    $db_handle = mysql_connect($server, $user_name, $pass_word); 
    $db_found = mysql_select_db($database, $db_handle); 

    if ($db_found) { 

     $uname = quote_smart($uname, $db_handle); 
     $pword = quote_smart($pword, $db_handle); 




     $SQL = "SELECT * FROM login WHERE USERNAME = '".$uname."'"; 
     $result = mysql_query($SQL)or die(mysql_error()); 
     $num_rows = mysql_num_rows($result); 

     if ($num_rows > 0) { 
      $errorMessage = "Username already taken"; 
     } 

     else { 


    $SQL = "INSERT INTO login (USERNAME, PASSWORD) VALUES ('{$uname}', MD5('{$pword}'))"; 
      $result = mysql_query($SQL); 

      mysql_close($db_handle); 

     //================================================================================= 
     // START THE SESSION AND PUT SOMETHING INTO THE SESSION VARIABLE CALLED login 
     // SEND USER TO A DIFFERENT PAGE AFTER SIGN UP 
     //================================================================================= 

      session_start(); 
      $_SESSION['login'] = "1"; 

      header ("Location: page1.php"); 

     } 

    } 
    else { 
     $errorMessage = "Database Not Found"; 
    } 




    } 

} 


?> 

    <html> 
    <head> 
    <title>Basic Login Script</title> 


    </head> 
    <body> 


<FORM NAME ="form1" METHOD ="POST" ACTION ="signup.php"> 

Username: <INPUT TYPE = 'TEXT' Name ='username' value="<?PHP print $uname;?>" maxlength="20"> 
Password: <INPUT TYPE = 'TEXT' Name ='password' value="<?PHP print $pword;?>" maxlength="16"> 

<P> 
<INPUT TYPE = "Submit" Name = "Submit1" VALUE = "Register"> 


</FORM> 
<P> 

<?PHP print $errorMessage;?> 

    </body> 
    </html>

来源

2013-03-25 Callum James

+1

我在您的代码中查看2个查询。哪一个失败?另外,你可以回应查询吗? – Tchoupi 2013-03-25 16:41:39

+1

你能回应查询并显示查询被传递给mysql – alwaysLearn 2013-03-25 16:44:57

+0

对不起,你会如何回应查询? – 2013-03-25 16:46:57

回答

2

你双引号的文字:

1套报价也已在所属smart_quote()功能加入。
1套引号的实际查询被添加,所以你产区:

INSERT .... VALUES (''$uname'', ''$password'');

如果你有正确的错误处理您的查询电话,你会看到这样的:

$result = mysql_query($sql) or die(mysql_error()); 
          ^^^^^^^^^^^^^^^^^^^^^^

来源

2013-03-25 16:49:07

相关问题

 相关问题