所以即时尝试做什么应该看起来可能是一个非常简单的平凡任务。我试图检查我的数据库中的电子邮件地址。我不知道我是否在正确的轨道上,有人能把我掐死吗?检查在MySQL数据库中的电子邮件地址db
$query = "SELECT * FROM 68_users WHERE email= $email";
if($result = mysqli_query($link, $query) == $email) {
echo 'Email has been registered';
}else{
$query = "INSERT INTO 68_users (email,pass,old_pass,first_name,last_name,dob,gender,phone,fanmail)
VALUES ('$email',AES_ENCRYPT('$pass', 'something'),AES_ENCRYPT('$pass', 'something'),'$first_name','$last_name','$dob','$gender','$phone','$fanmail')"
or die(mysqli_error());
if (!mysqli_query($link, $query)) {
echo 'error: '.mysqli_error($link);
exit();
}
}
mysqli_close($link);
}
谢谢大家的帮助。我需要弄清楚php的调试情况。现在,我在Eclipse和调试我的网站上写的,十分令人气愤..这是我用什么:
$query = "SELECT * FROM 68_users WHERE email= '$email'";
$result = mysqli_query($link, $query);
if($result->num_rows > 0) {
echo 'This email has previously been registered';
}else{
$query = "INSERT INTO 68_users (email,pass,old_pass,first_name,last_name,dob,gender,phone,fanmail)
VALUES ('$email',AES_ENCRYPT('$pass', 'something'),AES_ENCRYPT('$pass', 'something'),'$first_name','$last_name','$dob','$gender','$phone','$fanmail')"
or die(mysqli_error());
if (!mysqli_query($link, $query)) {
echo 'error: '.mysqli_error($link);
exit();
}
header('Location: http://www.example.com/html/thankyou.html') ;
}
如果您运行它,会发生什么情况? –
'WHERE email = $ email'至少需要'WHERE email ='$ email'',你不应该使用'AES_ENCRYPT'作为密码,因为它是可逆的,我猜你很容易被SQL注入。 – ceejayoz
在这里使用准备好的语句 - 会让你的生活更轻松 – ethrbunny