-1
我试图将html表单值插入到数据库中,但未执行。我无法弄清楚问题可能是什么。我已经运行mysql错误测试来检查可能是什么原因导致它,但它没有显示任何东西。未插入数据库的数据
下面是插入语句:
<?php
require_once('../includes/config.php');
if (isset($_POST['add_user'])) {
$file=$_FILES['image']['tmp_name'];
$image= addslashes(file_get_contents($_FILES['image']['tmp_name']));
$image_name= addslashes($_FILES['image']['name']);
$location="uploads/" . $_FILES["image"]["name"];
$name = strip_tags(mysql_real_escape_string($_POST['name']));
$gender=strip_tags(mysql_real_escape_string($_POST['gender']));
$uname=strip_tags(mysql_real_escape_string($_POST['username']));
$ut=strip_tags(mysql_real_escape_string($_POST['user_type']));
$pass=strip_tags(mysql_real_escape_string($_POST['password']));
$salt = sha1('_wchs2242%..father%/**...mygreenparrot_password&username\--\__/heelo"@@@@@@.');
$password = md5($pass.$salt);
$status=strip_tags(mysql_real_escape_string($_POST['status']));
if(empty($name) || empty($uname) || empty($pass)){
$_SESSION['error'] = '<div class="alert-error"><span class="glyphicon glyphicon-info"></span> Please check your inputs for missing values.</div>';
header('Location: add_member');
}
elseif(!empty($uname)){
$query = "SELECT username FROM panel_users WHERE username = '$uname'";
$chk = mysql_query($query);
if(mysql_num_rows($chk) > 0){
$_SESSION['error'] = '<div class="alert-error"><span class="glyphicon glyphicon-info"></span> The username you entered already exist in the database. please input another one</div>';
header('Location: add_member');
}
}
elseif(!empty($name) && !empty($uname) && !empty($pass)){
move_uploaded_file($_FILES["image"]["tmp_name"],"uploads/" . $_FILES["image"]["name"]);
$save="INSERT INTO panel_users (name, gender, user_type, username, password, status, pic) VALUES('$name','$gender', '$ut','$uname','$password','$status','$location')";
$sate = mysql_query($save);
if($sate == true){
$_SESSION['success'] = '<div class="alert-success"><span class="glyphicon glyphicon-checked"></span> Saved!</div>';
header('Location: add_member');
exit;
}
else{
echo $_SESSION['error'] = '<div class="alert-error"><span class="glyphicon glyphicon-info"></span> Failed! Please try again.</div>';
header('Location: add_member');
exit;
}
}
}
?>
强制性的“不要使用mysql_ *函数”注释。至少使用mysqli,请记住保护自己免受SQL注入 –
使用'password_hash'来散列你的密码。不要使用'md5' – Akintunde007
开始新鲜这是坏的只是被修复 – nogad