1. 首页
  2. 问答
  3. PDO注册表格

PDO注册表格

2013-05-08 133 views
0

我很努力地从MySQL掌握PDO,这里是我的注册表格。PDO注册表格

我收到的错误对我来说不太合理,任何人都可以帮我完成注册表吗?

<? include 'includes/overall/head.php'; 
include 'core/init.php';?> 
<div id="page" class="container"> 
<div id="box1"> 
    <h2 class="title"><? echo $welcome; ?></h2> 
    <div style="clear: both;">&nbsp;</div> 
    <div class="entry"> 
     <form method="POST" action="process_user.php"> 
     Username*: <br/> 
     <input type="text" name="username" /><br/> 
     Password*: <br/> 
     <input type="password" name="password" /><br/> 
     Confirm Password*: <br/> 
     <input type="password" name="password_confirm" /><br/> 
     Email*: <br/> 
     <input type="text" name="email" /><br/> 
     Confirm Email*: <br/> 
     <input type="text" name="email_confirm" /><br/> 
     <?require_once('recaptchalib.php'); 
     $publickey = "*****"; 
     echo recaptcha_get_html($publickey);?> 
     <input type="submit" name="submit" value="Register"> 
     </form> 
    </div> 
</div> 
<? include 'includes/overall/footer.php'; ?>

这是prcess_user.php

<? include 'includes/overall/head.php'; 
include 'core/init.php';?> 
<div id="page" class="container"> 
<div id="box1"> 
    <h2 class="title"><? echo $welcome; ?></h2> 
    <div style="clear: both;">&nbsp;</div> 
    <div class="entry"> 
     <? 
      require_once('recaptchalib.php'); 
      $privatekey = "*****"; 
      $resp = recaptcha_check_answer ($privatekey, 
              $_SERVER["REMOTE_ADDR"], 
              $_POST["recaptcha_challenge_field"], 
              $_POST["recaptcha_response_field"]); 

      if (!$resp->is_valid) { 
      die ("The reCAPTCHA wasn't entered correctly. Go back and  try it again."); 
      } else { 

     if (empty($_POST) === false) { 
      $required_fields = array('username', 'password', 'password_confirm', 'email', 'email_confirm'); 
      foreach($_POST as $key=>$value) { 
       if (empty($value) && in_array($key, $required_fields) === true) { 
       $errors[] = 'Fields marked with an asterisk are required.'; 
       break 1; 
       } 
      } 
     } 
     if (empty($errors) === true) { 
       if(user_exists($_POST['username'] === true)) { 
        $errors[] = 'Sorry, the username \''.$_POST['username'].'\' is already taken.'; 
       } 
       if (preg_match("/\\s/", $_POST['username'] == true)) { 
        $errors[] = 'Your username cannot contain any spaces'; 
       } 
       if (strlen($_POST['password']) < 6 || strlen($_POST['password'] > 32)) { 
        $errors[] = 'Your password must be between 6 and 32 characters'; 
       } 
       if ($_POST['password'] !==  $_POST['password_confirm']) { 
        $errors[] = 'Your passwords did not match'; 
       } 
       if (filter_var($_POST['email'],  FILTER_VALIDATE_EMAIL) === false) { 
        $errors[] = 'Please enter a valid email address.'; 
       } 
       if (email_exists($_POST['email']) === true) { 
        $errors[] = 'The email address  \''.$_POST['email'].'\' is arealdy registered.'; 
       }     
      }     
     } 
     if (isset($_GET['success']) && empty($_GET['success'])) { 
      echo 'You\'ve been successfully registered, please check  your email inbox to activate your account'; 
     } else { 
      if (empty($_POST) === false && empty($errors) === true) { 
       $register_data = array(
        'username' => $_POST['username'], 
        'password' => $_POST['password'], 
        'email' => $_POST['email'], 
        'email_code' => md5($_POST['username'] +   microtime()) 
       ); 
       register_user($register_data); 
       header('location: register.php?success'); 
       exit(); 
      } else if(empty($errors) === false) { 
       echo output_errors($errors); 
      } 

      //LINK TO GO BACK AND TRY AGAIN 
     } 

     ?> 
    </div> 
</div> 
<? include 'includes/overall/footer.php'; ?>

最后,功能与他们

<?php 
function user_exists($username) { 
$username = sanitize($username); 
$query = "SELECT COUNT(`user_id`) FROM `users` WHERE `username` = `$username`"; 
$stmt = $dbh->prepare($query); 
$stmt->execute(); 
return ($stmt->rowCount() == 1) ? true : false; 
} 
function email_exists($email) { 
$email = sanitize($email); 
$query = "SELECT COUNT (`user_id`) FROM `users` WHERE `email` = $email"; 
$stmt = $dbh->prepare($query); 
$stmt->execute(); 
return ($stmt->rowCount() == 1) ? true : false; 
} 
function register_user($register_data) { 
array_walk($register_data, 'array_sanitize'); 
$register_datapw = $register_data['password']; 
require ('../../includes/blowfish.class.php'); 
$bcrypt = new Bcrypt(4); 
$register_data['password'] = $bcrypt->hash($_POST['password']); 

$fields = '`' . implode('`, `', array_keys($register_data)) . '`'; 
$data = '\'' . implode('\', \'', $register_data) . '\''; 

$query = "INSERT INTO `USERS` ($fields) VALUES ($data)"; 
$stmt->prepare($query); 
$stmt->execute(); 
} 
?>

去这是错误我收到

[08-May-2013 09:44:52 America/Denver] PHP Parse error: syntax error, unexpected '$' in .../process_user.php on line 50这是 if (isset($_GET['success']) && empty($_GET['success'])) {

来源

2013-05-08 user2305310

+2

此错误与PDO无关,也不与表单处理有关。这是PHP语法问题。你需要首先学习正确的PHP语法 – 2013-05-08 23:27:46

+0

'echo $ query;'在'register_user'中,它可能会有意义... – RafH 2013-05-08 23:30:45

回答

1

PHP中的empty()函数有一些非常奇怪的语义。每the fine manual

在PHP 5.5之前,empty()只支持变量;其他任何东西都会导致解析错误。换句话说,以下内容不起作用:empty(trim($name))。相反,使用trim($name) == false

同样,您将需要使用$_GET['success'] == false而不是empty($_GET['success'])

顺便说一句:您正在使用PDO,这是很好的,但你仍然插值用户输入到你的SQL查询,这是非常,非常,非常糟糕。了解如何在继续之前正确使用绑定变量的PDO。

来源

2013-05-08 23:31:34 duskwuff

+0

非常感谢您的意见,我一定会检查一下。 – user2305310 2013-05-08 23:40:19

相关问题

 相关问题