我的网站上有一个注册表单,每当新用户注册时,就会运行以下代码:
$sql = "SELECT * FROM users WHERE uidUsers=?;";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt)) {
header("Location: ../signup.php?error=sqlerror");
exit();
}
else {
mysqli_stmt_bind_param($stmt, "s", $username);
mysqli_stmt_execute($stmt);
$resultCheck = mysqli_stmt_num_rows($stmt);
if ($resultCheck > 0) {
header("Location: ../signup.php?error=usertaken");
exit();
}
else {
$hashedPwd = password_hash(PASSWORD_DEFAULT, $password);
$sql = "INSERT INTO users (`uidUsers`, `pwdUsers`, `phraseUsers`) VALUES(?,
?, ?)";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt)) {
header("Location: ../signup.php?error=sqlerror");
exit();
}
else {
mysqli_stmt_bind_param($stmt, "sss", $username, $hashedPwd,
$securityphrase);
mysqli_stmt_execute($stmt);
header("Location: ../login.php?signup=success");
exit();
}
当不应为!mysqli_stmt_prepare
提供数据库环境以及正确的 INSERT
语句时,将触发该处理程序。因此,我不明白为什么会触发它,我问为什么?
关于堆栈溢出也有类似的问题
谢谢你的帮助,password_hash
的问题顺序,应该是这样password_hash($var, PASSWORD_DEFAULT);
.我犯的第二个错误是没有在mysqli_stmt_prepare
中包含我的$sql
陈述,应该是这样的!mysqli_stmt_prepare($stmt, $sql)
。