問題描述

我不斷收到這個錯誤，我在修復這個錯誤時遇到了問題，我在 PHP 方面并不擅長，因為我還在學習.我正在處理注冊表并使用 PHP 5.6.我查看了有關較舊問題的其他答案，但沒有成功.

I keep getting this errors and I am having problems fixing that, am not good in PHP because am still learning. I am working on a registration form and am using PHP 5.6. I have looked at other answers on older questions but I haven't succeeded.

這是我的代碼:

<?php
session_start();
if (isset($_SESSION['user']) != "") {
    header("Location: index.html");
}
include_once 'dbconnect.php';

if (isset($_POST['signup'])) {
    $fname  = mysqli_real_escape_string($_POST['fullname']);
    $tphone = mysqli_real_escape_string($_POST['telephone']);
    $uemail = mysqli_real_escape_string($_POST['email']);
    $urole  = mysqli_real_escape_string($_POST['role']);
    $upass  = md5(mysqli_real_escape_string($_POST['upass']));
    
    $uname  = trim($uname);
    $tphone = trim($tphone);
    $email  = trim($email);
    $urole  = trim($role);
    $upass  = trim($upass);
    
    // email exist or not
    $query  = "SELECT email FROM users WHERE email='$uemail'";
    $result = mysqli_query($query);
    
    $count = mysqli_num_rows($result); // if email not found then register
    
    if ($count == 0) {
        
        if (mysqli_query("INSERT INTO users(firstname,telephone,email,role,pass) VALUES('$fname','$tphone','$uemail','$urole',$upass')")) {
?>
           <script>alert('successfully registered ');</script>
            <?php
        } else {
?>
           <script>alert('error while registering you...');</script>
            <?php
        }
    } else {
?>
           <script>alert('Sorry Email ID already taken ...');</script>
            <?php
    }
    
}
?> 

我不斷收到的錯誤是:

警告:mysqli_real_escape_string() 需要 2 個參數，1 個在 C:Apache24htdocsTimewiselandinglogin.php 第 12 行

Warning: mysqli_real_escape_string() expects exactly 2 parameters, 1 given in C:Apache24htdocsTimewiselandinglogin.php on line 12

警告:mysqli_real_escape_string() 需要 2 個參數，1 個在 C:Apache24htdocsTimewiselandinglogin.php 第 13 行

Warning: mysqli_real_escape_string() expects exactly 2 parameters, 1 given in C:Apache24htdocsTimewiselandinglogin.php on line 13

警告:mysqli_query() 需要至少 2 個參數，其中 1 個在 C:Apache24htdocsTimewiselandinglogin.php 第 18 行

Warning: mysqli_query() expects at least 2 parameters, 1 given in C:Apache24htdocsTimewiselandinglogin.php on line 18

警告:mysqli_fetch_array() 期望參數 1 為 mysqli_result，C:Apache24htdocsTimewiselandinglogin.php 第 19 行給出的 null

Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, null given in C:Apache24htdocsTimewiselandinglogin.php on line 19

警告:mysqli_num_rows() 期望參數 1 為 mysqli_result，C:Apache24htdocsTimewiselandinglogin.php 第 21 行給出的 null

Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, null given in C:Apache24htdocsTimewiselandinglogin.php on line 21

你能幫我解決這個問題嗎，我需要知道我應該如何實際解決這個問題.

Can you please help me on this, I need to know how I should fix this practically.

推薦答案

技術上回答這個問題，根據手冊，這兩個函數都需要傳遞一個數據庫連接并作為第一個參數:

To technically answer this, both of these functions require a db connection be passed and as the first parameter, as per the manuals:

• http://php.net/manual/en/mysqli.query.php
• http://php.net/manual/en/mysqli.real-escape-string.php

然后在評論中聲明您正在使用 PDO 進行連接.

Then in comments you state that you are using PDO to connect with.

那些不同的 MySQL API 不會混合使用.從連接到查詢，您需要使用相同的方法.因此，如果您想繼續使用 PDO 連接，您將需要使用 PDO 函數來查詢，而不是 mysqli_*.

Those different MySQL APIs do not intermix. You need to use the same one from connecting to querying. Therefore, if you want to continue to use a PDO connection, you will need to use the PDO functions to query with and not mysqli_*.

• 從手冊開始:http://php.net/manual/en/book.pdo.php 都在里面.

• Start with the manual: http://php.net/manual/en/book.pdo.php it's all in there.

對于 PDO 準備好的語句:

And for PDO prepared statements:

• http://php.net/pdo.prepared-statements

還要檢查錯誤:

• http://php.net/manual/en/pdo.error-handling.php (PDO)
• http://php.net/manual/en/function.error-reporting.php (PHP)

• http://php.net/manual/en/pdo.error-handling.php (PDO)
• http://php.net/manual/en/function.error-reporting.php (PHP)

密碼

我還注意到您正在嘗試存儲密碼 MD5.不建議這樣做，因為將其用作密碼存儲功能不再被認為是安全的.

I also noticed that you are attemtpting to store passwords MD5. This is not recommended as it is no longer considered safe to use as a password storing function.

• 如果您打算使用此功能進行直播，不要.

使用以下方法之一:

• CRYPT_BLOWFISH
• crypt()
• bcrypt()
• scrypt()
• 開放式墻
• PBKDF2
• PHP.net 上的 PBKDF2
• PHP 5.5 的 password_hash() 函數.
• 兼容包(如果 PHP <5.5)https://github.com/ircmaxell/password_compat/

其他鏈接:

• PBKDF2 對于 PHP

關于列長度的重要旁注:

如果您決定使用 password_hash() 或 crypt，請務必注意，如果您當前密碼列的長度小于 60，則需要將其更改為(或更高).手冊建議長度為 255.

If and when you do decide to use password_hash() or crypt, it is important to note that if your present password column's length is anything lower than 60, it will need to be changed to that (or higher). The manual suggests a length of 255.

您需要更改列的長度并使用新的散列重新開始以使其生效.否則，MySQL 將靜默失敗.

You will need to ALTER your column's length and start over with a new hash in order for it to take effect. Otherwise, MySQL will fail silently.

我也說過:

if (isset($_SESSION['user']) != "") 會給你一個誤報.

語法是:if isset AND equals to，而不是if isset equals to，這是它目前被解釋為的內容.

The syntax is: if isset AND equals to, and not if isset equals to which is what it is presently being interpreted as.

使用:

if (isset($_SESSION['user']) && $_SESSION['user'] != "")

關于你的 POST 數組.

In regards to your POST arrays.

確保您使用的 HTML 表單確實使用了 POST 方法，并且所有元素都擁有各自的名稱屬性.

Make sure the HTML form you are using does use a POST method and that all elements hold their respective name attributes.

即: 等

請注意，name="fullname" 和 name="FullName" 是兩種不同的動物.

Note that name="fullname" and name="FullName" are two different animals.

• 那些區分大小寫.

還建議在每個header后面加上exit;，否則你的代碼可能想繼續執行.

It is also suggested to add exit; after each header, otherwise your code may want to continue to execute.

header("Location: index.html");
exit;

這篇關于mysqli_real_escape_string() 需要 2 個參數，1 個給定致命錯誤的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網！