Краткое описание: название в C:\xampp\htdocs\quicksilver\register\insert.php на линии 2 Краткое описание электронной почты в C:\xampp\htdocs\quicksilver\register\insert.php на 3-ей линии
<html> <title>Login</title> <head> <embed src="C:\Users\hp\Desktop\New website\Die Antwoord - Banana Brain (Audio)_low-mc (1).wav" autostart="true" loop="true" width="0" height="0"> <link rel="stylesheet" type="text/css" href="css/login.css" /> <script src="C:\Users\hp\Desktop\New website\js\script.js"></script> <script src="https://apis.google.com/js/platform.js" async defer></script> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css"> </head> <body background="C:\Users\hp\Desktop\New website\hd_car_wallpapers 5.jpg"><center> <div class="g-signin2" data-onsuccess="onSignIn" data-theme="dark"></div> <img src= "C:\Users\hp\Desktop\New website\Quiksilver_black_wordmark_and_logo.jpg"> <hr> <h3> <a href=home.html>Home</a> <a href=photo.html>Photo Gallery</a> <a href=member.html>Members</a> <a href=about.html>About us</a> <a href=contact.html>Contact us</a> <a href=signin.html>Sign in</a> </h3> <h1><font color="red">AUTONOIDS</font> </h1> <h2>Chandigarh University, INDIA</h2> <div class="container" id="container"> <div class="form-container sign-up-container"> <form name="User" action="insert.php" method="post"> <h1>Create Account</h1> <div class="social-container"> <a href="#" class="social"></a> <a href="https://www.google.com/accounts/o8/ud" class="social"></a> <a href="#" class="social"></a> </div> <span>or use your email for registration</span> <input type="text" placeholder="Name"/> <input type="email" placeholder="Email"/> <input type="password" placeholder="Password" minlength="8" required/> <button>Sign Up</button> </form> </div> <div class="form-container sign-in-container"> <form action="#"> <h1>Sign in</h1> <div class="social-container"> <a href="#" class="social"></a> <a href="https://www.google.com/accounts/o8/ud" class="social"></a> <a href="#" class="social"></a> </div> <span>or use your account</span> <input type="email" placeholder="Email" /> <input type="password" placeholder="Password" /> <a href="#">Forgot your password?</a> <button>Sign In</button> </form> </div> <div class="overlay-container"> <div class="overlay"> <div class="overlay-panel overlay-left"> <h1>Welcome Back!</h1> <p>To keep connected with us please login with your personal info</p> <button class="ghost" id="signIn">Sign In</button> </div> <div class="overlay-panel overlay-right"> <h1>Hello, Friend!</h1> <p>Enter your personal details and start journey with us</p> <button class="ghost" id="signUp">Sign Up</button> </div> </div> </div> </div> <script> const signUpButton = document.getElementById('signUp'); const signInButton = document.getElementById('signIn'); const container = document.getElementById('container'); signUpButton.addEventListener('click', () => { container.classList.add("right-panel-active"); }); signInButton.addEventListener('click', () => { container.classList.remove("right-panel-active"); }); </script> <script> function onSignIn(googleUser) { // Useful data for your client-side scripts: var profile = googleUser.getBasicProfile(); console.log("ID: " + profile.getId()); // Don't send this directly to your server! console.log('Full Name: ' + profile.getName()); console.log('Given Name: ' + profile.getGivenName()); console.log('Family Name: ' + profile.getFamilyName()); console.log("Image URL: " + profile.getImageUrl()); console.log("Email: " + profile.getEmail()); // The ID token you need to pass to your backend: var id_token = googleUser.getAuthResponse().id_token; console.log("ID Token: " + id_token); } </script> </body> </html>
Что я уже пробовал:
<?php $Name = $_POST['Name']; $Email = $_POST['Email']; $Password = $_POST['Password']; if (!empty($Name) || !empty($Email) || !empty($Password)) { $host="localhost"; $dbUsername="root"; $dbPassword=""; $dbname="bdb"; $conn=new mysqli($host,$dbUsername,$dbPassword,$dbname); if (mysqli_connect_error()) { die('Connect Error('.mysqli_connect_errno().')'.mysqli_connect_error()); }else { $SELECT="SELECT Email From register Where Email = ? Limit 1"; $SELECT="INSERT Into regiter(Name,Email,Password) values( '$Name', '$Email', '$Password')"; $stmt= $conn->prepare($SELECT); $stmt->bind_param("s", $Email); $stmt->execue(); $stmt->bind_result($Email); $stmt->store_result(); $rnum= $stmt->num_rows; if ($rnum==0) { $stmt->close(); $stmt= $conn->prepare($INSERT); $stmt->bind_param("sss",$Name,$Email,$Password); $stmt->execute(); echo "New record entered successfully"; }else { echo "Someone already registerd using this email"; } $stmt->close(); $conn->close(); } }else { echo "All field are required"; die(); } ?>
Richard Deeming
Ваш код уязвим для SQL-инъекция[^]. НИКОГДА используйте конкатенацию строк для построения SQL-запроса. ВСЕГДА используйте параметризованный запрос.
Все, что вы хотели знать о SQL-инъекции (но боялись спросить) | Трой Хант[^]
Как я могу объяснить SQL-инъекцию без технического жаргона? | Обмен Стеками Информационной Безопасности[^]
PHP: SQL-инъекция - руководство пользователя[^]