简体   繁体   English

我如何告诉用户他们的 email 已经注册?

[英]How do I tell the user their email is already registered?

I have put a UNIQUE index on my email column in the database, and when I enter an already registered email the database does not update.我在数据库中的 email 列上放置了一个唯一索引,当我输入已经注册的 email 时,数据库不会更新。 so that works well.所以效果很好。 I now need to tell the user entering an already existing email(on the signup page) that it is already registered and redirect them to the homepage.我现在需要告诉用户输入一个已经存在的电子邮件(在注册页面上)它已经注册并将他们重定向到主页。

Please check my SQL injection code too and correct if there are any errors.请检查我的 SQL 注入代码,如果有任何错误,请更正。


$fullname = $_POST['fullname'];
$email = $_POST['email'];
$mobilenumber = $_POST['mobilenumber'];

//prevent sql injection
$fullname = stripslashes($fullname);
$email = stripcslashes($email);
$mobilenumber = stripslashes($mobilenumber);
$fullname = mysql_real_escape_string($fullname);
$email = mysql_real_escape_string($email);
$mobilenumber = mysql_real_escape_string($mobilenumber);

//Database Connection

$conn = new mysqli("#","#","#","#");
    die('connection Failed : '.$conn->connect_error);
        $stmt = $conn->prepare("insert into signup(fullname,email,mobilenumber)values(?,?,?)");



As per the comment - if you do a simple select before trying to do the insert you can fork the program logic and let the user know.根据评论 - 如果您在尝试insert之前执行简单的select ,您可以分叉程序逻辑并让用户知道。


    if( $_SERVER['REQUEST_METHOD']=='POST' && isset( 
        $fullname = $_POST['fullname'];
        $email = $_POST['email'];
        $mobilenumber = $_POST['mobilenumber'];
        $dbport =   3306;
        $dbhost =   'localhost';
        $dbuser =   'dbo-user-xxx';
        $dbpwd  =   'dbo-pwd-xxx';
        $dbname =   'db-xxx';
        error_reporting( E_ALL );
        $conn = new mysqli( $dbhost, $dbuser, $dbpwd, $dbname );
            #check email before insert
            $sql='select `email` from `signup` where `email`=?';
            $stmt=$conn->prepare( $sql );
            if( $stmt->num_rows==0 ){
                /* email does not exist - perform insert */
                $sql='insert into `signup` ( `fullname`, `email`, `mobilenumber` ) values ( ?, ?, ? )';
                $stmt=$conn->prepare( $sql );
                $stmt->bind_param('sss', $fullname, $email, $mobilenumber );
                exit( header('Location: thankyou.html') );
                /* email does exist - tell user */
                exit( header('Location: ?error=true&email=true' ) );
        }catch( mysqli_sql_exception $e ){
            exit( $e->getMessage() );

Alternatively you can try/catch as before but use the return error code to fork the logic或者,您可以像以前一样try/catch ,但使用返回错误代码来分叉逻辑

        mysql> describe signup;
        | Field        | Type             | Null | Key | Default | Extra          |
        | id           | int(10) unsigned | NO   | PRI | NULL    | auto_increment |
        | fullname     | varchar(50)      | NO   |     | NULL    |                |
        | email        | varchar(64)      | NO   | UNI | NULL    |                |
        | mobilenumber | varchar(16)      | NO   |     | NULL    |                |
        mysql> select * from signup;
        | id | fullname | email                       | mobilenumber |
        |  1 | fred     | fred.flintstone@bedrock.com | 123          |

    /* Attempt to insert duplicate - but use error code 1062 to fork the logic */
    $dbport =   3306;
    $dbhost =   'localhost';
    $dbuser =   'dbo-user-xxx';
    $dbpwd  =   'dbo-pwd-xxx';
    $dbname =   'db-xxx';
    /* same email and phone number but different fullname */
    $fullname='freddy boy';
    error_reporting( E_ALL );
    $conn = new mysqli( $dbhost, $dbuser, $dbpwd, $dbname );
        $sql='insert into `signup` ( `fullname`, `email`, `mobilenumber` ) values ( ?, ?, ? )';
        $stmt=$conn->prepare( $sql );
        $stmt->bind_param('sss', $fullname, $email, $mobilenumber );

    }catch( mysqli_sql_exception $e ){
        if( $e->getCode()==1062 ){
            /* redirect the user and let them know the email already exists */
            exit( header( sprintf('Location: ?error=%s',$e->getMessage() ) ) );
  // first check the database to make sure 
  // a email does not already exist with the same  email
  $fullname = $_POST['fullname'];
  $email = $_POST['email'];
  $mobilenumber = $_POST['mobilenumber'];

  $user_check_query = "SELECT * FROM signup WHERE email='$email'LIMIT 1";
  $result = mysqli_query($cons, $user_check_query);
  $emailcheck= mysqli_fetch_assoc($result);
  if ($emailcheck) { // if email exists
    if ($emailcheck['email'] === $email) {
      array_push($errors, "email already exists");
    header('location: index.php');


  // Finally, register user if there are no errors in the form
  if (count($errors) == 0) {
     $sql = "insert into 
     $runsql = mysqli_query($cons, $sql);

    if($runsql) {
    } else {
        echo"Some thing is wrong";

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

粤ICP备18138465号  © 2020-2024 STACKOOM.COM