堆栈内存溢出
  简体   繁体   English

帐户激活PHP

[英]Account activation PHP

 原文  2010-06-09 23:51:09       php/ mysql/ account-management

问题描述

I created this account registration activation script of my own, I have checked it over again and again to find errors, I don't see a particular error... 我创建了自己的帐户注册激活脚本,我已经一遍又一遍地检查它以发现错误,但没有看到特定的错误...

The domain would be like this: 域如下所示:

http://domain.com/include/register.php?key=true&p=AfRWDCOWF0BO6KSb6UmNMf7d333gaBOB http://domain.com/include/register.php?key=true&p=AfRWDCOWF0BO6KSb6UmNMf7d333gaBOB

Which comes from an email, when a user clicks it, they get redirected to this script: 来自电子邮件,当用户单击电子邮件时,他们将重定向到此脚本: 

if($_GET['key'] == true)
{
    $key = $_GET['p'];

    $sql = "SELECT * FROM users
            WHERE user_key = '" . $key . "'";

    $result = mysql_query($sql) or die(mysql_error());

    if(mysql_affected_rows($result) > 0)
    {
        $sql = "UPDATE users
                SET user_key = '', user_active = '1'
                WHERE user_key = '" . $key . "'";

        $result = mysql_query(sql) or die(mysql_error());

        if($result)
        {
            $_SESSION['PROCESS'] = $lang['Account_activated'];
            header("Location: ../index.php");
        }
        else
        {
            $_SESSION['ERROR'] = $lang['Key_error'];
            header("Location: ../index.php");
        }
    }
    else
    {
        $_SESSION['ERROR'] = $lang['Invalid_key'];
        header("Location: ../index.php");
    }
}

It doesn't even work at all, I looked in the database with the user with that key, it matches but it keeps coming up as an error which is extremely annoying me. 它甚至根本不起作用,我用那个密钥和用户一起在数据库中查找,它匹配但它不断出现,这是一个使我非常烦恼的错误。 The database is right, the table and column is right, nothing wrong with the database, it's the script that isn't working. 数据库是正确的,表和列是正确的,数据库没有错,这是脚本无法正常工作。

Help me out, guys. 伙计们,帮帮我。

Thanks :) 谢谢 :)

3 个解决方案

解决方案1
 3 已采纳  2010-06-09 23:54:59

  1. Change $_GET['key'] == true to $_GET['key'] == "true" $_GET['key'] == true更改$_GET['key'] == "true"
  2. You do before this if , a successful mysql_connect(...) or mysql_pconnect(...) ? if成功,则在此之前执行mysql_connect(...)mysql_pconnect(...)吗?
  3. Change mysql_affected_rows($result); 更改mysql_affected_rows($result); to mysql_num_rows($result); mysql_num_rows($result); . Affected you can use for DELETE or UPDATE SQL statements . 受影响的可以用于DELETEUPDATE SQL语句
  4. Before you second if was opened, add before you second mysql_result(...) , mysql_free_result($result); 在您第二次打开之前,在第二次之前添加mysql_result(...)mysql_free_result($result); to free memory allocated to previous result. 释放分配给先前结果的内存。
  5. if($result) change to if(mysql_affected_rows($result)); if($result)更改为if(mysql_affected_rows($result)); . You can do that here. 你可以在这里做。
  6. After the header(...); header(...); function call's add a return 0; 函数调用加一个return 0; or exit(0); exit(0); depends on your complete code logic. 取决于您完整的代码逻辑。
  7. You are using $key variable in SQL statements , to get your code more secure on SQL Injection attacks get change $key = $_GET['p']; 您正在SQL语句中使用$key变量,以使您的代码在SQL Injection攻击中更安全,请更改$key = $_GET['p']; to $key = mysql_real_escape_string($_GET['p']); $key = mysql_real_escape_string($_GET['p']);
  8. I think your location in header() functions fails. 我认为您在header()函数中的位置失败。 In header() url address should be full like: http://www.example.com/somewhere/index.php header()网址应完整,例如: http : //www.example.com/somewhere/index.php
  9. And check your $_GET['p'] variable exists!! 并检查您的$_GET['p']变量是否存在! If this not exist and if $_GET['key'] exists, you find all activated users. 如果不存在,并且$_GET['key']存在,则将找到所有激活的用户。 Then i think the setting user_key to '' is nessesary if you have user_activated marker. 然后我认为如果您有user_activated标记,则将user_key设置为”是必要的。

解决方案2
 0  2010-06-09 23:59:48

you shouldnt be using: 您不应该使用: 

if(mysql_affected_rows($result) > 0)

You should be using mysql_num_rows() 您应该使用mysql_num_rows()

解决方案3
 -1  2010-06-10 00:02:53

Your problem is: 您的问题是: 

$result = mysql_query($sql) or die(mysql_error());

"or" makes your statement boolean so $result gets a True instead of value returned by mysql_query() “或”使您的语句为boolean因此$ result获取True而不是mysql_query()返回的值 

echo 'Hello' or die('bye'); // outputs nothing, because result is True not 'Hello'

3 or die() == True; // true
3 or die() != 3; // true

OR is the same as || OR||相同 and it is operator of logical statement . 它是逻辑语句的运算符

This will work: 这将有效: 

$result = mysql_query($sql);
if(!$result) die(mysql_error());

The same mistake was made a few hours ago: link 几个小时前犯了同样的错误: 链接

Cases where OR can be used: 可以使用OR的情况: 

defined('FOO') or
    define('FOO', 'BAR');

mysql_connect(...) or die(...);

mysql_select_db( .... ) or die(...);

mysql_query('UPDATE ...') or die(...);

if(FOO or BAR) { ... }

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 PHP帐户激活问题 - PHP Account Activation Issues PHP用户帐户激活检查不起作用 - PHP user account activation check not working PHP 和一般 PHP 帮助中的帐户激活超时 - Account activation time out in PHP & general PHP help PHP:保护帐户激活脚本不受滥用 - PHP : Protect account-activation script from abuse WordPress用户帐户激活 - Wordpress user account activation 帐户激活,CodeIgniter - Account activation, CodeIgniter 激活帐户的最佳方法 - Best way for account activation 删除哨兵帐户激活检查 - Remove Sentry Account Activation Check 单击激活链接PHP / JavaScript后,检查用户是否通过电子邮件激活了帐户并显示消息 - check if user activated their account via email and display message after clicking on activation link PHP/JavaScript PHP mail()激活 - PHP mail () activation
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM