[英]Account activation PHP
I created this account registration activation script of my own, I have checked it over again and again to find errors, I don't see a particular error... 我创建了自己的帐户注册激活脚本,我已经一遍又一遍地检查它以发现错误,但没有看到特定的错误...
The domain would be like this: 域如下所示:
http://domain.com/include/register.php?key=true&p=AfRWDCOWF0BO6KSb6UmNMf7d333gaBOB http://domain.com/include/register.php?key=true&p=AfRWDCOWF0BO6KSb6UmNMf7d333gaBOB
Which comes from an email, when a user clicks it, they get redirected to this script: 来自电子邮件,当用户单击电子邮件时,他们将重定向到此脚本:
if($_GET['key'] == true)
{
$key = $_GET['p'];
$sql = "SELECT * FROM users
WHERE user_key = '" . $key . "'";
$result = mysql_query($sql) or die(mysql_error());
if(mysql_affected_rows($result) > 0)
{
$sql = "UPDATE users
SET user_key = '', user_active = '1'
WHERE user_key = '" . $key . "'";
$result = mysql_query(sql) or die(mysql_error());
if($result)
{
$_SESSION['PROCESS'] = $lang['Account_activated'];
header("Location: ../index.php");
}
else
{
$_SESSION['ERROR'] = $lang['Key_error'];
header("Location: ../index.php");
}
}
else
{
$_SESSION['ERROR'] = $lang['Invalid_key'];
header("Location: ../index.php");
}
}
It doesn't even work at all, I looked in the database with the user with that key, it matches but it keeps coming up as an error which is extremely annoying me. 它甚至根本不起作用,我用那个密钥和用户一起在数据库中查找,它匹配但它不断出现,这是一个使我非常烦恼的错误。 The database is right, the table and column is right, nothing wrong with the database, it's the script that isn't working. 数据库是正确的,表和列是正确的,数据库没有错,这是脚本无法正常工作。
Help me out, guys. 伙计们,帮帮我。
Thanks :) 谢谢 :)
$_GET['key'] == true
to $_GET['key'] == "true"
将$_GET['key'] == true
更改$_GET['key'] == "true"
if
, a successful mysql_connect(...)
or mysql_pconnect(...)
? if
成功,则在此之前执行mysql_connect(...)
或mysql_pconnect(...)
吗? mysql_affected_rows($result);
更改mysql_affected_rows($result);
to mysql_num_rows($result);
到mysql_num_rows($result);
. 。 Affected you can use for DELETE
or UPDATE
SQL statements . 受影响的可以用于DELETE
或UPDATE
SQL语句 。 mysql_result(...)
, mysql_free_result($result);
在您第二次打开之前,在第二次之前添加mysql_result(...)
, mysql_free_result($result);
to free memory allocated to previous result. 释放分配给先前结果的内存。 if($result)
change to if(mysql_affected_rows($result));
if($result)
更改为if(mysql_affected_rows($result));
. 。 You can do that here. 你可以在这里做。 header(...);
在header(...);
function call's add a return 0;
函数调用加一个return 0;
or exit(0);
或exit(0);
depends on your complete code logic. 取决于您完整的代码逻辑。 $key
variable in SQL statements , to get your code more secure on SQL Injection attacks get change $key = $_GET['p'];
您正在SQL语句中使用$key
变量,以使您的代码在SQL Injection攻击中更安全,请更改$key = $_GET['p'];
to $key = mysql_real_escape_string($_GET['p']);
到$key = mysql_real_escape_string($_GET['p']);
header()
functions fails. 我认为您在header()
函数中的位置失败。 In header()
url address should be full like: http://www.example.com/somewhere/index.php 在header()
网址应完整,例如: http : //www.example.com/somewhere/index.php $_GET['p']
variable exists!! 并检查您的$_GET['p']
变量是否存在! If this not exist and if $_GET['key']
exists, you find all activated users. 如果不存在,并且$_GET['key']
存在,则将找到所有激活的用户。 Then i think the setting user_key to '' is nessesary if you have user_activated marker. 然后我认为如果您有user_activated标记,则将user_key设置为”是必要的。 you shouldnt be using: 您不应该使用:
if(mysql_affected_rows($result) > 0)
You should be using mysql_num_rows() 您应该使用mysql_num_rows()
Your problem is: 您的问题是:
$result = mysql_query($sql) or die(mysql_error());
"or" makes your statement boolean
so $result gets a True
instead of value returned by mysql_query() “或”使您的语句为boolean
因此$ result获取True
而不是mysql_query()返回的值
echo 'Hello' or die('bye'); // outputs nothing, because result is True not 'Hello'
3 or die() == True; // true
3 or die() != 3; // true
OR is the same as || OR与||相同 and it is operator of logical statement . 它是逻辑语句的运算符 。
This will work: 这将有效:
$result = mysql_query($sql);
if(!$result) die(mysql_error());
The same mistake was made a few hours ago: link 几个小时前犯了同样的错误: 链接
Cases where OR can be used: 可以使用OR的情况:
defined('FOO') or
define('FOO', 'BAR');
mysql_connect(...) or die(...);
mysql_select_db( .... ) or die(...);
mysql_query('UPDATE ...') or die(...);
if(FOO or BAR) { ... }
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.