需要 PHP HTML 帮助填写注册表
[英]Need PHP HTML help with register form
问题描述
here is some code that I plan on using in a registration form for my site
这是我计划在我的网站的注册表单中使用的一些代码
<?php
session_start();
include ("includes/config.php");
if ($Authenticated == False) {
?>
<div id="register">
<form action="index.php?page=register" method="post">
<lable id="registerStuff"> Name: </>
<input id="registerIn" type='text' name='name' maxlength="20" />
<br/>
<lable id="registerStuff"> Surname: </>
<input id="registerIn" type='text' name='surname' maxlength="20" />
<br/>
<lable id="registerStuff"> Username: </>
<input id="registerIn" type='text' name='username' maxlength="20" />
<br/>
<lable id="registerStuff"> Password: </>
<input id="registerIn" type='password' name='password' maxlength="20" />
<br/>
<lable id="registerStuff"> Retype Password: </>
<input id="registerIn" type='password' name='passwordcheck' maxlength="20" />
<br/>
<input type='submit' value='Register'>
<br/>
</form>
</div>
<?php
$name = mysql_real_escape_string($_POST['name']);
$surname = mysql_real_escape_string($_POST['surname']);
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string(md5($_POST['password']));
$passwordcheck = mysql_real_escape_string(md5($_POST['passwordcheck']));
if ($username OR $password OR $passwordcheck != null) {
if ($password == $passwordcheck) {
$query = "INSERT INTO users (name, surname, username, password) VALUES ('" . $name . "', '" . $surname . "', '" . $username . "', '" . $password . "')";
$result = mysql_query($query);
if (!$result) {
echo "Username wrong";
}
} else {
echo "passwords didnt match";
}
}
}
if ($Authenticated == True) {
header("Location: index.php");
}
?>
I cant seem to get proper error messages working, I need to check if the 2 passwords entered are identical, I also need to make sure that no blanks can be entered into the DB.我似乎无法得到正确的错误消息,我需要检查输入的 2 个密码是否相同,我还需要确保没有空格可以输入到数据库中。 If anyone could help me at all it would be much appreciated如果有人可以帮助我,将不胜感激
2 个解决方案
解决方案1
2 已采纳 2011-07-12 16:27:42
You made quite a common mistake I guess.我猜你犯了一个很常见的错误。 Most beginners seem to want to write as little code as possible.大多数初学者似乎都希望编写尽可能少的代码。 However, in this case that doesn't work.但是,在这种情况下,这是行不通的。 You will have to check each variable for emptiness.您必须检查每个变量是否为空。
Your code would be correct when you changed your if construct:当您更改 if 构造时,您的代码将是正确的:
if ($username != "" AND $password != "" AND $passwordcheck != "") {
}
However, to make the code look a bit slighter, it's probably best to just use the function empty() that returns TRUE if the variable is empty:但是,为了使代码看起来更简洁,最好只使用 function empty()如果变量为空则返回TRUE :
if (!empty($username) AND !empty($password) AND !empty($passwordcheck)) {
}
解决方案2
1 2011-07-12 16:29:14
Very interesting code you have there.你那里有非常有趣的代码。 I would suggest, before asking people here to write more than half of your script, to Google "PHP Login Script" - this is the number one result and the answer to your question.我建议,在要求这里的人编写你的脚本的一半以上之前,谷歌“PHP 登录脚本”—— this是第一个结果,也是你问题的答案。
$sql="SELECT * FROM $tbl_name
WHERE username='$myusername' AND password='$mypassword'";
$result=mysql_query($sql);
With that said, this is the incorrect way of doing it and you should look into prepared statements.话虽如此,这是不正确的做法,您应该查看准备好的陈述。 Since you're starting off, you probably should start of with a security mindset.既然你刚开始,你可能应该从安全心态开始。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.