检查用户名是否可用以及电子邮件验证

Question

I have a problem with checking if the username exist. 我在检查用户名是否存在时遇到问题。 It works if it does exist. 如果确实存在，它将起作用。 But if the username doesn't exist it just send me to an empy page. 但是，如果用户名不存在，则将我发送到一个Empy页面。 It seems that it doesn't go to the next statement. 似乎它不会转到下一条语句。

Here the code 这里的代码

<?php
if($_POST[username]  && $_POST[email] &&  isset($_POST[password])  && isset($_POST[password2])  && $_POST[password] == $_POST[password2])
{
    include ('*********'); /my connection to the database
    $username = $_POST[username];

            //check with the registred members
    $query2 = "SELECT * FROM registredMembers WHERE username='$username'"; 
    $result2 = mysql_query($query2, $conn) or die(mysql_error());
    $existing_users = mysql_num_rows($result2) or die(mysql_error());

            // check with the temporarly members, waiting to activate account
    $query3 = "SELECT * FROM tempMembers WHERE username='$username'"; 
    $result3 = mysql_query($query3, $conn) or die(mysql_error());
    $existing_users2 = mysql_num_rows($result3) or die(mysql_error());

    if($existing_users != 0 && $existing_users2 != 0) 
    {
        echo "<div id='msg'>Användarnamnet är upptaget</div>";
    }

    else 
    {   
        $confirmCode = md5(uniqid(rand()));
        $query = "INSERT INTO tempMembers VALUES ('$confirmCode', '$_POST[username]', '$_POST[email]', '$_POST[password]')";
        $result = mysql_query($query, $conn) or die(mysql_error());

        if($result)
        {
            $to = $_POST[email];
            $subject = utf8_decode("Här är din bekräftelselänk");
            $header = utf8_decode("Från Adib Haider (PHP-Projekt)");
            $message = "Din bekräftelselänk \r\n";
            $message.= "Klicka på länken för att aktivera ditt konto \r\n";
            $message.= "http://labb.vgy.se/~adibbinhar/blogg/confirmation.php?passkey=$confirmCode";
            $sentmail = mail($to, $subject, utf8_decode($message), $header);

            if($sentmail)
                echo "<div id='msg'>Aktiveringsmailet har skickat till din e-postadress</div>";
            else 
                echo "<div id='msg'>Aktiveringsmailet skickades inte</div>";
        }

        else
            echo "<div id='msg'>Testa igen</div>";
    }   
}

else
    echo "<div id='msg'>Prova igen</div>";

the text is on swedish hope you can live with that :P 文字在瑞典语中希望您可以接受：P

Answer 1

Add the "activated" column to your mysql: 将“已激活”列添加到您的mysql：

MYSQL MYSQL

ID | USERNAME | [...] FIELDS [...] | ACTIVATED
1  | Foo      | [...] FIELDS [...] | 1

PHP PHP

[...]
$query2 = 'SELECT * FROM registredMembers WHERE username='. mysql_real_escape_string($username);
$result = mysql_query($query, $conn) or die(mysql_error());

while ($row = mysql_fetch_array($result)) {
    if($row['activated'] == 1) {
       // User activated
    } else {
       // Send activation email
    }
}

Not tested, but can do the job. 未经测试，但可以胜任。

Answer 2

I'd check that tempMembers actually exists, and that you don't have any unique constraints in the database that prevent the insert from succeeding when you try with a username or email that already exists in the database. 我将检查tempMembers是否确实存在，并且您在数据库中没有任何唯一的约束，当您尝试使用数据库中已经存在的用户名或电子邮件时，该约束会阻止插入成功。

if the INSERT mysql_query returns 0 as a result, you die with mysql_error(), you can't even get to the else clause since $result just can't be 0. 如果INSERT mysql_query结果返回0，则您死于mysql_error（），您甚至不能进入else子句，因为$ result不能为0。

(and yes, I hope you sanitized your inputs before entering this function :-) （是的，我希望您在输入此功能之前先清理输入内容：-）

Answer 3

The problem here lies in your if statement. 这里的问题在于您的if语句。

if($existing_users != 0 && $existing_users2 != 0)

Should be 应该

if($existing_users != 0 || $existing_users2 != 0)

I don't know how your system works, but I guess that a username that exists in the tempMembers table doesn't necessarily exist in the registredMembers table. 我不知道您的系统如何工作，但我想tempMembers表中存在的用户名不一定在registredMembers表中存在。

You want the if statement to say: If the user exists in either the tempMembers table or registeredMembers table. 您希望if语句说：如果用户存在于tempMembers表或registeredMembers表中。

Edit : 编辑：

I guess the empty page you get is a page that will display errors if you active them. 我猜您得到的空白页是一个页面，如果您激活它们，它将显示错误。

Try adding this at the top of your php script: 尝试将其添加到您的php脚本的顶部：

error_reporting(E_ALL);
ini_set('display_errors', 1);

Answer 4

/I went through your code and added a little protection from injections as well as hopefully fixing your problem. /我仔细阅读了您的代码，并添加了一些防止注入的保护措施，并希望能解决您的问题。 Like Joachim said, when the mysql_num_rows didn't return anything, you die() the script. 就像乔亚希姆（Joachim）所说的那样，当mysql_num_rows没有返回任何内容时，您就死了（）脚本。

This is the code I whipped together, you need to check the tables are correct and like, as this was a real quick run through: 这是我一起编写的代码，您需要检查表的正确性和相似性，因为这是真正的快速遍历：

    <?php
    if($_POST['username']  && $_POST['email'] &&  isset($_POST['password'])  && isset($_POST['password2'])  && $_POST['password'] == $_POST['password2'])
    {
        include ('*********'); //my connection to the database
        $username = mysql_real_escape_string($_POST['username']);
        $email = mysql_real_escape_string($_POST['email']);
        $password = mysql_real_escape_string($_POST['password']);

        //check with the registred members
        $query1 = "SELECT * 
                     FROM registredMembers as users, 
                          tempMembers as temp
                     WHERE users.username = '$username' 
                        OR temp.username ='$username'";

        $check = mysql_query($query1, $conn) or die(mysql_error());

        if(mysql_num_rows($check) < 1)
        {
            $confirmCode = md5(uniqid(rand()));
            $query = "INSERT INTO tempMembers (`confirmCode`, `username`, `email`, `password`) VALUES ('$confirmCode', '$username', '$email', '$password')";
            $result = mysql_query($query, $conn) or die(mysql_error());

            if($result)
            {
                $to = $email;
                $subject = utf8_decode("Här är din bekräftelselänk");
                $header = utf8_decode("Från Adib Haider (PHP-Projekt)");
                $message = "Din bekräftelselänk \r\n";
                $message.= "Klicka på länken för att aktivera ditt konto \r\n";
                $message.= "http://labb.vgy.se/~adibbinhar/blogg/confirmation.php?passkey=$confirmCode";
                $sentmail = mail($to, $subject, utf8_decode($message), $header);

                if($sentmail)
                {
                    echo "<div id='msg'>Aktiveringsmailet har skickat till din e-postadress</div>";
                }
                else
                { 
                    echo "<div id='msg'>Aktiveringsmailet skickades inte</div>";
                }
            }

            else
            {
                echo "<div id='msg'>Testa igen</div>";
            }
        }

        else
        {
            echo "<div id='msg'>Användarnamnet är upptaget</div>";
        }   
    }
    else
    {
        echo "<div id='msg'>Prova igen</div>";
    }

检查用户名是否可用以及电子邮件验证

问题描述

4 个解决方案

解决方案1
2 2012-01-08 18:12:13

解决方案2
1 2012-01-08 17:48:04

解决方案3
1 2012-01-08 18:02:23

解决方案4
0 已采纳 2012-01-08 18:06:46

检查用户名是否可用以及电子邮件验证

问题描述

4 个解决方案

解决方案1 2 2012-01-08 18:12:13

解决方案2 1 2012-01-08 17:48:04

解决方案3 1 2012-01-08 18:02:23

解决方案4 0 已采纳 2012-01-08 18:06:46

解决方案1
2 2012-01-08 18:12:13

解决方案2
1 2012-01-08 17:48:04

解决方案3
1 2012-01-08 18:02:23

解决方案4
0 已采纳 2012-01-08 18:06:46