stackoom
  简体   繁体   中英

Difficulty checking for existing user registration php/mysqli

 原文  2013-12-01 09:08:09       php/ mysql/ sql/ username

Question

I am having issues denying the registration of existing users. please see code below, and further details below that. 

<?php
//connect to sql
 $con=mysqli_connect("host","user","pass","db");
  if (mysqli_connect_errno())
   {
   echo "Failed to connect to MySQL: " . mysqli_connect_error();
   }

//pull user id from form input
$uid=$_POST[uid];

//make sure input is not blank
if($uid==""){echo 'Please enter a username.';exit();}

//make sure it is alphanumeric input only
if(!ctype_alnum($uid)){echo 'The username chosen must be alpha-numberic (A-z,0-9),   
without special characters. Please use the back button in your
browser to try again using only alpha-numeric input.';exit();}


//check if user exists
$query=mysqli_query($con, "SELECT * FROM user WHERE uid='$uid'");
if(!$query){die 'query failed to execute';}

if(mysqli_num_rows($query)!=0){echo 'user already exists. Use back button and enter a new username'; exit();
}

//insert record into DB
$sql= "INSERT INTO user (uid, addr, password, passwordlastchanged, email)
 VALUES
 ('$uid', '$_POST[addr]', '$_POST[pwd]','today', '$_POST[email]')";

 if (!mysqli_query($con,$sql))
   {
   die('Error: ' . mysqli_error($con));
   }
 echo "1 record added";

 mysqli_close($con);
 ?>

So when I input through my form it works fine, its just that if I try to register an already existing username, it allows it, when I have setup the query to look for an existing entry and cancel if it finds it (or so i thought...).

can you see what I am doing wrong? again I want it to check for the user name and deny further action if it finds it..

I know this is probably lacking in security, I am unfortunately learning as I go so just getting things to work comes first :) Although security suggestions will be logged and considered at the right time.

I spent an enormous amount of time researching this and I feel like I've tried a lot of various query/ function combos.

1 answers

solution1
 0  2013-12-01 10:02:28

Try 

if(mysqli_num_rows($query)>0)

instead of 

 if(mysqli_num_rows($query)!=0)

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Simple but secure user registration with PHP and mysqli Simple User Registration & Login Script in PHP and MySQLi PHP and mysqli registration page not working Registration form with php and mysqli not working PHP mySQLi: if “&&” protocol and mySQLi statement error checking Checking for existing records with MySQLi prepared statement registration form checking order in php? mysqli registration script, check if user or email exsist Difficulty checking if elements in array are type integer PHP Creating a registration and login page using PHP MYSQLI
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM