检查数据库中是否存在用户名，电子邮件，Twitter帐户？

Question

我有一个注册表，用户可以在其中插入他的联系信息：

 1. username
 2. email
 3. twitter ID
 4. cell number

我接下来要做的是检查数据库，如果其中任何一个已经存在，我想向用户显示一条消息，通知用户该数据库已经存在。

示例：如果用户插入了用户名"jhon"我想显示一条消息“ username已存在”。

简而言之，我只是不想显示诸如“用户名或电子邮件或Twitter ID或单元号存在”之类的消息。 该消息应定义哪个输入已经存在。

这是我的代码：

注：我知道我必须使用mysqli而不是mysql ，但我在这里使用它，例如只

<?php
    $query = mysql_query("SELECT * FROM `members` WHERE `username` = '". $username ."' OR  `email` = '". $email ."' OR  `twitterID` = '". $twitterID ."' OR `cellNum` = '". $cellNum ."'");
    if (mysql_num_rows($query) > 0)
    {
        echo 'Username or email or twitter ID or cell number already in use.';
    }
?>

我希望我很清楚...

任何帮助将不胜感激。

Answer 1

是不是很直接？ 还是我错过了一些显而易见的事情？

$query = mysql_query("SELECT * FROM `members` WHERE `username` = '". $username ."' OR  `email` = '". $email ."' OR  `twitterID` = '". $twitterID ."' OR `cellNum` = '". $cellNum ."'");
$row = mysql_fetch_assoc($query);

if (isset($row['username'])) {
   echo 'Username already exists.';
} else if (isset($row['email'])) {
   echo 'Email already exists.';
} else if (isset($row['twitterID'])) {
   echo 'Twitter account already exists.';
} else if (isset($row['cellNum'])) {
   echo 'cellNum account already exists.';
} else {
   echo 'OK';
}

Answer 2

你快到了。 您只需要检查返回的行是否匹配：

if(mysql_num_rows($query)>0){ //we know we have something
    $err_out="";
    while($r=mysql_fetch_assoc($query)){//Iterate over all rows
        if($username===$r["username"]){ 
            $err_out="Username"; //Set specific error message
            break;
        }else if($twitterID===$r["twitterID"]){
            $err_out="Twitter ID";
            break;
        }else if($cellNum===$r["cellNum"]){
            $err_out="Cellphone number";
            break;
        }else if($email===$r["email"]){
            $err_out="Email";
            break;
        }
    } //while
if($err_out===""){ /*something's wrong, sql injection maybe? */ }
else
    echo "Error: $err_out already exists";
}//if

最后的代码绝不是防止注入，仅仅是完整性检查。 它也会在第一场比赛中停止，要继续，您可以执行以下操作

if($err_out!=="") $err_out.=", ";
$err_out.="Twitter ID";

并且当然删除break语句。 这会产生类似

Error: Username, Twitter ID already exists

如果您不介意稍微滥用英语（多项存在“存在”）

Answer 3

使用它作为查询（请注意，可能存在SQL注入漏洞）：

SELECT (username like '$username') as UsernameExists, (email like '$email') as EmailExists, (twitterID like '$twitterID') AS TwitterIDExists, (cellNum like '$cellNum') as CellExists WHERE username like '$username' OR email like '$email' OR twitterID like '$twittterID' OR cellNum like '$cellNum'

此sql查询将返回类似“ UsernameExists”和“ CellExists”的列。 该值只能是0或1。如果该值已经存在，则为1。

然后，在使用mysqli_query运行查询之后，使用以下代码查找已经存在的数据：

<?php
$alreadyExist = array();

// Loop through the entire result set from the database. 
while($row = mysql_fetch_assoc($query)) {
    // Look through all of the columns in the database. 
    foreach($row as $key => $value) {
        // If we find that one of the columns has 1, then append to the array of columns that already exist. 
        if ($value == 1) {
            $alreadyExist[] = substr($key, 0, -6);
        }

    }
}
// If we found information that exists in the database, then print out which ones already exist. 
if (!empty($alreadyExist)) echo "The following already exist: ". implode($alreadyExist);
?>

现在完整的代码如下所示：

<?php

$username = "username";
$email = 'test@test.com';
$twitterID = "@sometwitterID";
$cell = "123.123.1234";

$sql = "
SELECT 
    (A.username like '$username') as UsernameExists, 
    (A.email like '$email') as EmailExists, 
    (A.twitterID like '$twitterID') AS TwitterIDExists, 
    (A.cellNum like '$cell') as CellExists
FROM test.testing A
WHERE
    A.username like '$username' OR
    A.email like '$email' OR
    A.twitterID like '$twitterID' OR
    A.cellnum like '$cell'
";



$link = mysqli_connect("localhost", "user", "password", "databasename");

/* check connection */
if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
}

/* If we have to retrieve large amount of data we use MYSQLI_USE_RESULT */
if ($result = mysqli_query($link, $sql)) {

    $alreadyExist = array();

    // Loop through the entire result set from the database. 
    while($row = mysqli_fetch_assoc($result)) {
        // Look through all of the columns in the database. 
        foreach($row as $key => $value) {
            // If we find that one of the columns has 1, then append to the array of columns that already exist. 
            if ($value == 1) {
                $alreadyExist[] = substr($key, 0, -6);
            }

        }
    }

  mysqli_free_result($result);
} else {
    echo mysqli_error($link);
}

mysqli_close($link);



// If we found information that exists in the database, then print out which ones already exist. 
if (!empty($alreadyExist)) 
    echo "The following already exist: ". implode($alreadyExist,", ");
else 
    echo "No Existing Rows!";

?>