使用PHP检查MYSQL是否存在用户和电子邮件
[英]Checking if user & email exists on MYSQL with PHP
问题描述
我到处搜索,但是找不到正确的东西。 我有输入:用户名,密码和电子邮件。
我想检查用户名和电子邮件,并知道它们是否存在于数据库中。
如果是,则给出一个na错误;如果没有,则创建一个新帐户。
所以这是我现在的代码:
形式
<?php
function formulary() {
?>
<section class="container">
<div class="register">
<h1>Create an account</h1>
<form method="post">
<p><input type="text" name="username" value="" placeholder="Username" maxlength="25"></p>
<p><input type="password" name="password" value="" placeholder="Password" maxlength="25"></p>
<p><input type="email" name="email" value="" placeholder="E-Mail" maxlength="50"></p>
<div class="buttons">
<input type="submit" name="register" value="Register">
<input type="button" name="cancel" value="Cancel" onClick="window.location='login.php';">
</div>
</form>
</div>
</section>
<?php
}
?>
校验
<?php
function registNew() {
$con = mysqli_connect("localhost","root","","work");
$username = mysqli_real_escape_string($con , $_POST["username"]);
$password = mysqli_real_escape_string($con , $_POST["password"]);
$email = mysqli_real_escape_string($con , $_POST["email"]);
if(mysqli_connect_errno())
{
echo "Error MySQL: " .mysqli_connect_errno();
}
$sqlUser = "SELECT * FROM users WHERE username = '".$username."'";
$rs = mysqli_query($con ,$sqlUser);
$numUsers = mysqli_num_rows($rs);
if($numUsers > 0) {
echo "User already exists<br/>";
}
else
{
$sqlEmail = "SELECT * FROM utilizadores WHERE email = '".$email."'";
$rs = mysqli_query($con ,$sqlEmail);
$numEmails = mysqli_num_rows($rs);
if($numEmails > 0) {
echo "E-Mail already exists<br/>";
}
else
{
$newUser= "INSERT INTO utilizadores(username,password,email) VALUES('$username','$password','$email')";
if(mysqli_query($con ,$newUser))
{
echo "Account has been created!<br/>";
mysqli_close($con);
header('Location: login.php');
}
else
{
echo "Error at adding user<br/>";
header("refresh:5;url=register.php");
}
}
}
}
?>
结束
<?php
if(!isset($_SESSION)) {
session_start();
}
if(!isset($_POST["register"]))
{
formulary();
}
else
{
registNew();
}
?>
创建不存在的帐户的输出为:
添加用户时出错
我在PHP上还很新,所以不知道出什么问题了。 是因为我对用户名和电子邮件使用了相同的变量(check / sql / etc变量)还是我做错了?
知道为什么这行不通吗?
1 个解决方案
解决方案1
1 已采纳 2015-03-11 11:21:56
我编辑了registNew函数的第一部分,以检查是否有任何结果。 一切当然都逃脱了,所以你很安全。
function registNew() {
$con = mysqli_connect("localhost","root","","work");
$username = mysqli_real_escape_string($con, $_POST["username"]);
$password = mysqli_real_escape_string($con, $_POST["password"]);
$email = mysqli_real_escape_string($con, $_POST["email"]);
if(mysqli_connect_errno())
{
echo "Error MySQL: " .mysqli_connect_errno();
}
$rsUsers = mysqli_query($con,"SELECT * FROM users WHERE username = '".$username."'");
$rsEmails = mysqli_query($con,"SELECT * FROM users WHERE email = '".$email."'");
$numUsers = mysqli_num_rows($rsUsers);
$numEmails = mysqli_num_rows($rsEmails);
if($numUsers > 0 || $numEmails > 0) {
echo "User already exists";
}
else
{
$newUser= "INSERT INTO users(username,password,email) VALUES('$username','$password','$email')";
if(mysqli_query($con,$newUser))
{
echo "Account has been created<br/>";
/* header('Location: login.php'); */
}
else
{
echo "Error at adding user<br/>";
header("refresh:5;url=register.php");
}
}
}
检查用户是否存在-MySQL
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.