[英]PHP registration form print error
完成制作php / mysql登录系统。 我还制作了一个可以使用的注册系统,但是如果电子邮件/用户名已经注册,或者输入中的用户名或密码丢失等,我需要使其在html中打印出错误。
现在,它会自动消失,并在空白页上打印出错误消息。
看起来像这样:
if(empty($_POST['password']))
{
die("Please enter a password");
}
我已经试过了:
$errors = array();
if(empty($_POST['password']))
{
$errors[] = 'Please enter a password';
}
然后将其打印到html中。 但是它将忽略密码输入,而只是注册用户帐户(使用加密的密码,在phpmyadmin中)。
似乎必须以某种方式死亡,但是我应该怎么做?
这是整个代码:
<?php
require("*mysql_connection file*");
if(!empty($_POST))
{
if(empty($_POST['username']))
{
die("Please enter a username.");
}
$errors = array();
if(empty($_POST['password']))
{
$errors[] = 'Please enter your password';
}
if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
{
die("Invalid E-Mail Address");
}
$query = "
SELECT
1
FROM users
WHERE
username = :username
";
$query_params = array(
':username' => $_POST['username']
);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
$row = $stmt->fetch();
if($row)
{
die("This username is already in use");
}
$query = "
SELECT
1
FROM users
WHERE
email = :email
";
$query_params = array(
':email' => $_POST['email']
);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
$row = $stmt->fetch();
if($row)
{
die("Email already registered.");
}
$query = "
INSERT INTO users (
username,
password,
salt,
email
) VALUES (
:username,
:password,
:salt,
:email
)
";
$salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647));
$password = hash('sha256', $_POST['password'] . $salt);
for($round = 0; $round < 65536; $round++)
{
$password = hash('sha256', $password . $salt);
}
$query_params = array(
':username' => $_POST['username'],
':password' => $password,
':salt' => $salt,
':email' => $_POST['email']
);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
header("Location: *login page*");
die("Redirecting to *login page*");
}
?>
<?php
require("*mysql_connection file*");
if(!empty($_POST))
{
if(empty($_POST['username']))
{
die("Please enter a username.");
}
$errors = array();
if(empty($_POST['password']))
{
$errors[] = 'Please enter your password';
}
if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
{
die("Invalid E-Mail Address");
}
$query = "
SELECT
1
FROM users
WHERE
username = :username
";
$query_params = array(
':username' => $_POST['username']
);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
$row = $stmt->fetch();
if($row)
{
die("This username is already in use");
}
$query = "
SELECT
1
FROM users
WHERE
email = :email
";
$query_params = array(
':email' => $_POST['email']
);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
$row = $stmt->fetch();
if($row)
{
die("Email already registered.");
}
$query = "
INSERT INTO users (
username,
password,
salt,
email
) VALUES (
:username,
:password,
:salt,
:email
)
";
$salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647));
$password = hash('sha256', $_POST['password'] . $salt);
for($round = 0; $round < 65536; $round++)
{
$password = hash('sha256', $password . $salt);
}
$query_params = array(
':username' => $_POST['username'],
':password' => $password,
':salt' => $salt,
':email' => $_POST['email']
);
if (empty($errors)) { /********* EDITS ***********/
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
}/********* EDITS ***********/
header("Location: *login page*");
die("Redirecting to *login page*");
}
?>
这远非最佳,但我无法重写您的整个代码。 主要说明是使用openssl_random_pseudo_bytes而不是您自己的东西来补充盐,或者您可以仅从mcrypt函数系列中删除IV。
尝试这个 :-
if(""== trim($_POST['password']))
{
die("Please enter a password");
}
else //password is entered
{
//your code
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.