检查是否使用了用户名
[英]Check if username is taken
问题描述
我需要检查用户名是否被使用,如果不允许,则不允许用户进行注册,它将重定向到注册页面,我应该在其中添加脚本来检查用户名是否被使用? 或在哪里可以获取脚本,这是我的脚本。
<?php
// Check if he wants to register:
if (!empty($_POST[username]))
{
// Check if passwords match.
if ($_POST[password] != $_POST[password2])
exit("Error - Passwords don't match. Please go back and try again.");
// Assign some variables.
$date = time (" d - m - Y ");
$ip = $_SERVER[REMOTE_ADDR];
require_once("connect.php");
// Register him.
$query = mysql_query("INSERT INTO members
(username, fname, email, password, date, ip)
VALUES ('$_POST[username]','$_POST[fname]','$_POST[email]','$_POST[password]','$date','$ip')")
or die ("Error - Couldn't register user.");
echo "Welcome $_POST[username]! You've been successfully reigstered!<br />
You Will Be Redirected To Our Home Page Where U Can Login ";
exit();
}
?>
3 个解决方案
解决方案1
3 2012-11-21 00:08:48
您需要先检查您的用户名是否存在:
SELECT count(1) FROM members WHERE username = '$_POST[username]'
然后,如果结果> 0,则抛出“ User already exists错误。
解决方案2
0 2012-11-21 00:11:54
我更新了您的代码,可能要检查是否使用了用户名。 就像其他人所说的那样,请阅读有关SQL注入攻击的内容并保护自己。
<?php
// Check if he wants to register:
if (!empty($_POST[username])) {
// Check if passwords match.
if ($_POST[password] != $_POST[password2])
exit("Error - Passwords don't match. Please go back and try again.");
// Assign some variables.
$date = time(" d - m - Y ");
$ip = $_SERVER[REMOTE_ADDR];
require_once("connect.php");
// CHEK IF USERNAME IS VALID
if (someFunctionThatChecksIfUsernameIsTaken($_POST['username'])) {
// Register him.
$query = mysql_query("INSERT INTO members
(username, fname, email, password, date, ip)
VALUES ('$_POST[username]','$_POST[fname]','$_POST[email]','$_POST[password]','$date','$ip')")
or die("Error - Couldn't register user.");
echo "Welcome $_POST[username]! You've been successfully reigstered!<br />
You Will Be Redirected To Our Home Page Where U Can Login ";
exit();
} else {
// redirect him back to the page and tell the user that the username is taken
}
}
?>
解决方案3
0 2012-11-21 01:14:12
我对您的代码进行了一些更改,以使其工作并清理它。
<?php
// Check if he wants to register
// - Make sure that param exists
// - Check length
if (isset($_POST['username']) && strlen($_POST['username']) > 0) {
// Check if passwords match.
// - Make sure that params exist
// - Check length
// - Check matching
if (!isset($_POST['password']) ||
!isset($_POST['password2']) ||
strlen($_POST['password']) === 0 ||
$_POST['password'] !== $_POST['password2']) {
die("Error - Passwords don't match. Please go back and try again.");
}
require_once("connect.php");
// Set array of params
$fields = array(
'username' => $_POST['username'],
'fname' => isset($_POST['fname']) ? $_POST['fname'] : '',
'email' => isset($_POST['email']) ? $_POST['email'] : '',
'password' => $_POST['password'],
'date' => date("d-m-Y"),
'ip' => $_SERVER[REMOTE_ADDR]
);
// Escape fields agains sql injection
$fields = array_map('mysql_real_escape_string', $fields);
// Check if member exists
$exists = mysql_num_rows(mysql_query("SELECT * FROM members WHERE username='" . $fields['username'] . "'"));
if ($exists === 0) {
// Insert member in DB
if (mysql_query("INSERT INTO `members` (`" . implode('`,`', array_keys($fields)) . "`) VALUES ('" . implode("','", array_values($fields)) . "')") !== false) {
echo "Welcome" . $_POST['username'] . "! You've been successfully reigstered!<br />
You Will Be Redirected To Our Home Page Where U Can Login ";
exit();
} else {
die("Error - Couldn't register user.");
}
} else {
die("Error - Member exists!");
}
}
?>
Ajax和MySQL出现问题以检查用户名是否已被使用
[英]Problem with Ajax and MySQL to check whether a username is already taken
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.