这是我的代码,它似乎工作正常,怎么看起来不对。我知道我很容易被注射。只是想知道这个是否是比较两个密码的最佳方法吗?
if (empty($_POST['password'])) {
$errors[] = "Please enter a password";
} else {
if ($_POST['password'] != $_POST['password1']) {
$errors[] = "Your password did not match the confirmed password";
} else {
$p = $_POST['password'];
}
}
你的代码很好,我只是写得有点不同:
if (empty($_POST['password'])) {
$errors[] = "Please enter a password";
} elseif($_POST['password'] !== $_POST['password1']) {
$errors[] = "Your password did not match the confirmed password";
} else {
$p = $_POST['password'];
}
我建议你必须在一开始就检查$_POST['password']
和$_POST['password1']
。
if (!empty($_POST['password']) && !empty($_POST['password1'])) {
if (strcmp($_POST['password'], $_POST['password1']) === 0) {
$p = $_POST['password'];
} else {
$errors[] = "Your password did not match the confirmed password";
}
} else {
$errors[] = "Please enter a password";
}