我是PHP和MySQL的初学者,我正在尝试为我目前正在从事的项目创建这个注册表单,这是PHP脚本,顺便说一句。如果有很多错误,那是因为我刚刚开始!
我遇到的问题是它不会检查数据库是否匹配电子邮件或用户名,因为如果匹配,它应该拒绝。
PHP代码:
<?php
//register php
error_reporting(0);
$regUsername = $_POST['reg-username'];
$regEmail = $_POST['reg-email'];
$regPassword = $_POST['reg-password'];
if(isset($regUsername) && isset($regEmail) && isset($regPassword)){
$connect = mysql_connect('localhost', 'root', '');
$selectDB = mysql_select_db('supermazad');
$query = mysql_query("INSERT INTO users (username, email, password) VALUES ('$regUsername', '$regEmail', '$regPassword')");
$checkIfSame = mysql_query("SELECT * FROM users WHERE username AND email LIKE '$query' ");
echo '<h1 class="successMessage">You have successfully registered!</h1>';
}
if($regUsername || $regEmail == $checkIfSame){
echo '<h1 class="errorMessage">The username or e-mail already exists.</h1>';
}
?>
将用户名和电子邮件插入数据库后,您正在尝试检查数据库中是否已存在用户名和电子邮件。您应该事先通过选择注册表中提供的用户名和电子邮件,或通过对用户名和电子邮件字段设置唯一键约束来检查。
- 请使用 mysqli 而不是 mysql,因为它更安全
- 删除error_reporting(0)
- 不要使用"喜欢",因为它可能会有很多结果
- MySQL 查询上的语法错误
试试这个只是调试如果有错误,但我认为这有效
$regUsername = $_POST['reg-username'];
$regEmail = $_POST['reg-email'];
$regPassword = $_POST['reg-password'];
if(isset($regUsername) && isset($regEmail) && isset($regPassword)){
$mysqli = mysqli_connect("localhost","root","","supermazad") or die("Error " . mysqli_error($mysqli));
$queryInsert = "INSERT INTO users (username, email, password)
VALUES
('$regUsername', '$regEmail', '$regPassword')";
mysqli_query($mysqli, $queryInsert); //this will insert the data from db
$queryUser = "SELECT username,email FROM users WHERE username = '$regUsername' AND email = '$regEmail'"; // this will authenticate and uses an exact match
$result = $mysqli->query($queryUser);
$row = mysqli_fetch_array($result);
echo '<h1 class="successMessage">You have successfully registered!</h1>';
}
if($regUsername == $row['username'] && $regEmail == $row['email']){ //this check if email and username are match with database $row['username'] store username from mysql field and $row['email'] do the same
echo '<h1 class="errorMessage">The username or e-mail already exists.</h1>';
}
顺便说一下,这对初学者来说是正常的,但请在不久的将来改进您的编码,使其更清晰和有条理
我认为你应该在$selectDB = mysql_select_db('supermazad');
之后这样做:
$checkIfSame = mysql_query("SELECT * FROM users WHERE username LIKE '".$regUsername."' OR email LIKE '".$regEmail."' ");
if (mysql_num_rows($checkIfSame ) > 0) {
echo '<h1 class="errorMessage">The username or e-mail already exists.</h1>';
} else {
//insert new user here
$query = mysql_query("INSERT INTO users (username, email, password) VALUES ('$regUsername', '$regEmail', '$regPassword')");
}
另外,您的帖子中有这个:
如果电子邮件或用户名匹配
所以你应该使用 OR
,而不是AND
试试这个:
$checkIfSame = mysql_query("SELECT * FROM users WHERE username LIKE '".$regUsername."' OR email LIKE '".$regEmail."' ");
if (mysql_num_rows($checkIfSame ) > 0) {
echo '<h1 class="errorMessage">The username or e-mail already exists.</h1>';
} else {
//insert new user here
$query = mysql_query("INSERT INTO users (username, email, password) VALUES ('$regUsername', '$regEmail', '$regPassword')");
}