使用 PHP 检查用户名和电子邮件是不是已经存在 [重复]
Posted
技术标签:
【中文标题】使用 PHP 检查用户名和电子邮件是不是已经存在 [重复]【英文标题】:Check if Username and Email lalready exists using PHP [duplicate]使用 PHP 检查用户名和电子邮件是否已经存在 [重复] 【发布时间】:2016-09-05 18:14:23 【问题描述】:您好,我正在尝试让我的注册页面检查用户名或电子邮件是否已在使用中。但它只是检查了代码,就像它不是他们的一样,在你将其标记为 Check if username already exists using php 的欺骗之前,我已经去过那里,我尝试修复他们,但我没有工作,所以在这一点上我一无所知我已经尝试了所有我知道的东西!
注册页面的 HTML
<?php
session_start();
include 'header.php';
$url = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
if (strpos($url, 'error=username') !== false)
echo "<div class='transition' style='height: 20px; background-color: #ff6b66; text-align: center; margin-top: 30px; margin-right: 40%; margin-left: 40%; border-radius: 20px; padding: 5px;'>Fill out username box!</div>";
$url = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
if (strpos($url, 'error=password') !== false)
echo "<div class='transition' style='height: 20px; background-color: #ff6b66; text-align: center; margin-top: 30px; margin-right: 40%; margin-left: 40%; border-radius: 20px; padding: 5px;'>Fill out password box!</div>";
$url = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
if (strpos($url, 'error=first') !== false)
echo "<div class='transition' style='height: 20px; background-color: #ff6b66; text-align: center; margin-top: 30px; margin-right: 40%; margin-left: 40%; border-radius: 20px; padding: 5px;'>Fill out First Name box!</div>";
$url = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
if (strpos($url, 'error=last') !== false)
echo "<div class='transition' style='height: 20px; background-color: #ff6b66; text-align: center; margin-top: 30px; margin-right: 40%; margin-left: 40%; border-radius: 20px; padding: 5px;'>Fill out Last Name box!</div>";
$url = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
if (strpos($url, 'error=email') !== false)
echo "<div class='transition' style=' transition-delay: 1s;box-shadow: 0px 8px 16px 0px rgba(0,0,0,0.2); height: 20px; background-color: #ff6b66; text-align: center; margin-top: 30px; margin-right: 40%; margin-left: 40%; border-radius: 20px; padding: 5px;'>Fill out Email box!</div>";
$url = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
if (strpos($url, 'error=user_name_taken') !== false)
echo "<div class='transition' style='height: 20px; background-color: #ff6b66; text-align: center; margin-top: 30px; margin-right: 40%; margin-left: 40%; border-radius: 20px; padding: 5px;'>This username is already in use!</div>";
$url = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
if (strpos($url, 'error=user_email_taken') !== false)
echo "<div class='transition' style='height: 20px; background-color: #ff6b66; text-align: center; margin-top: 30px; margin-right: 40%; margin-left: 40%; border-radius: 20px; padding: 5px;'>This email is already in use!</div>";
if (isset($_SESSION['id']) !== true)
header('Location: ../login.php');
?>
<html>
<head>
<title>Add Teacher</title>
<link rel="stylesheet" type="text/css" href="../assets/css/adduser.css">
</head>
<body>
<div class="loginbox">
<h1 class="longintitle" style="font-family: Tahoma;">Add Teacher</h1>
<form class="form" action="../includes/adduser.php" method="post" enctype="multipart/form-data">
<input autocomplete="off" placeholder="Username" name="username" type="text" >
<input autocomplete="off" placeholder="Password" name="password" type="password">
<input autocomplete="off" placeholder="First Name" name="first" type="text">
<input autocomplete="off" placeholder="Last Name" name="last" type="text">
<input autocomplete="off" placeholder="Email" name="email" type="email">
<input class="loginbutton" name="create" type="submit" value="Create">
</form>
<p>Students will be in beta copie THIS IS ALPHA</p>
</div>
</body>
</html>
php 给它
<?php
session_start();
include_once("../includes/db.php");
$id = $_POST['id'];
$username = $_POST['username'];
$password = $_POST['password'];
$first = $_POST['first'];
$last = $_POST['last'];
$email = $_POST['email'];
if (empty($username))
header('Location: ../teacher/adduser.php?error=username');
exit();
if (empty($password))
header('Location: ../teacher/adduser.php?error=password');
exit();
if (empty($first))
header('Location: ../teacher/adduser.php?error=first');
exit();
if (empty($last))
header('Location: ../teacher/adduser.php?error=last');
exit();
if (empty($email))
header('Location: ../teacher/adduser.php?error=email');
exit();
else
$sql = "SELECT * FROM user WHERE username='".$username."'";
$result = mysqli_query($conn, $sql);
$usernamecheck = mysql_num_rows($result);
if ($usernamecheck > 0)
header('Location: ../teacher/adduser.php?error=user_name_taken');
exit();
$sql = "SELECT * FROM user WHERE email='$email'";
$result = mysqli_query($conn, $sql);
$emailtaken = mysql_num_rows($result);
if ($emailtaken > 0)
header('Location: ../teacher/adduser.php?error=user_email_taken');
exit();
else
$sql = "INSERT INTO user (id, username, password, first, last, email) VALUES ('$id', '$username', '$password', '$first', '$last', '$email')";
$result = mysqli_query($conn, $sql);
header('Location: ../teacher/adduser.php');
?>
如果需要但“怀疑”db.php
<?php
$conn = mysqli_connect("localhost", "dbuser", "dbpass", "dbmain");
if (!@mysqli_connect("localhost", "dbuser", "dbpass", "dbmain"))
echo "<div style=' box-shadow: 0px 8px 16px 0px rgba(0,0,0,0.2); padding: 3px; background-color: red; height: 20px;'><h3 style='text-align: center;'>Cannot connect to database have the admin take a look!</h3></div>";
die(mysql_error());
else
echo "<div style=' box-shadow: 0px 8px 16px 0px rgba(0,0,0,0.2); padding: 3px; background-color: lightgreen; height: 20px;'><h3 style='text-align: center;'>Connected to database Successfully!</h3></div>";
?>
请帮助我不知道如何解决这个问题!如果您需要更多信息,请询问。
提前致谢!
【问题讨论】:
该代码很容易受到 sql 注入攻击。 您从不在数据库中存储密码。绝不。时期。您存储的是密码散列。然后,在身份验证时,您再次散列提交的密码并比较散列。这样,即使您的系统被入侵,您也不会泄露您的用户密码。使用 good 散列算法。存在许多关于该主题的好教程。 “在你把它标记为骗子之前” - 它可能已经被你发布的内容关闭了,因为你说它不是骗子。他们这里没有混用 MySQL API,分别关闭了。 【参考方案1】:由于您使用的是 mysqli,我认为您可能需要将 mysql_num_rows 替换为 mysqli_num_rows。 (mysqli_num_rows 中缺少“i”)。
【讨论】:
【参考方案2】:在获取行时将“mysql_num_rows”替换为“mysqli_num_rows”。因为 $conn 是一个“mysqli_connect”实例。
【讨论】:
以上是关于使用 PHP 检查用户名和电子邮件是不是已经存在 [重复]的主要内容,如果未能解决你的问题,请参考以下文章