我正在尝试创建一个register page,在此我有几个我想完成的任务。
1)The username to only accept a-z A-Z 0-10 characters
2)The passwords being entered at the stage of registration are checked to
see if they match, if not get the user to try again
3)Set the passwords to only accept A-Z a-z 0-10 ! characters
我正在研究task 2,我已经运行的代码但是虽然它显示错误,但它仍然在数据库中输入数据。不知道我要去哪里。
if(isset($_POST['submit'])){
$username = mysql_real_escape_string($_POST['username']);
$password1 = mysql_real_escape_string($_POST['password1']);
$password2 = mysql_real_escape_string($_POST['password2']);
$email = mysql_real_escape_string($_POST['email']);
$selected = mysql_select_db("register", $dbhandle);
$query = "SELECT * FROM users WHERE email='".$email."'
OR username= '".$username."'";
$result = mysql_query($query);
if(mysql_num_rows($result) > 0){
echo "A record already exists.";
exit;
}
else{
$insert = mysql_query("INSERT into users (username, password1, password2, email) VALUES
('".$username."','".$password1."','".$password2."','".$email."')");
}
if($insert){
echo "Success";
}
else{
echo "There was an error " . mysql_error();
}
mysql_close();
if ($_POST['password1']!= $_POST['password2'])
{
echo("Oops! Password did not match! Try again. ");
}
}
?>
答案 0 :(得分:0)
您需要检查注册过程中是否有任何错误,如果没有,则将数据插入数据库。检查以下代码;
$err = "";
//your extra code and validations
if ($_POST['password1']!= $_POST['password2'])
$err .= "Oops! Password did not match! Try again."; //append to $err
if ($err=="")
{
//insert here
}
//display $err somewhere below
或者您需要像这样修改您的代码
if(isset($_POST['submit']))
{
$username = mysql_real_escape_string($_POST['username']);
$password1 = mysql_real_escape_string($_POST['password1']);
$password2 = mysql_real_escape_string($_POST['password2']);
$email = mysql_real_escape_string($_POST['email']);
$selected = mysql_select_db("register", $dbhandle);
$query = "SELECT * FROM users WHERE email='".$email."' OR username= '".$username."'";
$result = mysql_query($query);
if(mysql_num_rows($result) > 0)
{
echo "A record already exists.";
exit;
}
else
{
if ($_POST['password1']!= $_POST['password2'])
echo("Oops! Password did not match! Try again. ");
else
{
$insert = mysql_query("INSERT into users (username, password1, password2, email) VALUES ('".$username."','".$password1."','".$password2."','".$email."')");
if($insert)
echo "Success";
else
echo "There was an error " . mysql_error();
}
}
mysql_close();
}
仅接受a-z A-Z 0-10个字符的用户名
使用以下代码进行用户名验证
if (preg_match('/^[a-zA-Z0-9]+$/', $username))
echo "valid username";
else
echo "invalid username";
将密码设置为仅接受A-Z a-z 0-10!字符
使用以下代码进行密码验证
if (preg_match('/^[a-zA-Z0-9!]+$/', $password1))
echo "valid password";
else
echo "invalid password";
完整代码
if(isset($_POST['submit']))
{
$username = mysql_real_escape_string($_POST['username']);
$password1 = mysql_real_escape_string($_POST['password1']);
$password2 = mysql_real_escape_string($_POST['password2']);
$email = mysql_real_escape_string($_POST['email']);
$selected = mysql_select_db("register", $dbhandle);
$query = "SELECT * FROM users WHERE email='".$email."' OR username= '".$username."'";
$result = mysql_query($query);
if(mysql_num_rows($result) > 0)
{
echo "A record already exists.";
exit;
}
else
{
if ($_POST['password1']!= $_POST['password2'])
echo("Oops! Password did not match! Try again. ");
else
{
//too many if/else blocks but don't want to change the structure of your code
if (!preg_match('/^[a-zA-Z0-9]+$/', $username))
echo "invalid username";
else
{
if (!preg_match('/^[a-zA-Z0-9!]+$/', $password1))
echo "invalid password";
else
{
$insert = mysql_query("INSERT into users (username, password1, password2, email) VALUES ('".$username."','".$password1."','".$password2."','".$email."')");
if($insert)
echo "Success";
else
echo "There was an error " . mysql_error();
}
}
}
}
mysql_close();
}
答案 1 :(得分:0)
回声不会中止执行。您的代码可能如下所示:
if ($_POST['password1']!= $_POST['password2'])
{
echo("Oops! Password did not match! Try again. ");
}
saveToDb();
如上所述,如果“如果password1和password2不匹配,则回显错误消息。无论如何,请保存saveToDB。”
如果要中止执行,请使用exit而不是echo或确保仅在表单有效时执行saveToDb,例如像这样:
$valid = true;
if ($_POST['password1']!= $_POST['password2'])
{
echo "No Match";
$valid = false;
}
if (...)
{
echo "...";
$valid = false;
}
...
if ($valid)
{
saveToDb();
}
答案 2 :(得分:0)
你在哪里:
echo("Oops! Password did not match! Try again. ");
你需要" $ failflag = 1"然后你输入数据的DBQuery只需添加一个if子句;
if($failflag==1)
//Dont do db stuff
else
//Do do db stuff
编辑:
尽量远离已弃用的mysql_query函数,如果你对如何使用OOP有点遗失,我建议使用这个类,它对初学者有好处:
答案 3 :(得分:0)
HI对于第1和第3个任务,您可以使用正则表达式
http://php.net/manual/en/function.preg-match.php http://www.regular-expressions.info/
对于第二项任务,您需要在
之后退出脚本echo("Oops! Password did not match! Try again. ");
或者你需要写下面的
if(//username is not OK){
//echo error
}
else if(//password is not OK){
//echo error
}
else if ($_POST['password1']!= $_POST['password2'])
{
echo("Oops! Password did not match! Try again. ");
}
else{
//insert in database
}