我有这个表格,用户可以将机密信息保存到数据库:
<h3>Saving Progress For Existing User</h3>
Your user id is the only way you can save, view and use your points, coupons and discounts.<br><br>
In order to save your points, enter your user id and username below: <br><br>
<form id="SaveProgress" name="SaveProgress" action="saveProgress" method="POST">
User ID:<input type="text" id="save_user" name="save_user" pattern=".{5,7}" required title="5 to 7 characters" value="" required>
Username:<input type="text" id="save_username" name="save_username" pattern=".{5,7}" required title="5 to 7 characters" value="" required>
<button style="border:none; padding:1%; cursor:pointer;" type="submit">Save My Points</button></form>
不 登录表单,用户不会被定向到帐户页面,但出于隐私和安全考虑,用户需要输入他们的用户ID及其用户名,用于在数据库中注入更新。如果用户名和USER ID与现有条目匹配,则会注入数据,否则将弹出错误消息。
如何检查用户名和用户ID是否与现有条目匹配?