我是PHP新手,我创建了一个登录/注册区域。一切都运作良好,但我有一件事情一直出错。用户成功注册后,将发送一封自动电子邮件,其中包含登录详细信息:Username = X和Password = Y.除用户名外,所有内容都显示在消息中。如何从消息中的mysql数据库中获取该信息(= data)?
以下是完整的代码:
<?php
define('INCLUDE_CHECK',true);
require 'connect.php';
require 'functions.php';
// Those two files can be included only if INCLUDE_CHECK is defined
session_name('tzLogin');
// Starting the session
session_set_cookie_params(2*7*24*60*60);
// Making the cookie live for 2 weeks
session_start();
if($_SESSION['id'] && !isset($_COOKIE['tzRemember']) && !$_SESSION['rememberMe'])
{
// If you are logged in, but you don't have the tzRemember cookie (browser restart)
// and you have not checked the rememberMe checkbox:
$_SESSION = array();
session_destroy();
// Destroy the session
}
if(isset($_GET['logoff']))
{
$_SESSION = array();
session_destroy();
header("Location: default.php");
exit;
}
if($_POST['submit']=='Login')
{
// Checking whether the Login form has been submitted
$err = array();
// Will hold our errors
if(!$_POST['username'] || !$_POST['password'])
$err[] = 'All the fields must be filled in!';
if(!count($err))
{
$_POST['username'] = mysql_real_escape_string($_POST['username']);
$_POST['password'] = mysql_real_escape_string($_POST['password']);
$_POST['rememberMe'] = (int)$_POST['rememberMe'];
// Escaping all input data
$row = mysql_fetch_assoc(mysql_query("SELECT id,usr FROM tz_members WHERE usr='{$_POST['username']}' AND pass='".md5($_POST['password'])."'"));
if($row['usr'])
{
// If everything is OK login
$_SESSION['usr']=$row['usr'];
$_SESSION['id'] = $row['id'];
$_SESSION['rememberMe'] = $_POST['rememberMe'];
// Store some data in the session
setcookie('tzRemember',$_POST['rememberMe']);
}
else $err[]='Wrong username and/or password!';
}
if($err)
$_SESSION['msg']['login-err'] = implode('<br />',$err);
// Save the error messages in the session
header("Location: default.php");
exit;
}
else if($_POST['submit']=='Register')
{
// If the Register form has been submitted
$err = array();
if(strlen($_POST['username'])<4 || strlen($_POST['username'])>32)
{
$err[]='Your username must be between 3 and 32 characters!';
}
if(preg_match('/[^a-z0-9\-\_\.]+/i',$_POST['username']))
{
$err[]='Your username contains invalid characters!';
}
if(!checkEmail($_POST['email']))
{
$err[]='Your email is not valid!';
}
if(!count($err))
{
// If there are no errors
$pass = substr(md5($_SERVER['REMOTE_ADDR'].microtime().rand(1,100000)),0,6);
// Generate a random password
$_POST['email'] = mysql_real_escape_string($_POST['email']);
$_POST['username'] = mysql_real_escape_string($_POST['username']);
// Escape the input data
mysql_query(" INSERT INTO tz_members(usr,pass,email,regIP,dt)
VALUES(
'".$_POST['username']."',
'".md5($pass)."',
'".$_POST['email']."',
'".$_SERVER['REMOTE_ADDR']."',
NOW()
)");
//The message
$message =
"Hello, \n
Thank you for registering with us. \n
Here are your login details: \n
Username: ??? <--this is where I want the code for getting username \n
Password: $pass \n
Thank You
Administrator
www.***.com
______________________________________________________
THIS IS AN AUTOMATED RESPONSE.
***DO NOT RESPOND TO THIS EMAIL****";
if(mysql_affected_rows($link)==1)
{
send_mail( 'admin@***.com',
$_POST['email'],
'Registration System - Your New Password',
$message);
$_SESSION['msg']['reg-success']='We sent you an email with your new password!';
}
else $err[]='This username is already taken!';
}
if(count($err))
{
$_SESSION['msg']['reg-err'] = implode('<br />',$err);
}
header("Location: default.php");
exit;
}
非常感谢。
答案 0 :(得分:1)
嗯,即使你不清楚如何访问你的数据库,最简单的方法是使用select语句查询你需要的信息。
//use a prepare statement for added security, and to prevent sql injection
if ($select_stmt = $mysqli->prepare("SELECT username, password FROM users WHERE email = ?"))
{
$select_stmt->bind_param("s", $email); //this is the email from our user
$select_stmt->execute();
$select_stmt->store_result();
//if the query yield any result (thats to say the email is from a valid user)
if ($select_stmt->num_rows() > 0)
{
$select_stmt->bind_result($username,$password);
$select_stmt->fetch();
}
}
现在您可以使用存储在变量上的数据库中的值,如下所示:
$message = "Hello, \n Thank you for registering with us. \n Here are your login details: \n
Username: $username \n
Password: $password \n
Thank You
Administrator
www.***.com
_____________________________________________________
THIS IS AN AUTOMATED RESPONSE.
***DO NOT RESPOND TO THIS EMAIL****";
希望这是你正在寻找的,并且你可以在这段旅程中学到更多。
现在你发布完整的代码就更容易了 只需执行以下操作:
$username = $_POST['username'];
$message = "Hello, \n Thank you for registering with us. \n Here are your login details: \n
Username: $username \n
Password: $password \n
Thank You
Administrator
www.***.com
_____________________________________________________
THIS IS AN AUTOMATED RESPONSE.
***DO NOT RESPOND TO THIS EMAIL****";