我尝试了很多使这个代码适用于我的registration.php页面,我只想检查我的数据库中是否已经注册了电子邮件和用户名。我尝试只检查用户名,它工作正常,但现在我也想检查电子邮件是否已注册。任何有关这方面的帮助将非常感谢。下面是我的registration.php的代码,希望有人会帮忙!谢谢!
<?php
/*
Our "config.inc.php" file connects to database every time we include or require
it within a php script. Since we want this script to add a new user to our db,
we will be talking with our database, and therefore,
let's require the connection to happen:
*/
require("config.inc.php");
//if posted data is not empty
if (!empty($_POST)) {
//If the username or password is empty when the user submits
//the form, the page will die.
//Using die isn't a very good practice, you may want to look into
//displaying an error message within the form instead.
//We could also do front-end form validation from within our Android App,
//but it is good to have a have the back-end code do a double check.
if (empty($_POST['username']) || empty($_POST['password']) || empty($_POST['FullName']) || empty($_POST['emailadd'])) {
// Create some data that will be the JSON response
$response["success"] = 0;
$response["message"] = "Please fill in all the fields!";
//die will kill the page and not execute any code below, it will also
//display the parameter... in this case the JSON data our Android
//app will parse
die(json_encode($response));
}
//if the page hasn't died, we will check with our database to see if there is
//already a user with the username specificed in the form. ":user" is just
//a blank variable that we will change before we execute the query. We
//do it this way to increase security, and defend against sql injections
$query = " SELECT 1 FROM users WHERE username = :user , eadd = :email";
//now lets update what :user should be
$query_params = array(
':user' => $_POST['username'],
':email' => $_POST['eadd']
);
//Now let's make run the query:
try {
// These two statements run the query against your database table.
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch (PDOException $ex) {
// For testing, you could use a die and message.
//die("Failed to run query: " . $ex->getMessage());
//or just use this use this one to product JSON data:
$response["success"] = 0;
$response["message"] = "Database Error1. Please Try Again!";
die(json_encode($response));
}
//fetch is an array of returned data. If any data is returned,
//we know that the username is already in use, so we murder our
//page
$row = $stmt->fetch();
if ($row) {
// For testing, you could use a die and message.
//die("The username is already in use! Try a different username!");
//You could comment out the above die and use this one:
$response["success"] = 0;
$response["message"] = "The username is already in use! Try a different username!";
die(json_encode($response));
}
//If we have made it here without dying, then we are in the clear to
//create a new user. Let's setup our new query to create a user.
//Again, to protect against sql injects, user tokens such as :user and :pass
$query = "INSERT INTO users ( username, password, FullName, eadd ) VALUES ( :user, :pass, :fulnme, :email )";
//Again, we need to update our tokens with the actual data:
$query_params = array(
':user' => $_POST['username'],
':pass' => $_POST['password'],
':fulnme' => $_POST['FullName'],
':email' => $_POST['eadd']
);
//time to run our query, and create the user
try {
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch (PDOException $ex) {
// For testing, you could use a die and message.
//die("Failed to run query: " . $ex->getMessage());
//or just use this use this one:
$response["success"] = 0;
$response["message"] = "Database Error2. Please Try Again!";
die(json_encode($response));
}
//If we have made it this far without dying, we have successfully added
//a new user to our database. We could do a few things here, such as
//redirect to the login page. Instead we are going to echo out some
//json data that will be read by the Android application, which will login
//the user (or redirect to a different activity, I'm not sure yet..)
$response["success"] = 1;
$response["message"] = "Registration was successful!";
echo json_encode($response);
//for a php webservice you could do a simple redirect and die.
//header("Location: login.php");
//die("Redirecting to login.php");
} else {
?>
<h1>Register</h1>
<form action="register.php" method="post">
Full Name<br />
<input type="text" name="Name" value="" />
<br /><br />
Email Address<br />
<input type="text" name="eadd" value="" />
<br /><br />
Username:<br />
<input type="text" name="username" value="" />
<br /><br />
Password:<br />
<input type="password" name="password" value="" />
<br /><br />
<input type="submit" value="Register" />
</form>
<?php
}
?>
答案 0 :(得分:1)
在您显示的代码中,检查您的数据库中是否有人拥有相同的用户名和相同的电子邮件,
示例:
你有数据库
toto, toto@gmail.com
toto2, toto2@gmail.com
您的测试有人注册
toto,toto2@gmail.com
您的测试找不到任何人,因为没有人将toto AND toto2@gmail.com用于电子邮件地址,
您需要制作2个单独的stmt,一个用于用户名,另一个用于电子邮件地址
答案 1 :(得分:0)
我认为您的问题与您的查询有关:
$query = " SELECT 1 FROM users WHERE username = :user , eadd = :email";
什么是SELECT 1!?!?!也许SELECT *,您需要使用AND
$query = " SELECT * FROM users WHERE username = :user AND eadd = :email";
答案 2 :(得分:-2)
创建一个这样的函数。这用于检查服务器中是否已存在电子邮件。
function user_exists($username){
$username = sanitize($username);
$query = mysql_query("SELECT * FROM `users` WHERE `user_name` = '$username' ");
return (mysql_result($query,0) >= 1) ? true : false;
然后在之后创建一个If嵌套循环以查看用户名是true还是false。 电子邮件重复相同的事情。欢呼声...