禁止在平面文件数据库中使用相同的用户名

时间:2014-01-07 12:20:44

标签: php file username flat

我使用平面文件数据库为我的应用程序创建了一个注册页面。我想知道是否有可能使用平面文件数据库来制作,所以注册的人不能使用已经注册的同名,如果是这样的话?

以下是我的注册页面:

<div align="center">    
<?PHP

if (isset($_POST['submit']))
{

$username = $_POST["username"];
$password = $_POST["password"];
$password1 = $_POST["password1"];

if(empty($username)) die(print '<script> alert ("Enter Username"); window.location="registration.php"; </script>');
if(empty($password)) die(print '<script> alert ("Enter Password"); window.location="registration.php"; </script>');
if($password != $password1) die(print '<script> alert ("Password doesn\'t match"); window.location="registration.php"; </script>'); 

require_once('recaptchalib.php'); // reCAPTCHA Library
$privkey = "xxxx-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; // Private API Key
$verify = recaptcha_check_answer($privkey, $_SERVER['REMOTE_ADDR'],   $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']);

if ($verify->is_valid) { 

$file = file_get_contents("data.txt");
$string = "$username||$password";
if(!strstr($file, "$string"))
{
$myFile = "data.txt";
$fh = fopen($myFile, 'a') or die("can't open file");
$stringData = "$username||$password\n";
fwrite($fh, $stringData);
print '<script> alert ("Registration Complete"); window.location="/~u1206424/index.php";  </script>';
fclose($fh);
}
else
{
die(print '<script> alert ("Sorry the username: <b>$username</b> is already registered.   Please use diferent username"); window.location="registration.php"; </script>');

}

}
else {

die(print '<script> alert ("You did not enter the correct Captcha.  Please try again"); window.location="registration.php"; </script>');    

}
}
?>
</div>
<!doctype html>
<html>
<head>
<title>Registration</title>
</head>
<body>
<div id="container" style="width:500px; height:500px; border: 2px solid black; margin:auto">

<?php include "header.php"; ?>

<div id="content" style="background-color:#EEEEEE; width:500px; height:400px; float: left">
<br>
<form align="center" method="post" action="registration.php" >
Username:
<input type="text" name="username" />
<br/>
<br/>
Password:
<input type="password" name="password" />
<br/>
<br/>
Confirm:
<input type="password" name="password1" />
<br/>
<br/>
<?php
require_once('recaptchalib.php'); // reCAPTCHA Library
$pubkey = "6Lcx-esSAAAAAIps5xUbcy7ty45P1usxQWheLpXO"; // Public API Key
echo recaptcha_get_html($pubkey); // Display reCAPTCHA
?>
<input type="submit" value="Register" name="submit" />
</form>
</div>

<?php include "footer.php"; ?>

</div>
</body>
</html>

1 个答案:

答案 0 :(得分:0)

这个(几年前我写的代码片段)是我在进入MySQL之前经常使用的,强烈建议。

但鉴于项目的性质,您可以使用以下内容。

N.B。:我建议您通过data.txt保护.htaccess个文件,例如:

<Files data.txt>
order allow,deny
deny from all
</Files>

该列表只包含电子邮件地址,而不包含密码,因此您需要单独检查以查看用户名和密码是否匹配,我相信您已经拥有。

$emails = file_get_contents("data.txt");
$email = $_POST['email'];

if ( preg_match( "/(?:^|\W){$email}(?:\W|$)/", $emails ) ) {
//die ("Sorry, your Email is already in our database.");
header('Location: exists.php');
}

else {
    header('Location: thank_you.php');  
}