我如何能够检查多个因素而不是检查每个因素?所以基本上我使用PDO,我必须确保用户名和电子邮件是唯一的。那我该怎么做?我见过
if ( $sthandler->rowCount() > 0 ) {
// do something here
}
但是有更好的方法吗?如果没有人可以解释我是如何使用它的话。
修改 这是我输入数据库的查询代码
<?php
try {
$handler = new PDO('mysql:host=localhost;dbname=s','root', '*');
$handler->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e){
exit($e->getMessage());
}
$name = $_POST['name'];
$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
$password1 = $_POST['passwordconf'];
$ip = $_SERVER['REMOTE_ADDR'];
//Verifcation
if (empty($name) || empty($username) || empty($email) || empty($password) || empty($password1))
{
echo "Complete all fields";
}
// Password match
if ($password != $password1)
{
echo $passmatch = "Passwords don't match";
}
// Email validation
if (!filter_var($email, FILTER_VALIDATE_EMAIL))
{
echo $emailvalid = "Enter a valid email";
}
// Password length
if (strlen($password) <= 6){
echo $passlength = "Choose a password longer then 6 character";
}
function userExists($db, $user)
{
$userQuery = "SELECT * FROM userinfo u WHERE u.user=:user;";
$stmt = $db->prepare($userQuery);
$stmt->execute(array(':user' => $user));
return !!$stmt->fetch(PDO::FETCH_ASSOC);
}
$user = 'userName';
$exists = userExists($db, $user);
if(exists)
{
// user exists already.
}
else
{
// user doesn't exist already, you can savely insert him.
}
if(empty($passmatch) && empty($emailvalid) && empty($passlength)) {
//Securly insert into database
$sql = 'INSERT INTO userinfo (name ,username, email, password, ip) VALUES (:name,:username,:email,:password,:ip)';
$query = $handler->prepare($sql);
$query->execute(array(
':name' => $name,
':username' => $username,
':email' => $email,
':password' => $password,
':ip' => $ip
));
}
?>
答案 0 :(得分:7)
<?php
//Connections
try {
$handler = new PDO('mysql:host=localhost;dbname=s','root', '*');
$handler->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e){
exit($e->getMessage());
}
$name = $_POST['name'];
$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
$password1 = $_POST['passwordconf'];
$ip = $_SERVER['REMOTE_ADDR'];
//Verifcation
if (empty($name) || empty($username) || empty($email) || empty($password) || empty($password1)){
$error = "Complete all fields";
}
// Password match
if ($password != $password1){
$error = "Passwords don't match";
}
// Email validation
if (!filter_var($email, FILTER_VALIDATE_EMAIL)){
$error = "Enter a valid email";
}
// Password length
if (strlen($password) <= 6){
$error = "Choose a password longer then 6 character";
}
if(!isset($error)){
//no error
$sthandler = $handler->prepare("SELECT username FROM users WHERE username = :name");
$sthandler->bindParam(':name', $username);
$sthandler->execute();
if($sthandler->rowCount() > 0){
echo "exists! cannot insert";
} else {
//Securly insert into database
$sql = 'INSERT INTO userinfo (name ,username, email, password, ip) VALUES (:name,:username,:email,:password,:ip)';
$query = $handler->prepare($sql);
$query->execute(array(
':name' => $name,
':username' => $username,
':email' => $email,
':password' => $password,
':ip' => $ip
));
}
}else{
echo "error occured: ".$error;
exit();
}
答案 1 :(得分:1)
这样的事情应该有效:
function userExists($db, $user)
{
$userQuery = "SELECT * FROM userinfo u WHERE u.user=:user;";
$stmt = $db->prepare($userQuery);
$stmt->execute(array(':user' => $user));
return !!$stmt->fetch(PDO::FETCH_ASSOC);
}
$user = 'userName';
$exists = userExists($db, $user);
if(exists)
{
// user exists already.
}
else
{
// user doesn't exist already, you can savely insert him.
}
答案 2 :(得分:-1)
您显示的代码没有多大意义来检查用户名和电子邮件是否唯一。您应该在数据库上设置UNIQUE KEY。