所以我试图为新用户创建一个php页面来创建一个帐户来登录网站。但我不想要任何人开帐户。因此,我希望用户注册,但需要工作人员的批准。我找到的唯一代码是复制但不是列出名称编号ect的网页。然后我可以选择将它们添加到登录中。 这是我用来注册它们的代码。
所以我有一个申请人数据库和一个被接受的数据库,但我只想添加申请人名单上的数据库。我如何查看列表然后选择并提交被接受的人。
<?php
require("auth_common.php");
if(!empty($_POST))
{
if(empty($_POST['username']))
{
die("Please enter a username.");
}
if(empty($_POST['password']))
{
die("Please enter a password.");
}
if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
{
die("Invalid E-Mail Address");
}
$query = "
SELECT
1
FROM users
WHERE
username = :username
";
$query_params = array(
':username' => $_POST['username']
);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
$row = $stmt->fetch();
if($row)
{
die("This username is already in use");
}
$query = "
SELECT
1
FROM users
WHERE
email = :email
";
$query_params = array(
':email' => $_POST['email']
);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
$row = $stmt->fetch();
if($row)
{
die("This email address is already registered");
}
$query = "
INSERT INTO users (
username,
password,
salt,
email
) VALUES (
:username,
:password,
:salt,
:email
)
";
$salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647));
$password = hash('sha256', $_POST['password'] . $salt);
for($round = 0; $round < 65536; $round++)
{
$password = hash('sha256', $password . $salt);
}
$query_params = array(
':username' => $_POST['username'],
':password' => $password,
':salt' => $salt,
':email' => $_POST['email']
);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
header("Location: login.php");
die("Redirecting to login.php");
}
?>
<h1>Register</h1>
<form action="register.php" method="post">
Username:<br />
<input type="text" name="username" value="" />
<br /><br />
E-Mail:<br />
<input type="text" name="email" value="" />
<br /><br />
Password:<br />
<input type="password" name="password" value="" />
<br /><br />
<input type="submit" value="Register" />
</form>
答案 0 :(得分:1)
根据我的经验,将一个额外的字段添加到名为“status”的用户表中要容易得多,这可以是一个枚举(“已批准”,“未批准”)
编辑:尝试使其易于理解:
首先你有一张桌子,实质上就像这样:
+--+--------+--------+----------+
|id|username|password|status |
+-------------------------------+
| 1|dennis |ezpwlol |unapproved|
+-------------------------------+
| 2|otherguy|hardpw! |approved |
+--+--------+--------+----------+
然后,您需要了解哪些用户未获批准,因此您运行如下查询:
SELECT * FROM users where status = 'unapproved';
以上示例的结果将是:
+--+--------+--------+----------+
|id|username|password|status |
+-------------------------------+
| 1|dennis |ezpwlol |unapproved|
+-------------------------------+
使用PHP,您可以将结果循环到包含用户名和按钮的列表中:
Dennis [ACCEPT]&lt;&lt; - 按钮将指向页面或路线,并将用户的ID传递给接受。
在该页面或路线上,您将为该用户运行更新查询:
UPDATE users SET status = 'approved' WHERE id = {THE ID PASSED TO THE PAGE};
现在该用户将其状态设置为已批准,因此不再出现在您未经批准的列表中。