我在网站Sign-Up Page
的代码中遇到问题我正在尝试为我的大学课程的学生和员工实施登录和注册系统。我在DB中有两个表,一个用于授权用户,另一个用于注册用户。
在有人注册之前,我必须将他们的学生证或电子邮件输入授权表,否则应告知用户他们无权注册。
我的问题是,当我注册时,我只是被告知我没有被授权。 ID和电子邮件位于授权的数据库中,因此我的代码存在问题,我无法解决问题。
先谢谢。
我有这个注册功能
public function register($firstname, $surname, $student_id, $email, $password) {
try {
$new_password = password_hash($password, PASSWORD_DEFAULT);
$stmt = $this->db->prepare("INSERT INTO members(firstname, surname, student_id, email, password) VALUES(:fname, :sname, :sid, :smail, :spass)");
$stmt->bindparam(":fname", $firstname);
$stmt->bindparam(":sname", $surname);
$stmt->bindparam(":sid", $student_id);
$stmt->bindparam(":smail", $email);
$stmt->bindparam(":spass", $password);
$stmt->execute();
return $stmt;
} catch(PDOException $exception) {
echo $exception->getMessage();
}
}
我的注册页面如下。
<?php
require_once 'dbconfig.php';
if ($user->is_loggedin()!="") {
$user->redirect('home.php');
}
if (isset($_POST['btn-register'])) {
$fname = trim($_POST['fname']);
$sname = trim($_POST['sname']);
$student_id = trim($_POST['sid']);
$email = trim($_POST['smail']);
$password = trim($_POST['spass']);
$email_requirement = '@chester.ac.uk';
$email_verification = strpos($email, $email_requirement);
if ($fname == ""){
$error[] = "Please enter your firstname.";
} else if ($sname == "") {
$error[] = "Please enter your surname.";
} else if ($student_id == "") {
$error[] = "Please enter your Student ID.";
} else if ($email == "") {
$error[] = "Please enter your student email address.";
} else if ((!$email_verification) && (!filter_var($email, FILTER_VALIDATE_EMAIL))) {
$error[] = "Please enter a valid Chester Univeristy email address.";
} else if ($password == "") {
$error[] = "Please enter a password";
} else if (strlen($email) < 6 ) {
$error[] = "Passwords need to be at least 6 characters.";
} else {
try {
$check_exist = $DB_con->prepare("SELECT student_id, email FROM members WHERE student_id=:sid OR email=:smail");
$check_exist->execute(array(':sid'=>$student_id, ':smail'=>$email));
$row=$check_exist->fetch(PDO::FETCH_ASSOC);
if ($row['student_id'] == $student_id) {
$error[] = "That student ID has already been registered.";
} else if ($row['email'] == $email) {
$error[] = "That email address has already been registered.";
} else {
try {
$check_auth = $DB_con->prepare("SELECT student_id, email FROM authorised WHERE student_id=:sid OR email=:smail");
$check_auth->execute(array(':sid'=>$student_id, ':smail'=>$email));
$row2=$check_auth->fetch(PDO::FETCH_ASSOC);
if (($row2['student_id'] != $student_id) || ($row['email'] != $email)) {
$error[] = "You are not authorised to register. Please contact Richard - admin@cybersecurity.bloxamrose.co.uk.";
} else {
if ($user->register($fname, $sname, $student_id, $email, $password)) {
$user->redirect('sign-up.php?joined');
}
}
} catch (PDOException $exception) {
echo $exception->getMessage();
}
}
} catch (PDOException $exception) {
echo $exception->getMessage();
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>University of Chester (UNOFFICIAL) - Cybersecurity Notes</title>
<meta name="description" content="Student made resource for Cybersecurity students at the University of Chester. UNOFFICIAL." />
<meta name="author" content="Richard J Bloxam-Rose" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<link href="bootstrap/css/bootstrap.min.css" rel="stylesheet" type="text/css" />
<link href="css/main.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div class="container">
<div class="form-container">
<form method="post">
<h2>Register</h2>
<hr />
<?php
if (isset($error)) {
foreach ($error as $error) {
?>
<div class="alert alert-danger">
<i class="glyphicon glyphicon-warning-sign"></i> <?php echo $error; ?>
</div>
<?php
}
} else if (isset($_GET['joined'])) {
?>
<div class="alert alert-info">
<i class="glyphicon glyphicon-log-in"> Registration complete <a href="index.php">Login</a> here.
</div>
<?php
}
?>
<div class="form-group">
<input type="text" class="form-control" name="fname" placeholder="First Name" value="<?php if (isset($error)) {echo $fname;}?>" />
</div>
<div class="form-group">
<input type="text" class="form-control" name="sname" placeholder="Surname" value="<?php if (isset($error)) {echo $sname;}?>" />
</div>
<div class="form-group">
<input type="text" class="form-control" name="sid" placeholder="Student ID" value="<?php if (isset($error)) {echo $student_id;}?>" />
</div>
<div class="form-group">
<input type="text" class="form-control" name="smail" placeholder="Student Email" value="<?php if (isset($error)) {echo $email;}?>" />
</div>
<div class="form-group">
<input type="password" class="form-control" name="spass" placeholder="Password" />
</div>
<div class="clearfix"></div>
<hr />
<div class="form-control">
<button type="submit" class="btn btn-block btn-primary" name="btn-register">
<i class="glyphicon glyphicon-open-file"></i> Register
</button>
</div>
<br />
<label>Already registered? <a href="index.php">Login</a></label>
</form>
</div>
</div>
</body>
</html>