我正在通过在线教程创建我的第一个登录/注册功能到我的网站。每件事似乎都运行良好,我的问题是在教程中,在索引页面中设置了php if ($_SERVER['REQUEST_METHOD'] == 'POST')
,该页面检查是否所有字段然后将它们插入到数据库中。但对我来说这似乎不起作用。但是,如果我将代码放在表单操作重定向的页面上,它可以正常工作。这是正确的方法吗?我不想这么想,因为我想在继续之前检查所有变量。
因此,如果有人愿意教育我,那就太棒了。
这是我的PHP代码仍然没有完全完成,但我想先清除它。
include方法
使用它<?php
//setup some variables/arrays
$action = array();
$action['result'] = null;
//check if the form has been submitted
if ($_SERVER['REQUEST_METHOD'] == 'POST'){
$message = "wrong answer";
echo "<script type='text/javascript'>alert('$message');</script>";
$firstName = mysqli_real_escape_string($link,$_POST['firstName']);
$lastName = mysqli_real_escape_string($link,$_POST['lastName']);
$password = mysqli_real_escape_string($link,$_POST['sign-up-password']);
$confirmPassword = mysqli_real_escape_string($link,$_POST['password-confirm']);
$email = mysqli_real_escape_string($link,$_POST['email2']);
//quick/simple validation
if(empty($firstName)){ $action['result'] = 'error';}
if(empty($lastName)){ $action['result'] = 'error';}
if(empty($password)){ $action['result'] = 'error';}
if(empty($email)){ $action['result'] = 'error';}
if($password != $confirmPassword){ $action['result'] = 'error';}
if($action['result'] != 'error'){
$add = mysqli_query($link,"INSERT INTO `users` VALUES(NULL,'$firstName','$lastName','$password','$email',0)");
if($add){
//the user was added to the database
//get the new user id
$userid = mysqli_insert_id($link);
//create a random key
$key = $firstName . $email . date('mY');
$key = md5($key);
//add confirm row
$confirm = mysqli_query($link,"INSERT INTO `confirm` VALUES(NULL,'$userid','$key','$email')");
if($confirm){
//let's send the email
}
}else{
$action['result'] = 'error';
array_push($text,'User could not be added to the database. Reason: ' . mysql_error());
}
}else{
}
}
?>