我环顾四周,已经看过很多例子,但很遗憾无法将其实现到我目前正在使用的代码中。
我想阻止用户在我的网页上注册时使用相同的用户名,但我使用的代码允许这些条目相同。
如何修改以下代码以防止这种情况发生?
<?php
require('db.php');
// If form submitted, insert values into the database.
if (isset($_POST['username'])){
$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
$username = stripslashes($username);
$username = mysql_real_escape_string($username);
$email = stripslashes($email);
$email = mysql_real_escape_string($email);
$password = stripslashes($password);
$password = mysql_real_escape_string($password);
$trn_date = date("Y-m-d H:i:s");
$res_login = $conn->query("select * from users where username='$username'");
if($res_login -> num_rows > 0)
{
echo "Username is already exists please try with another username";
}
else
{
$query = "INSERT into `users` (username, password, email, trn_date) VALUES ('$username', '".md5($password)."', '$email', '$trn_date')";
$result = mysql_query($query);
if($result)
{
echo "You are registered successfully.</h3><br/>Click here to <a href='login.php'>Login</a></div>";
}
else
{
echo "error in registration";
}
}
}
?>
任何帮助都将受到高度赞赏。
答案 0 :(得分:0)
答案 1 :(得分:0)
检查唯一性的最佳方法是,您必须在数据库中将用户名设置为主键,但如果要手动检查,则使用选择查询检查数据库中是否存在用户名?
<?php
require('db.php');
// If form submitted, insert values into the database.
if (isset($_POST['username'])){
$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
$username = stripslashes($username);
$username = mysql_real_escape_string($username);
$email = stripslashes($email);
$email = mysql_real_escape_string($email);
$password = stripslashes($password);
$password = mysql_real_escape_string($password);
$trn_date = date("Y-m-d H:i:s");
$res_login = mysql_query("select * from users where username='$username'");
$sql_num = mysql_num_rows($res_login);
if($sql_num > 0)
{
echo "Username is already exists please try with another username";
}
else
{
$query = "INSERT into `users` (username, password, email, trn_date) VALUES ('$username', '".md5($password)."', '$email', '$trn_date')";
$result = mysql_query($query);
if($result)
{
echo "You are registered successfully.</h3><br/>Click here to <a href='login.php'>Login</a></div>";
}
else
{
echo "error in registration";
}
}
}
?>
请使用准备好的声明进行最佳编程练习。访问此链接: PDO::prepare manual
答案 2 :(得分:0)
您还可以将用户名设置为唯一键索引,以防止在表格中输入重复的行。
并查看以下代码
<?php
require('db.php');
// If form submitted, insert values into the database.
if (isset($_POST['username'])){
$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
$username = stripslashes($username);
$username = mysql_real_escape_string($username);
$email = stripslashes($email);
$email = mysql_real_escape_string($email);
$password = stripslashes($password);
$password = mysql_real_escape_string($password);
$trn_date = date("Y-m-d H:i:s");
$query = "INSERT into `users` (username, password, email, trn_date) VALUES ('$username', '".md5($password)."', '$email', '$trn_date')";
$result = mysql_query($query);
if (mysql_errno()) {
if (mysql_errno()==1062) {
echo "Username already taken.";
}
}else{
if($result){
echo "You are registered successfully.</h3><br/>Click here to <a href='login.php'>Login</a></div>";
}
}
}else{
?>
希望这对你有用....