我已经问了这个问题(但这是另一个问题)。请参阅此thread,看看我在说什么。请不要说我应该使用PDO或改进MySQLi,因为一旦我开始学习它就会改变它。
如果我希望其他字段已经“检查”(如果它已经存在)怎么办?我的代码工作正常,但它仅用于用户名,我还想检查电子邮件地址是否已被采用或其他字段。
我的代码:
<?php
require_once("functions.php");
require_once("db-const.php");
session_start();
if (logged_in() == true) {
redirect_to("profile.php");
}
$errors=array();
if( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
if (empty($_POST['username']) || empty($_POST['password']) || empty($_POST['first_name']) || empty($_POST['last_name']) || empty($_POST['email'])) {
echo "Please fill all the fields!";
}
elseif( isset( $_POST['username'], $_POST['password'], $_POST['first_name'], $_POST['last_name'], $_POST['email'] ) ) {
$username = !empty( $_POST['username'] ) ? $_POST['username'] : false;
$mainpass = !empty( $_POST['password'] ) ? $_POST['password'] : false;
$password = !empty( $mainpass ) ? hash('sha256', $mainpass) : false;
$first_name = !empty( $_POST['first_name'] ) ? $_POST['first_name'] : false;
$last_name = !empty( $_POST['last_name'] ) ? $_POST['last_name'] : false;
$email = !empty( $_POST['email'] ) ? $_POST['email'] : false;
if( $username && $password ){
$mysqli = new mysqli(localhost, root, "", loginsecure);
if( $mysqli->connect_errno ) {
$errors[]=$mysqli->connect_error;
} else {
/* Assume all is ok so far */
$sql='select username from users where username=?';
$stmt=$mysqli->prepare($sql);
$stmt->bind_param('s',$username);
$stmt->execute();
$stmt->bind_result( $found );
$stmt->fetch();
if( !$found ){
/* username is not alreday taken */
$sql='insert into `users` (`username`,`password`,`first_name`,`last_name`,`email`) values (?,?,?,?,?);';
$stmt=$mysqli->prepare( $sql );
$stmt->bind_param('sssss',$username,$password,$first_name,$last_name,$email);
$stmt->execute();
header("Location: checklogin.php?msg=Registered Successfully!");
} else {
/* username is taken */
$errors[]='Sorry, that username is already in use.';
}
}
}
} else {
$errors[]='Please fill in all details';
}
}
?>
<html>
<head>
<title>Prospekt Member Area</title>
</head>
<body>
<h1> Register Here </h1>
<h2>© Kirk Niverba</h2>
<hr />
<!-- The HTML registration form -->
<form action="<?=$_SERVER['PHP_SELF']?>" method="post">
Username: <input type="text" name="username" /><br />
Password: <input type="password" name="password" /><br />
First name: <input type="text" name="first_name" /><br />
Last name: <input type="text" name="last_name" /><br />
Email: <input type="type" name="email" /><br />
<input type="submit" name="submit" value="Register" />
<a href="login.php">Already have an account?</a>
</form>
<?php
if( !empty( $errors ) ){
echo implode( '<br />', $errors );
}
?>
<hr />
</body>
</html>
这不是重复的问题,这里的问题是如何在单个查询中检查而不是多个查询,而我我还问这里如何使用不同的错误信息。
答案 0 :(得分:2)
将查询更改为此(如果需要,可以添加更多): -
$sql='select username from users where username=? OR email=?';
$stmt=$mysqli->prepare($sql);
$stmt->bind_param('ss',$username,$email);
$stmt->execute();
应该检查,如果存在一个用户名或电子邮件,它将返回true。
更新(根据您的要求): -
$sql='select email from users where email=?';
$stmt=$mysqli->prepare($sql);
$stmt->bind_param('s',$email);
$stmt->execute();
$stmt->bind_result( $found );
$stmt->fetch();
if( $found ){
// Email registered before!
$error = true; // To prevent double checking
// You can use the $error or this array error.
// $error[] = "Email Found, please register using another email";
}
if (!$error || count($error) == 0) {
$sql='select username from users where username=?';
$stmt=$mysqli->prepare($sql);
$stmt->bind_param('s',$username);
$stmt->execute();
$stmt->bind_result( $found );
$stmt->fetch();
if( $found ){
// Username registered before!
}
}