与标题一样,我想在用户成功注册后立即注册用户,并且不希望他们再次输入用户名和密码进行登录。
这是注册码
<?php
$name = ((isset($_POST['name']))?sanitize($_POST['name']):'');
$email = ((isset($_POST['email']))?sanitize($_POST['email']):'');
$password = ((isset($_POST['password']))?sanitize($_POST['password']):'');
$confirm = ((isset($_POST['confirm']))?sanitize($_POST['confirm']):'');
$errors = array();
if($_POST){
$emailQuery =$db->query("SELECT * FROM users1 WHERE email = '$email'");
$emailCount = mysqli_num_rows($emailQuery);
if($emailCount != 0){
$errors[] = 'That email already exists in our database.';
}
$required = array('name', 'email', 'password', 'confirm');
foreach($required as $f){
if(empty($_POST[$f])){
$errors[] = 'You must fill out all fields';
break;
}
}
if(strlen($password) < 6){
$errors[] = 'Your password must be atleast 6 characterss';
}
if($password != $confirm){
$errors[] = 'Your password do not match';
}
if(!filter_var($email,FILTER_VALIDATE_EMAIL)){
$errors[] = 'You must enter a valid email';
}
if(!empty($errors)){
echo display_errors($errors);
}else{
//add user to database
$hashed = password_hash($password,PASSWORD_DEFAULT);
$db->query("INSERT INTO users1 (full_name,email,password) values('$name', '$email','$hashed')");
}
?>
以下是我的登录结构的样子
<?php
if ($_POST) {
//form validation
if (empty($_POST['email']) || empty($_POST['password'])) {
$errors[] = 'You must provide email and password.';
}
//Validate email
if(!filter_var($email,FILTER_VALIDATE_EMAIL)){
$errors[] = 'You must enter a valid email';
}
//Password is more than 6 characters
if(strlen($password) < 6) {
$errors[] = 'Password must be at least 6 characters';
}
// check if email exits in the database
$query = $db->query("SELECT * FROM users WHERE email = '$email'");
$user = mysqli_fetch_assoc($query);
$usercount = mysqli_num_rows($query);
if($usercount < 1){
$errors[] = 'That email does not exist in our database';
}
if (!password_verify($password, $user['password'])) {
$errors[] = 'The password does not match our records. Please try again.';
}
//check for errors
if(!empty($errors)) {
echo display_errors($errors);
}else {
$user_id = $user['id'];
login($user_id);
}
}
?>
这是登录功能
function login($user_id){
$_SESSION['SBUser'] = $user_id;
global $db;
$date = date("y-m-d h:i:s");
$db->query("UPDATE users SET last_login = '$date' WHERE id = '$user_id'");
$_SESSION['success_flash'] = 'You are now logged in!';
header('location: index.php');
}
答案 0 :(得分:2)
表示用户已登录的唯一操作是设置$_SESSION['SBUser'] = $user_id;
因此,在您的注册脚本中也可以这样做。
<?php
// new code
session_start();
$name = ((isset($_POST['name']))?sanitize($_POST['name']):'');
$email = ((isset($_POST['email']))?sanitize($_POST['email']):'');
$password = ((isset($_POST['password']))?sanitize($_POST['password']):'');
$confirm = ((isset($_POST['confirm']))?sanitize($_POST['confirm']):'');
$errors = array();
if($_POST){
$emailQuery =$db->query("SELECT * FROM users1 WHERE email = '$email'");
$emailCount = mysqli_num_rows($emailQuery);
if($emailCount != 0){
$errors[] = 'That email already exists in our database.';
}
$required = array('name', 'email', 'password', 'confirm');
foreach($required as $f){
if(empty($_POST[$f])){
$errors[] = 'You must fill out all fields';
break;
}
}
if(strlen($password) < 6){
$errors[] = 'Your password must be atleast 6 characterss';
}
if($password != $confirm){
$errors[] = 'Your password do not match';
}
if(!filter_var($email,FILTER_VALIDATE_EMAIL)){
$errors[] = 'You must enter a valid email';
}
if(!empty($errors)){
echo display_errors($errors);
}else{
//add user to database
$hashed = password_hash($password,PASSWORD_DEFAULT);
$db->query("INSERT INTO users1
(full_name,email,password)
values('$name', '$email','$hashed')");
// new code
$_SESSION['SBUser'] = $db->insert_id;
}
?>