PHP保持插入刷新

时间:2017-08-01 19:41:51

标签: php mysql sql forms mysqli

我目前正在为我的应用注册,直到我遇到这个问题,每当我进入我的页面时,它会在我的users表中创建一个新行。似乎当我重新加载页面时,表单会自动提交。我曾提到this问题:

  

使用标题(“location:”);插入完成后,将显示一个新的表单,刷新不会导致再次提交。

然而,当我这样做时发生的一切都是一个很大的重定向循环,阻止我一起访问该页面。

以下是我的注册代码:

<?php 

    global $conn;
    global $register;
    global $error;

    $username = $_POST['username'];
    $firstName = $_POST['firstName'];
    $lastName = $_POST['lastName'];
    $email = $_POST['email'];
    $phone = $_POST['phone'];
    $password = $_POST['password'];
    $confirmPassword = $_POST['confirmPassword'];

    define(HEADER_TITLE, "Register");
    include_once 'template/header.php';

    if (isset($_POST['register'])) {
        $register->register($username, $firstName, $lastName, $email, $phone, $password, $confirmPassword);
    }

?>
<div class="container">
    <div id="hoogley_login">
        <h2>Register</h2><hr>
            <div class="alert alert-danger" role="alert">
            <?php
            if ($error->display() != null ) {
                #echo '<div class="alert alert-danger" role="alert">';
                $error->display();
            } else {
                #echo '<div>';
            }
        ?>
        </div>
        <form action="register" method="post">
            <input type="text" class="form-control" name="firstName" placeholder="First Name" value="<?php echo $_GET['firstName']; ?>">
            <br>
            <input type="text" class="form-control" name="lastName" placeholder="Last Name" value="<?php echo $_GET['lastName']; ?>">
            <br>
            <input type="text" class="form-control" name="username" placeholder="Username" value="<?php echo $_GET['username']; ?>">
            <br>
            <input type="email" class="form-control" name="email" placeholder="E-Mail Address" value="<?php echo $_GET['email']; ?>">
            <br>
            <input type="tel" class="form-control" name="phone" placeholder="Phone Number" value="<?php echo $_GET['phone']; ?>">
            <br>
            <input type="password" class="form-control" name="password" placeholder="Password">
            <br>
            <input type="password" class="form-control" name="confirmPassword" placeholder="Confirm Password">
            <br>
            <input type="submit" class="btn btn-info btn-lg" name="register" value="Register!">
            <br><br>
            <a href="/login">Have an account? Login!</a>
        </form>
    </div>
</div>



<?php include_once 'template/footer.php'; ?>

我的register.class.php:

<?php


/**
* User Registration
*/
class register {

public function register($reg_username = '', $reg_firstName = '', $reg_lastName = '', $reg_email = '', $reg_phone = '', $reg_password = '', $reg_confirmPassword = '') {

    global $conn;
    global $error;

    // TO PREVENT AN UNDEFINED INDEX
    // First Name
    if(isset($reg_firstName)) {
        $reg_firstName = stripslashes(htmlspecialchars($conn->real_escape_string($reg_firstName)));
    } else {
        $error->set('312');
    }

    // Last Name
    if(isset($reg_lastName)) {
        $reg_lastName = stripslashes(htmlspecialchars($conn->real_escape_string($reg_lastName)));
    } else {
        $error->set('313');
    }

    // Username
    if(isset($reg_username)) {
        $reg_username = stripslashes(preg_replace('/\s+/', '', htmlspecialchars($conn->real_escape_string($reg_username))));
    } else {
        $error->set('311');
    }

    // Email
    if(isset($reg_email)) {
        $reg_email = stripslashes(preg_replace('/\s+/', '', htmlspecialchars($conn->real_escape_string($reg_email))));
    } else {
        $error->set('314');
    }

    // Phone
    if(isset($reg_phone)) {
        $reg_phone = stripslashes(preg_replace("/[^0-9]/", "", htmlspecialchars($conn->real_escape_string($reg_phone))));
    } else {
        $error->set('315');
    }

    // Password
    if(isset($reg_password)) {
        $reg_password = stripslashes(htmlspecialchars($conn->real_escape_string($reg_password)));
    } else {
        $error->set('316');
    }

    // Password
    if(isset($reg_confirmPassword)) {
        $reg_password = stripslashes(htmlspecialchars($conn->real_escape_string($reg_confirmPassword)));
    } else {
        $error->set('317');
    }

    // Check if username exists in the database
    $stmt = $conn->prepare("SELECT * FROM users WHERE username=?");
    $stmt->bind_param('s', $reg_username);
    $stmt->execute();
    $stmt->store_result();

    if ($stmt->num_rows == 0) {

        $stmt = $conn->prepare("SELECT * FROM users WHERE email=?");
        $stmt->bind_param('s', $reg_email);
        $stmt->execute();
        $stmt->store_result();

        if ($stmt->num_rows == 0) {

            $stmt = $conn->prepare("SELECT * FROM users WHERE phone=?");
            $stmt->bind_param('s', $reg_phone);
            $stmt->execute();
            $stmt->store_result();

            if ($stmt->num_rows == 0) {

                // Do passwords match?
                if ($reg_password == $reg_confirmPassword) {

                    $reg_passwordEncrypt = hash("sha256", $reg_password);

                    // Insert data
                    $stmt = $conn->prepare("INSERT INTO users (username, firstName, lastName, email, phone, password, company, website, bio) VALUES (?, ?, ?, ?, ?, ?, '', '', '')");
                    $stmt->bind_param("ssssss", $reg_username, $reg_firstName, $reg_lastName, $reg_email, $reg_phone, $reg_passwordEncrypt);
                    $stmt->execute();
                    header("Location: /login");

                } else {
                    // Set Error
                    $error->set('308');
                }

            } else {
                // Set Error
                $error->set('306');
            }

        } else {
            // Set Error
            $error->set('304');
        }
    } else {
        // Set Error
        $error->set('301');

    }


}

}

$register = new register;

谢谢!

1 个答案:

答案 0 :(得分:2)

这是因为您的方法与类名具有相同的名称。它作为PHP 4构造函数工作,它在初始化对象时调用该方法。

https://wiki.php.net/rfc/remove_php4_constructors