如何避免重复的电子邮件php / sql?

时间:2017-08-16 09:08:24

标签: php mysql sql-server mamp

我使用了这段代码而且我不知道问题是什么,我也使用了不同的代码

我想要检查并且不允许用户两次添加他的电子邮件

<?php
include("includedb.php");
//declare variables
$name        = $_POST['name'];
$email       = $_POST['email'];
$tel         = $_POST['tel'];
$gift        = $_POST['gift'];
$formName    = $_POST['formName'];
$formEmail   = $_POST['formEmail'];
$formEmirate = $_POST['formEmirate'];
$birthday    = $_POST['birthday'];
$date        = $_POST['date'];

$result = mysqli_query("SELECT * FROM  users WHERE email = '$email'") or exit(mysqli_error()); //check for duplicates

$num_rows = mysqli_num_rows($result); //number of rows where duplicates exist

if ($num_rows == 0) { //if there are no duplicates...insert
    $sql = "INSERT INTO users (name, email, tel, gift, formName, formEmail, formEmirate, birthday, date)
VALUES ('$name', '$email', '$tel','$gift', '$formName', '$formEmail', '$formEmirate','$birthday',CURRENT_TIMESTAMP )";
    if (!mysqli_query($sql)) {
        die('Error: ' . mysqli_error());
    }
}

mysqli_close();

header("location: thank-you.html?remarks=success");

?>

2 个答案:

答案 0 :(得分:1)

问题是你没有传递任何与mysql_query的连接

因此查询不会被查询

void encrypt(char* inFileName, char* outFileName) {
    out_stream.open(outFileName);
    in_stream.open(inFileName);
    if(in_stream.fail()) {
        cout << "Failed to open input file." << endl;
        exit(1);
    }
    else {
        while(!in_stream.eof()) {
            in_stream.get(letter);

            if (letter == 'z') {
                letter = 'a';
            }

            if (letter == 'Z') {
                letter = 'A';
            }

            if (letter == ' ') {
                letter = letter;
            }

            else {
                letter = letter + 1;
            }

            out_stream << letter;
        }
    }
}

答案 1 :(得分:0)

感谢您的支持我发现了什么对我有用,请找到下面的代码,请告诉我如何使其安全并保护它免受sql注入

if(isset($_POST['submit'])){
$name= $_POST['name'];
$email= $_POST['email'];


$result = mysqli_query($conn,"SELECT * FROM  test WHERE email = '$email'") or exit(mysqli_error()); //check for duplicates
$num_rows = mysqli_num_rows($result); //number of rows where duplicates exist

 if(($num_rows) > 0){
     echo "A record already exists."; 
     exit;
    }

else{
$sql = "INSERT INTO test (name, email)
VALUES ('$name', '$email')";
if (!mysqli_query($conn,$sql))
  {
  die('Error: ' . mysqli_error());
  }
}

if($result) {

          header("Location: game.html");

}else{ echo "Not Successful"; }

mysqli_close();
}
?>

<!DOCTYPE html>
<head>

</head>
<body>

<h2>Enter your Name and Email</h2>
<form method="post">
    <p><strong>First Name:</strong><br /> <input type="text" name="name" /></p>
    <p><strong>email:</strong><br /> <input type="email" name="email"/></p>

    <input type="submit" name="submit" value="Add Customer" />
</form>



</body>
</html>
相关问题
最新问题