如果用户名存在,PHP注册表格不会收到

时间:2018-01-19 18:13:00

标签: php mysql registration

我正在为简单的注册系统编写代码。我有这个部分,我检查用户名或电子邮件是否已经存在。如果是这种情况,它应该显示错误消息,但它不起作用。如果存在用户名或电子邮件,则无论如何都会提交注册表。

这是我的代码

和registration.php 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" 
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  <link rel="shortcut icon" href="favicon.png" type="image/x-icon"/>
  <link rel="icon" type="image/png" href="favicon.png" />
  <title>Registro</title>
</head>

<body>      
  <?php
  if(isset($_POST['submit'])){
    $mysqli = NEW 
    MySQLi('localhost','user','pass','database');
                        $username     =    $_POST['username'];
                        $name         = $_POST['name'];
                        $pass=          $_POST['pass'];
                        $email=         $_POST['email'];
                        $phone=      $_POST['phone'];

                        $querya=mysqli_query($mysqli,"select * from table where username='$username' && email='$email'");
                        $num_rowss=mysqli_num_rows($querya);

                        if ($num_rowss>0){
                            echo "Username or password is taken, please write a new one."
                        }else{


                        $query = "INSERT INTO table(username,name,pass,email,phone)VALUES('"
                        . $mysqli->real_escape_string($username) .
                        "' , '"
                        . $mysqli->real_escape_string($name) .
                        "' , '"
                        . $mysqli->real_escape_string($pass) .
                        "' , '"
                        . $mysqli->real_escape_string($email) .
                        "' , '"
                        . $mysqli->real_escape_string($phone) .
                        "')
                        ";

                        $insert = $mysqli->query($query);


                        if($insert){
                            header('Location: login.php');

                        }

                        }


                    $mysqli->close();   

}
?>

  <div>
            <h1>Register</h1>
            <form action="" method="post" name="registro" id="formulario"><br><br>
                <table>
                    <tr><td>Username: <input type="text" name="username" id="username" required></td> 
                    </tr>
                    <tr><td>Name:<input type="text" name="name" id="name" required></td> 
                    </tr>
                    <tr><td>Password: <input type="password" name="pass" required></td> 
                    </tr>
                    <tr><td>Email: <input type="email" name="email" required></td> 
                    </tr>
                    <tr><td>Phone: <input type="text" name="phone" required></td> 
                    </tr>
                    <tr><td> <input name="submit" id="submit" type="submit" value="Registrar" /></td></tr>
                </table><br><br>
            </form>
            </div>

    </body>

2 个答案:

答案 0 :(得分:0)

一些事情:

  1. 关注SQL注入 - 使用参数
  2. 它应该是OR,NOT&amp;&amp ;.您想知道是否找到了用户名或电子邮件。
  3. 你也应该有办法处理错误。

    4. 您的查询应如下所示:

     $querya=mysqli_query($mysqli,"select * from table where username='$username' OR email='$email'");
 $num_rowss=mysqli_num_rows($querya);

答案 1 :(得分:0)

试试这个。如果没有,它对我很有用!

 $querya = "SELECT username, email FROM table WHERE username = '".$name."' OR email = '".$email."'";
        $result = $mysqli->query($sql);

        if(mysqli_num_rows($result) > 0)
        {
            echo 'Username or password is taken, please write a new one.';
        }
        else
        {
相关问题
最新问题