虽然我正在创建一个Web应用程序以允许创建数据库,但我想将创建限制为每个用户一个数据库,而且我现在还没有实现任何安全性,我担心的是逻辑。我具有正确的逻辑后,将实现安全性。因此,请提供有关逻辑的建议。
我正在寻找建议,以了解如何改进此脚本。它是功能性的,并且确实可以正常工作。
//define connection
$conn = mysqli_connect('localhost', 'root','XXXXX','billing');
//Variables
$UserEmail = $_SESSION['email'];
$MysqlUserDataBaseCreate = $_POST['create_database'];
//CheckIfUserExists
$SeeIfUserExist = "SELECT * FROM database_users WHERE email='$UserEmail';";
$SqlQueryUserCheck = mysqli_query($conn,$SeeIfUserExist);
$CheckIfRowDataExist = mysqli_num_rows($SqlQueryUserCheck);
//ToCreateDataBaseAndUser
if($CheckIfRowDataExist < 1){
$InsertDataBaseIntel ="INSERT INTO database_users(email,check_if_created) VALUES ('$UserEmail','$MysqlUserDataBaseCreate');";
mysqli_query($conn,$InsertDataBaseIntel);
$CreateDataBaseForUser ="CREATE DATABASE $MysqlUserDataBaseCreate ;";
mysqli_query($conn,$CreateDataBaseForUser);
}else{
echo 'you are restrictd to one database';
}
?>