//verify user
if (isset($_POST['dogrula-btn'])) {
//get variables from the user:
$token = $_POST['token'];
//validations:
if (empty($token)) {
$errors['token'] = 'Could not be empty!';
}
//To avoid display "Wrong credentials" for the first time
if (count($errors) === 0) {
$sql = "SELECT * FROM users WHERE token='$token' LIMIT 1";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
$row = $result->fetch_assoc();
$verified= $row['verified'];
if ($row['verified'] = 0) {
$update_query = "UPDATE users SET verified = 1 WHERE token = '$token'";
//using PHP built-in feature to verify the user's input password AND db password
$_SESSION['id'] = $user['id'];
$_SESSION['username'] = $user['username'];
$_SESSION['email'] = $user['email'];
$_SESSION['verified'] = 1;
exit();
} else {
$errors['token'] = "Already verified!";
}
}else{$errors['token'] = "User doesn't exist!";}}
}
数据库“已验证”中的值为0。
即使这样,如果行if ($row['verified'] = 0) { }无法正常工作,并通过else行$ errors ['token'] =“已经验证!”;