1. 首页
  2. 问答
  3. PHP注册表格打印错误

PHP注册表格打印错误

2015-09-04 70 views
0

完成了一个php/mysql登录系统。我也制作了一个可以使用的注册系统,但是如果电子邮件/用户名已经注册,或者输入的用户名或密码丢失等,我需要在html中打印出一个错误。PHP注册表格打印错误

As现在它会自动死掉并在空白页面上打印出错信息。

它看起来像这样:

 if(empty($_POST['password'])) 
    { 
     die("Please enter a password"); 
    }

我已经试过这样:

$errors = array(); 
if(empty($_POST['password'])) 
{ 
    $errors[] = 'Please enter a password'; 
}

,然后打印出来的HTML中。但它会忽略密码输入并只是注册用户帐户(使用加密密码,在phpmyadmin中)。

它看起来必须死去,但我应该怎么做呢?

这里是整个代码:

<?php 
require("*mysql_connection file*"); 


if(!empty($_POST)) 
{ 

    if(empty($_POST['username'])) 
    { 
     die("Please enter a username."); 
    } 

    $errors = array(); 
    if(empty($_POST['password'])) 
    { 
     $errors[] = 'Please enter your password'; 
    } 

    if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) 
    { 
     die("Invalid E-Mail Address"); 
    } 

    $query = " 
     SELECT 
      1 
     FROM users 
     WHERE 
      username = :username 
    "; 

    $query_params = array( 
     ':username' => $_POST['username'] 
    ); 

    try 
    { 
     $stmt = $db->prepare($query); 
     $result = $stmt->execute($query_params); 
    } 
    catch(PDOException $ex) 
    { 
     die("Failed to run query: " . $ex->getMessage()); 
    } 

    $row = $stmt->fetch(); 

    if($row) 
    { 
     die("This username is already in use"); 
    } 

    $query = " 
     SELECT 
      1 
     FROM users 
     WHERE 
      email = :email 
    "; 

    $query_params = array( 
     ':email' => $_POST['email'] 
    ); 

    try 
    { 
     $stmt = $db->prepare($query); 
     $result = $stmt->execute($query_params); 
    } 
    catch(PDOException $ex) 
    { 
     die("Failed to run query: " . $ex->getMessage()); 
    } 

    $row = $stmt->fetch(); 

    if($row) 
    { 
     die("Email already registered."); 
    } 

    $query = " 
     INSERT INTO users ( 
      username, 
      password, 
      salt, 
      email 
     ) VALUES ( 
      :username, 
      :password, 
      :salt, 
      :email 
     ) 
    "; 

    $salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647)); 


    $password = hash('sha256', $_POST['password'] . $salt); 

    for($round = 0; $round < 65536; $round++) 
    { 
     $password = hash('sha256', $password . $salt); 
    } 

    $query_params = array( 
     ':username' => $_POST['username'], 
     ':password' => $password, 
     ':salt' => $salt, 
     ':email' => $_POST['email'] 
    ); 

    try 
    { 
     $stmt = $db->prepare($query); 
     $result = $stmt->execute($query_params); 
    } 
    catch(PDOException $ex) 
    { 

     die("Failed to run query: " . $ex->getMessage()); 
    } 

    header("Location: *login page*"); 
    die("Redirecting to *login page*"); 
}

>

来源

2015-09-04 saltcracker

+0

你不火的查询?请让你的问题更清楚。 –

+0

立即更新整个代码。 – saltcracker

回答

0 
<?php 
require("*mysql_connection file*"); 


if(!empty($_POST)) 
{ 

    if(empty($_POST['username'])) 
    { 
     die("Please enter a username."); 
    } 

    $errors = array(); 
    if(empty($_POST['password'])) 
    { 
     $errors[] = 'Please enter your password'; 
    } 

    if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) 
    { 
     die("Invalid E-Mail Address"); 
    } 

    $query = " 
     SELECT 
      1 
     FROM users 
     WHERE 
      username = :username 
    "; 

    $query_params = array( 
     ':username' => $_POST['username'] 
    ); 

    try 
    { 
     $stmt = $db->prepare($query); 
     $result = $stmt->execute($query_params); 
    } 
    catch(PDOException $ex) 
    { 
     die("Failed to run query: " . $ex->getMessage()); 
    } 

    $row = $stmt->fetch(); 

    if($row) 
    { 
     die("This username is already in use"); 
    } 

    $query = " 
     SELECT 
      1 
     FROM users 
     WHERE 
      email = :email 
    "; 

    $query_params = array( 
     ':email' => $_POST['email'] 
    ); 

    try 
    { 
     $stmt = $db->prepare($query); 
     $result = $stmt->execute($query_params); 
    } 
    catch(PDOException $ex) 
    { 
     die("Failed to run query: " . $ex->getMessage()); 
    } 

    $row = $stmt->fetch(); 

    if($row) 
    { 
     die("Email already registered."); 
    } 

    $query = " 
     INSERT INTO users ( 
      username, 
      password, 
      salt, 
      email 
     ) VALUES ( 
      :username, 
      :password, 
      :salt, 
      :email 
     ) 
    "; 

    $salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647)); 


    $password = hash('sha256', $_POST['password'] . $salt); 

    for($round = 0; $round < 65536; $round++) 
    { 
     $password = hash('sha256', $password . $salt); 
    } 

    $query_params = array( 
     ':username' => $_POST['username'], 
     ':password' => $password, 
     ':salt' => $salt, 
     ':email' => $_POST['email'] 
    ); 


    if (empty($errors)) { /********* EDITS ***********/ 

     try 
     { 
      $stmt = $db->prepare($query); 
      $result = $stmt->execute($query_params); 
     } 
     catch(PDOException $ex) 
     { 

      die("Failed to run query: " . $ex->getMessage()); 
     } 

    }/********* EDITS ***********/ 

    header("Location: *login page*"); 
    die("Redirecting to *login page*"); 
} 
?>

这是远不够理想,但我不能arsed重写你的整个代码。 主要评论是使用openssl_random_pseudo_bytes而不是你自己的东西来弥补盐,或者你可以从mcrypt系列功能中取出IV。

来源

2015-09-04 19:04:09

0

试试这个: -

if(""== trim($_POST['password'])) 
    { 
      die("Please enter a password"); 
    } 
else //password is entered 
{ 
//your code 
}

来源

2015-09-04 19:08:46

+0

没有工作,用户无需输入密码即可创建。谢谢你试图帮助我! – saltcracker

+0

代码再次通过它更新..go –

相关问题

 相关问题