为学校assingment我必须做一个投资组合。这必须包含一个工作登录和注册系统。我知道它将在哪里登录人,但只有在手动输入数据库中的数据。但现在,当我尝试让人们注册他们自己它只是不断给我的错误,用户名和电子邮件已经存在,什么是不正确的,在大多数情况下。我希望你们能够帮助我。这里是代码:为什么不想注册我
<?php
include_once 'db_connect.php';
include_once 'psl-config.php';
$error_msg = "";
if (isset($_POST['username'], $_POST['email'], $_POST['p'])) {
$username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
$email = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL);
$email = filter_var($email, FILTER_VALIDATE_EMAIL);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error_msg .= '<p class="error">The email address you entered is not valid!</p>';
}
$password = filter_input(INPUT_POST, 'p', FILTER_SANITIZE_STRING);
if (strlen($password) != 128) {
$error_msg .= '<p class="error">Invalid password configuration.</p>';
}
$query_username = "SELECT id
FROM members
Where username == '$username'
LIMIT 1";
$available_username = array();
if ($resultUsername = mysqli_query($mysqli, $query_username)) {
if (mysqli_num_rows($resultUsername) > 0) {
$error_msg .= '<p class="error">A user with this username already exists!</p>';
}
}
$query_email = "SELECT id
FROM members
Where email == '$email'
LIMIT 1";
$available_email = array();
if ($resultEmail = mysqli_query($mysqli, $query_email)) {
if (mysqli_num_rows($resultEmail) > 0) {
$error_msg .= '<p class="error">A user with this username already exists!</p>';
}
}
if (empty($error_msg)) {
$ipadress = $_SERVER['REMOTE_ADDR'];
$random_salt = hash('sha512', uniqid(openssl_random_pseudo_bytes(16), TRUE));
$password = hash('sha512', $password . $random_salt);
if (!$tableRowEmail = 1) {
$sqlinsert = "INSERT INTO members (username, email, ipadress, password, salt) VALUES ($username, $email, $ipadress, $password, $random_salt)";
if (!mysqli_query($mysqli, $sqlinsert)) {
header('Location: ../error.php?err=Registration failure: INSERT');
}
}
header('Location: ./register_success.php');
}
}
?>
谢谢大家,做出了改变。但现在它让一切都通过。它不会在我的localhost/phpmyadmin中注册任何东西。有什么想法吗?
也许你的学校应该讲授准备好的语句/绑定变量 –
什么是您的ID检查查询实际返回? – Joe
你也应该使用[password_hash](http://www.php.net/password_hash)来散列你的密码。 – Mike