1. 首页
  2. 问答
  3. 为什么不想注册我

为什么不想注册我

2014-01-07 81 views
0

为学校assingment我必须做一个投资组合。这必须包含一个工作登录和注册系统。我知道它将在哪里登录人,但只有在手动输入数据库中的数据。但现在,当我尝试让人们注册他们自己它只是不断给我的错误,用户名和电子邮件已经存在,什么是不正确的,在大多数情况下。我希望你们能够帮助我。这里是代码:为什么不想注册我

<?php 
include_once 'db_connect.php'; 
include_once 'psl-config.php'; 

$error_msg = ""; 

if (isset($_POST['username'], $_POST['email'], $_POST['p'])) { 
    $username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING); 
    $email = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL); 
    $email = filter_var($email, FILTER_VALIDATE_EMAIL); 
    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { 
     $error_msg .= '<p class="error">The email address you entered is not valid!</p>'; 
    } 
    $password = filter_input(INPUT_POST, 'p', FILTER_SANITIZE_STRING); 
    if (strlen($password) != 128) { 
     $error_msg .= '<p class="error">Invalid password configuration.</p>'; 
    } 
    $query_username = "SELECT id 
    FROM members 
    Where username == '$username' 
    LIMIT 1"; 
    $available_username = array(); 
    if ($resultUsername = mysqli_query($mysqli, $query_username)) { 
     if (mysqli_num_rows($resultUsername) > 0) { 
      $error_msg .= '<p class="error">A user with this username already exists!</p>'; 
     } 
    } 
    $query_email = "SELECT id 
    FROM members 
    Where email == '$email' 
    LIMIT 1"; 
    $available_email = array(); 
    if ($resultEmail = mysqli_query($mysqli, $query_email)) { 
     if (mysqli_num_rows($resultEmail) > 0) { 
      $error_msg .= '<p class="error">A user with this username already exists!</p>'; 
     } 
    } 
    if (empty($error_msg)) { 
     $ipadress = $_SERVER['REMOTE_ADDR']; 
     $random_salt = hash('sha512', uniqid(openssl_random_pseudo_bytes(16), TRUE)); 
     $password = hash('sha512', $password . $random_salt); 
     if (!$tableRowEmail = 1) { 
      $sqlinsert = "INSERT INTO members (username, email, ipadress, password, salt) VALUES ($username, $email, $ipadress, $password, $random_salt)"; 
      if (!mysqli_query($mysqli, $sqlinsert)) { 
       header('Location: ../error.php?err=Registration failure: INSERT'); 
      } 
     } 
     header('Location: ./register_success.php'); 
    } 
} 
?>

谢谢大家,做出了改变。但现在它让一切都通过。它不会在我的localhost/phpmyadmin中注册任何东西。有什么想法吗?

来源

2014-01-07 Justin Veenis

+1

也许你的学校应该讲授准备好的语句/绑定变量 –

+0

什么是您的ID检查查询实际返回? – Joe

+0

你也应该使用[password_hash](http://www.php.net/password_hash)来散列你的密码。 – Mike

回答

3

您使用的是单等于而非双重该行:

$tableRowUsername == 1

另外,你应该算作中行的SQL结果的数量,而不是只检查通过检查,这是一个返回一行等于1

来源

2014-01-07 00:22:13 Scopey

+0

谢谢,我完全错过了。谢谢 –

+2

实际上,整个脚本在if语句中分配变量。 – Scopey

0 
if ($tableRowUsername == 1) { //Correct it 
     $error_msg .= '<p class="error">A user with this username already exists!</p>'; 
    }

和所有其他if(=) with if(==)

它被分配的值。不是在比较IT

来源

2014-01-07 00:23:53 Rahul

0

这将是更好的做法,使这个:

if ($resultUsername = mysqli_query($mysqli, $query_username)) { 
    while ($tableRowUsername = mysqli_fetch_assoc($resultUsername)) { 
     $available_username[] = $tableRowUsername; 
    } 
    if ($tableRowUsername == 1) { 
     $error_msg .= '<p class="error">A user with this username already exists!</p>'; 
    } 
}

到:

if ($resultUsername = mysqli_query($mysqli, $query_username)) { 
    if (mysqli_num_rows($resultUsername) > 0) { 
     $error_msg .= '<p class="error">A user with this username already exists!</p>'; 
    } 
}

来源

2014-01-07 00:25:19

相关问题

 相关问题