我想为类的项目测试一个简单的用户帐户注册页面,并且我正在尝试创建一个检查,通知用户他们的电子邮件是否已经在数据库中,因此不会再添加到它。这是我的PHP代码。如何检查用户是否已经存在于SQL数据库中?
<?php
$collegeid = mysql_real_escape_string('1');
$email = mysql_real_escape_string('[email protected]');
$password = mysql_real_escape_string(md5('test1'));
$name = mysql_real_escape_string('Test Test');
$bday = mysql_real_escape_string('1900-01-01');
$class = mysql_real_escape_string('Freshman');
//echo "<p>Test</p>";
$servername = "localhost";
$username = redacted;
$serverpassword = redacted;
$dbname = redacted;
$conn = new mysqli($servername, $username, $serverpassword, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$checkquery = "SELECT * FROM Student WHERE Email = '$email'";
$insertquery = "INSERT INTO Student (CollegeID, Name, Birthday, Email, Classification, Password) VALUES ('$collegeid', '$name', '$bday', '$email', '$class', '$password')";
if (mysql_num_rows($conn->query($checkquery)) > 0)
{
echo "Error: Email already in use";
}
else
{
$conn->query($insertquery);
echo "Account Created.";
}
?>
但是,无论用户是否在数据库中,它总是会告诉我帐号已创建。
确定查询成功,你通常会检查为好。 – adeneo
请[停止使用'mysql_ *'函数](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php)。他们不再被维护,并[正式弃用](https://wiki.php.net/rfc/mysql_deprecation)。了解[准备的陈述](http://en.wikipedia.org/wiki/Prepared_statement),并使用[PDO](http://jayblanchard.net/demystifying_php_pdo.html)。 –
你的代码是怎么回事?你用mysql_设置的转义字符串,使用mysql_num_rows函数,但使用mysqli?它到处都是。使用mysqli准备的语句和适当的mysqli函数。 – Devon