我似乎无法确定如何检查电子邮件是否存在于我的数据库中。目前用户使用他们的电子邮件地址用密码登录我的网站,但目前用户可以使用相同的电子邮件地址注册多次,这在我的网站上造成了很大的问题。已经做了一些研究,但似乎无法解决问题。如何检查电子邮件地址是否存在。验证
任何人都可以帮助我吗?
<?php
if(isset($_POST['add']))
{
$dbhost = 'localhost';
$dbuser = 'user';
$dbpass = 'pass';
$db = "db";
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn)
{
die('Could not send your enquiry at this time please try again later.');
}
$phone = mysql_real_escape_string((string)$_POST['phone']);
$email = mysql_real_escape_string((string)$_POST['email']);
$password = mysql_real_escape_string((string)$_POST['password']);
$firstname = mysql_real_escape_string((string)$_POST['firstname']);
$surname = mysql_real_escape_string((string)$_POST['surname']);
$country = mysql_real_escape_string((string)$_POST['country']);
$nationality = mysql_real_escape_string((string)$_POST['nationality']);
$yearofbirth = mysql_real_escape_string((string)$_POST['yearofbirth']);
$profession = mysql_real_escape_string((string)$_POST['profession']);
$status = mysql_real_escape_string((string)$_POST['status']);
$membertype = 'Registered';
$dateregistered = mysql_real_escape_string((string)$_POST['dateregistered']);
$agreedtoterms = mysql_real_escape_string((string)$_POST['agreedtoterms']);
$sql = "INSERT INTO members
(phone, email, password, firstname, surname, country, nationality, yearofbirth, profession, uniquepin, status, membertype, dateregistered, agreedtoterms)
VALUES('$phone', '$email', '$password', '$firstname','$surname','$country','$nationality','$yearofbirth','$profession','$uniquepin','$status','$membertype','$dateregistered', '$agreedtoterms')";
mysql_select_db($db);
$retval = mysql_query($sql, $conn)or die(mysql_error());
?>
第一ü可以使这个领域在你的数据库表独树一帜,以确保邮件不存在一个以上的时间,像http://stackoverflow.com/questions/5038040/mysql-make-a-field-unique – 2011-05-22 10:17:31
那些你真正的连接细节?最好避免使用真实值。 – alex 2011-05-22 10:20:33
用户输入始终是PHP中的字符串,因此不需要全部投射。 – alex 2011-05-22 10:21:26