0

我的问题是我有两个对 php 的 ajax 调用以获取注册表单。首先是用户名可用性检查,它工作得非常好,其次是密码检查,它不起作用,数据库和所有三个文件肯定是连接的,但我找不到问题。如果有人知道,谢谢。
这是html:

<div id="registration_form">
    <table>
         <tr>
            <td>Choose Username:</td>
            <td><input type="text" id="username" autofocus="autofocus"  /><span id="username_status"> </span></td>
         </tr>
        <tr>
            <td>Choose Password:</td>
            <td><input type="password" id="password" /> <span  id="password_status"></span></td>
         </tr>
         <tr>
            <td>Confirm Password:</td>
            <td><input type="password" id="confirmpassword" /> <span  id="pconfirm_status"></span></td>
         </tr>
        <tr>
            <td>Email:</td>
            <td><input type="text" id="email" /><span id="email_status"></span></td>
         </tr> 
         <tr>
            <td>Confirm Email:</td>
            <td><input type="text" id="confirmemail" /><span id="econfirm_status"></span></td>
         </tr>
        <tr>
            <td><input type="submit" value="Register" id="submit" />    </td>
         </tr>
    </table>
        <div id="regform_reply"></div>
</div>

这是jQuery:

$('#password').keyup(function()
{
var password = $(this).val();
$('#password_status').text('Searching...');
    if (password != '')
    {
        $.post('php/register.php', { password: password }, function(data)
        {
            $('#password_status').text(data);
        });
    }
    else
    {
        $('#password_status').text('');
    }           
});


$('#username').keyup(function()
{
var username = $(this).val();
$('#username_status').text('Searching...');
    if (username != '')
    {
        $.post('php/register.php', { username: username }, function(data)
        {
            $('#username_status').text(data);
        });
    }
    else
    {
        $('#username_status').text('');
    }           
});

这是php:

<?php
include '../connect/userdb_connect.php';

if (isset($_POST['password']))
{
$password = mysql_real_escape_string($_POST['password']);
if (!empty($password))
{
    if (strlen($password)>25)
    {
        echo 'Too long';
    }
    else if(strlen($password)<6)
    {
        echo 'Too short';
    }
    else
    {
        echo 'Fine';
    }
}   
}

if (isset($_POST['username']))
{
$username = mysql_real_escape_string($_POST['username']);
if (!empty($username))
{
    $check = mysql_query("SELECT `user_name` FROM `userbase` WHERE `user_name`  = '$username'");
    $result = mysql_num_rows($check);

    if ($result == 0 && strlen($username) <25)
    {
        echo 'Available';
    }
    else if($result == 1 && strlen($username) <25)
    {
        echo 'Already taken';
    }
    else
    {
        echo 'Too long';
    }
}           
}
?>
4

2 回答 2

0

您可能想要删除 mysql_real_escape_string,因为您没有将其传递给 mysql。某些转义序列可能会混淆您的比较。

所以$password = mysql_real_escape_string($_POST['password']);

应该只是$password = $_POST['password'];

(并不是说当你将它放入数据库时​​就可以了,但是对于执行 strlen 函数应该没问题)

于 2012-05-09T21:38:34.057 回答
0

我会选择类似的东西:

$('#password').on('keyup', function() {
    //there's no need to do ajax to check input length, just always validate on the server aswell
    var password = this.value;
    if (password != '') {
        $('#password_status').text('Searching...');
        if (password.length>25) {
            $('#password_status').text('Too long');
        }else if (password.length<6) {
            $('#password_status').text('Too short');
        }else{
            $.post('php/register.php', { password: password }, function(data) {
                //do you really need to check this, other then when inserting to DB ?
                $('#password_status').text(data); 
            });
        }
    }else{
        $('#password_status').text('');
    }
});

$('#username').on('keyup', function() {
    var username = this.value;
    if (username != '') {
        $('#username_status').text('Searching...');
        if (username.length>25) {
            $('#username_status').text('Too long'); 
        }else if (username.length<6) {
            $('#username_status').text('Too short'); 
        }else{
            $.post('php/register.php', { username: username }, function(data) {
                $('#username_status').text(data);
            });
    }else{
        $('#username_status').text('');
    }
});

PHP

<?php
    include '../connect/userdb_connect.php';

    if (isset($_POST['password'])) {
        $password = mysql_real_escape_string($_POST['password']);
        if (!empty($password) && strlen($password)<25 && strlen($password)>6) {
            //hash and insert into db
        }else{
            //error
        }
    }else{
       //no POST var
    }

    if (isset($_POST['username'])) {
        $username = mysql_real_escape_string($_POST['username']);
        if (!empty($username) && strlen($username)<25 && strlen($username)>6) {
            $check = mysql_query("SELECT `user_name` FROM `userbase` WHERE `user_name`  = '$username'");
            $result = mysql_num_rows($check);
            if ($result == 0) {
                echo 'Available';
            }else if ($result == 1) {
                echo 'Already taken';
            }
        }else{
            //error
        }
    }else{
       //no POST var
    }
?>
于 2012-05-09T22:47:31.837 回答