0

我得到了我的注册页面,但是当按下提交按钮时,它没有进行应有的检查。相反,由于某种奇怪的原因,它会全部丢失,并返回没有错误文本的页面。

<?php
require "PasswordHash.php";
require "header.php";
require "globe.php";


echo "<body>
<div class='container'>";
echo "<div class='centered'>
      <ul id='nav'>
       <li><a href='login.php'>Home </a></li>
       <li><a href='register.php'>Register</a></li>
       <li><a href='forgotpassword.php'>Forgot Password</a></li>
       <li><a href='contact.php'>Contact</a></li>
       <li><a href='t&c.php'>Terms and Conditions</a></li>
      </ul>";
echo"
<img src='banner1.jpg' width='800px' height='200px' />

 <div class='regban'>
   <img src='outsideimage/registertop.png' width='800px' height='40px' />
 </div>



<div class='registertext'>
Registiring to Zone Wars allows you to be that one step closer to being part of our fantastic community! Simply register for free and with our quick registration form you will be playing very soon! <br />
<font color='red'><i>Please note registration is not currently taking place due to large maintenance. We are sorry for any inconvenience this may have caused. </i></font>";
$regsec = htmlentities($_SERVER['PHP_SELF']);

if (isset($_POST['register'])) 
{ 
    $user = trim($_POST['user']);
    $pass1 = $_POST['pass1'];
    $pass2 = $_POST['pass2'];
    $email = trim($_POST['email']);
    $email2 = $_POST['email2'];
    $gender = $_POST['gender'];
    $error_string = '';
    require_once('recaptchalib.php');
    $privatekey = "HIDDEN AS ITS PRIVATE";
    $resp = recaptcha_check_answer ($privatekey,
                                    $_SERVER["REMOTE_ADDR"],
                                    $_POST["recaptcha_challenge_field"],
                                    $_POST["recaptcha_response_field"]);

    $hasher = new PasswordHash(8, false);
    $hash_cost_log2 = 8;
    $hash_portable = FALSE;
    $hasher = new PasswordHash($hash_cost_log2, $hash_portable);




    function isValidEmail($email = '')
    {
    return preg_match("/^[\d\w\/+!=#|$?%{^&}*`'~-][\d\w\/\.+!=#|$?%{^&}*`'~-]*@[A-Z0-9][A-Z0-9.-]{1,61}[A-Z0-9]\.[A-Z]{2,6}$/ix",$email);
    }

    $userrow = mysqli_query($mysqli, "SELECT * FROM Persons WHERE username = '" . mysqli_real_escape_string($mysqli, $user) . "'");
    $row_cnt = mysqli_num_rows($userrow);

    $emailrow = mysqli_query($mysqli, "SELECT * FROM Persons WHERE email = '" . mysqli_real_escape_string($mysqli, $email) . "'");
    $row_cnt1 = mysqli_num_rows($emailrow);


     if (!$resp->is_valid) {
                  $error_string .= '<center>The reCAPTCHA wasnt entered correctly. Go back and try it again.</center><br />';
        }
    else if ($user == '') {
    $error_string .= '<center>You left the Username field blank!.</center><br />';
    }
    else if (strlen($user) < 4) {
    $error_string .= '<center>Your Username must be at least 4 characters long.</center><br />';
    }
    else if (strlen($user) > 8) {
    $error_string .= '<center>You Username cannot be longer then 8 characters.</center><br />';
    }
    else if ( !preg_match("/^[a-z]+[\w.-]*$/i", $user) ) {
    $error_string .='<center>Your username may only contain letters, numbers, dots, underscores, hyphen and start with a letter</center>';
    }
    else if ($row_cnt != 0) {
    $error_string .= '<center>Your Username exists</center><br />';
    }
    else if ($pass1 == '')
    {
    $error_string .='<center>You left the password field blank.<br /></center>';
    }
    else if ($pass2 == '') {
    $error_string .='<center>You left the confirmation password blank<br /></center>';
    }
    else if ($pass1 != $pass2) {
    $error_string .='<center>Your password and confirmation password do not match<br /></center>';
    }
    else if(strlen($pass1) > 72) {
    $error_string .='<center>Your password cannot be longer then 72 characters<br /></center>';
    }
    else if ($email == '') {
    $error_string .='<center>You left the email field blank!.<br /></center>';
    }
    else if ($email != $email2) {
    $error_string .='<center>Your email and confirmation email did not match.<br /></center>';
    }
    else if (!isValidEmail($email)) {
    $error_string .= '<center>Please enter a valid email address.<br></center>';
    }
    else if ($row_cnt1 != 0) {
    $error_string .= '<center>Your email address exists</center><br />';
    }
    else {

        if ($error_string != '') {
            echo "<font color=red> '$error_string' </font><br /><center> Please go back and fix the errors <a href=register.php>here</a></center>";
        }
        else {
        $hash = $hasher->HashPassword($pass1);
        get_post_var($user);
        get_post_var($email);
        $euser = mysqli_real_escape_string($mysqli, $user);
        $eemail = mysqli_real_escape_string($mysqli, $email);


            if (strlen($hash) >= 20) {
         mysqli_query($mysqli, "INSERT INTO Persons (Username, Password, Email, Gender) VALUES ('$euser', '$hash', '$eemail', '$gender')");
         echo "You have signed up to the game! Please login <a href='login.php'here</a>. ";
            }
            else
            {
            echo "<center>A fatal error occured. Please contact the Admin board</center><br />";
        }
        }
             }
}
else
{ 

    echo "
    <form action='$regsec' method='POST'>
    <table align='center' border='0'>
    <tr><td align='right'>Username:</td><td><input type='text' name='user'  /></td></tr>
    <tr><td align='right'>Password:</td><td><input type='password' name='pass1' /></td></tr>
    <tr><td align='right'>Confirm Password:</td><td><input type='password' name='pass2' /></td></tr>
    <tr><td align='right'>Email Address:</td><td><input type='text' name='email' /></td></tr>
    <tr><td align='right'>Confirm Email Address:</td><td><input type='text' name='email2' /></td></tr>
    <tr><td align='right'>Gender:</td><td><select name='gender'><option value='Male'>Male</option><option value='Female'>Female</option></select></td></tr>
    <tr><td colspan='2'><center>";
    require_once('recaptchalib.php');
    $publickey = "HIDDEN AS ITS PRIVATE"; // you got this from the signup page
    echo recaptcha_get_html($publickey);
    echo "</center></td><td></td></tr>
    <tr><td colspan='2'><center>By registring you have read and agreed our <a href='t&c.php'>Terms and Conditions</a></center></td><td></td></tr>
    <tr><td colspan='2'><center><input type='submit' name='register' value='register'></center></td><td></td></tr>
    </table></form>";
}
echo "</div>

<img src='outsideimage/registerbott.png' width='800px' height='20px' />
</div>";



echo "&nbsp;<br />
<div class='image'>
  <img alt='' src='outsideimage/bottom.png' />
  <div class='text'>
    <small>Copyright &copy; 2012  All Rights Reserved.</small>
  </div>
  <div class='text1'>
    <small>";
date_default_timezone_set('Europe/London');
echo date('l jS \of F Y h:i:s A');
echo "</small>
  </div>
</div>
</body>";
?>
4

1 回答 1

0

您没有收到任何错误消息,因为您没有将其打印出来。您将错误消息分配给变量 $error_string,但代码中没有将其打印出来的地方。尝试在最后一个 else 语句之后添加一个 echo。

if (!$resp->is_valid) {
  ...
}
else if ($user == '') {
  ...
}
else if (strlen($user) < 4) {
  ...
}
...
else {
  ...
}
echo $error_string;

此外,您的验证中的最后一个 else 似乎是不必要的,因为您正在检查 $error_string 是否为空。

于 2012-11-30T20:30:07.017 回答