-1

我的问题不是电子邮件发送成功,而是我网站上的确认页面。电子邮件已经发送给用户,但是当他们单击链接以激活他们的密码时,它会将他们带到一个确认页面,它应该确认激活并注册他们,但它根本没有做任何事情。它只是显示一个空白页面,我什至检查了数据库,没有任何改变。我需要任何帮助,我也有下面的代码。任何帮助都会很棒。

<?php

include('sqlconfig.php');

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB"); 

/* Confirmation Code */
$passkey=$_GET['passkey'];
$tbl_name1="temp_users";

/*retrieve data */
$sql1="SELECT * FROM temp_users WHERE confirm='$passkey'";
$result1=mysql_query($sql1);

if($result1){
$count=mysql_num_rows($result1);

/*Fetch The data From the table */
if($count==1){
$rows=mysql_fetch_array($result1);
$Email=$rows['email'];
$First_Name=$rows['FirstN'];
$Last_name=$rows['LastN'];
$password=$rows['password']; 
$phone=$rows['phone'];
$tbl_name2="users";

/*Insert data into new users table */
$sql2="INSERT INTO $tbl_name2(First Name, Last Name, Email, Password, phone)VALUES('$First_Name', '$Last_name', '$Email', '$password', '$phone')";
$result2=mysql_query($sql2);
}

/*If passkey is not found*/
else {
echo "Wrong Confirmation code";
}

/*If activation successful, show, and delete old data from temp table*/
if($result2){

echo "Your account has been activated";

// Delete information of this user from table "temp_members_db" that has this passkey 
$sql3="DELETE FROM $tbl_name1 WHERE confirm_code = '$passkey'";
$result3=mysql_query($sql3);

}


}
?>
4

2 回答 2

1

未经测试,它当然需要一些修改,但是:

<?php

include('sqlconfig.php');

//Connect to Database
$mysqli = new mysqli($hostname, $username, $password, $databasename);
//PHP > 5.3.0
if ($mysqli->connect_error) {
    die('Connect Error (' . $mysqli->connect_errno . ') '
            . $mysqli->connect_error);
}

/* Confirmation Code */
$passkey = $_GET['passkey'];
$tbl_name1 = "temp_users";


/* create a prepared statement */
if ($stmt = $mysqli->prepare("SELECT * FROM temp_users WHERE confirm=?")) {

    $stmt->bind_param("s", $passkey);
    $result = $stmt->get_result();

    $rows = $result->fetch_assoc();

    $stmt->close();

    $Email = $rows['email'];
    $First_Name = $rows['FirstN'];
    $Last_name = $rows['LastN'];
    $password = $rows['password'];
    $phone = $rows['phone'];
    $tbl_name2 = "users";

    /* Create table doesn't return a resultset */
    if ($mysqli->query("INSERT INTO $tbl_name2(First Name, Last Name, Email, Password, phone)VALUES('$First_Name', '$Last_name', '$Email', '$password', '$phone')") === TRUE) {
        echo "Your account has been activated";

        if ($stmt = $mysqli->prepare("DELETE FROM $tbl_name1 WHERE confirm_code = ?")) {
            $stmt->bind_param("s", $passkey);
            $stmt->execute();
            $stmt->close();
        }
    }
    else {
        echo "Wrong Confirmation code";
    }
}

$_GET['passkey']注意:在选择查询中使用的值时,我们使用它bind_param来避免 SQL 注入。

强烈推荐阅读这个: http: //php.net/manual/en/faq.databases.php#faq.databases.mysql.deprecated

于 2012-12-15T05:21:26.697 回答
0

试试这个。

if($passkey == NULL) //检查passkey是否为null,这可能是黑屏的原因

{ echo "页面上的无效操作"; // 一些错误信息 }

否则 { $flag = FALSE; // 在脚本开头的某个地方启动

    /*retrieve data */
    $sql1="SELECT * FROM temp_users WHERE confirm='$passkey'";

    $result1=mysql_query($sql1);

    if(mysql_num_rows($result1))
        {
        $rows=mysql_fetch_array($result1);
        $Email=$rows['email'];
        $First_Name=$rows['FirstN'];
        $Last_name=$rows['LastN'];
        $password=$rows['password']; 
        $phone=$rows['phone'];
        $tbl_name2="users";

        /*Insert data into new users table */
        $sql2="INSERT INTO $tbl_name2(First Name, Last Name, Email, Password, phone)VALUES('$First_Name', '$Last_name', '$Email', '$password', '$phone')";
        if(mysql_query($sql2))
            {
            $flag = TRUE;
            }

        }
    /*If passkey is not found*/
    else 
        {
        echo "Wrong Confirmation code";
        }

    /*If activation successful, show, and delete old data from temp table*/
    if($flag)
        {
        echo "Your account has been activated";
        // Delete information of this user from table "temp_members_db" that has this passkey 
        $sql3="DELETE FROM $tbl_name1 WHERE confirm_code = '$passkey'";
        $result3=mysql_query($sql3);
        }

}

首先,代码将检查查询是否有任何结果,如果是,则它会获取数据并插入到 table2 中。

引入了一个新的变量标志来检查是否执行了查询2,如果是,则执行查询3。

编辑:首先检查传入的密码是否包含某些值,如果没有则显示错误,否则执行其余代码

于 2012-12-15T05:33:33.570 回答