-1

我的注册表中有以下代码,以防止创建多个用户名:

connect_db();
    $check = mysql_query("SELECT username FROM school_users WHERE username = '$username'") or die(mysql_error());
    $check2 = mysql_num_rows($check);

if ($check2 != 0) {
    respond("error", "Sorry, the username ".$_POST['username']." is already in use. Please choose a different username.");}

但是,我还想在同一个语句中检查电子邮件:

    connect_db();
        $check = mysql_query("SELECT username, email FROM school_users WHERE username = '$username' or email = '$email'") or die(mysql_error());
        $check2 = mysql_num_rows($check);

    if ($check2 != 0) {
if (???username???){
        respond("error", "Sorry, the username ".$_POST['username']." is already in use. Please choose a different username.");}}
else if (???email???) {
    respond("error", "Sorry, the username ".$_POST['username']." is already in use. Please choose a different username.");}}
4

3 回答 3

2

你可以尝试这样做:

connect_db();
$check = mysql_query("SELECT 'User' validation
                        FROM school_users 
                       WHERE username = '$username' 
                       UNION ALL
                      SELECT 'Email' 
                        FROM school_users 
                       WHERE email = '$email'") or die(mysql_error());
$row = mysql_fetch_assoc($check);

if($row)
{
    if ($row["validation"] == 'User') {
            respond("error", "Sorry, the username ".$_POST['username']." is already in use. Please choose a different username.");}}
    else if ($row["validation"] == 'Email') {
        respond("error", "Sorry, the email ".$_POST['email']." is already in use. Please choose a different email.");}}
}

或者你可以单独做......

//Validate UserName
connect_db();
$check = mysql_query("SELECT username FROM school_users WHERE username = '$username'") or die(mysql_error());
$check2 = mysql_num_rows($check);

if ($check2 != 0) {
    respond("error", "Sorry, the username ".$_POST['username']." is already in use. Please choose a different username.");}

//Validate Email
connect_db();
$checkEmail = mysql_query("SELECT email FROM school_users WHERE email = '$email'") or die(mysql_error());
$checkEmail2 = mysql_num_rows($check);

if ($checkEmail2 != 0) {
    respond("error", "Sorry, the email ".$_POST['email']." is already in use. Please choose a different email.");}

此外,您的代码容易受到 SQL 注入攻击,并且您正在使用已弃用的 MySQL php 函数。如果您确实想让您的代码变得更好,更不易受到攻击,请查看以下链接:

为什么我不应该在 PHP 中使用 mysql_* 函数?

我可以用什么来代替 mysql_ 函数?

准备好的陈述

使用 MySQLi 准备的语句

于 2013-02-10T18:00:18.767 回答
1

您也可以在一个语句中执行此操作:

SELECT username
FROM school_users
WHERE username = '$username' or  email = '$email'

如果这样做,您需要将消息更改为 user 。. . “您的用户名或电子邮件(或两者)已在使用中”。

要在一个语句中自定义消息,您可以使用聚合:

select (case when max(username = '$username') = 1 and max(email = '$email' = 1
             then 'both'
             when max(username = '$username') = 1
             then 'username'
             when max(email = $email) = 1
             then 'email'
        end) as WherePresent
from school_users
WHERE username = '$username' or  email = '$email'

如果一切正常,这将返回 0 行。否则,它返回一行,其中包含“both”、“username”、“email”之一,指示哪个是重复的。

于 2013-02-10T18:04:18.183 回答
1

原始代码与您可能认为的解决方案相距不远。

$check = mysql_query("SELECT username, email FROM school_users WHERE username = '$username' or email = '$email' LIMIT 1") or die(mysql_error()); //Limit one reduces the time mysql searches the db since it stops on the first occurence
        $check2 = mysql_fetch_assoc($check); //we do not only want to know the count of matching rows, but the values return in email and username field

//trimming makes sure we do not have any spaces at the beginning or end
//strtolower makes sure we set UserName == usERnaME == username etc.pp.
if (strtolower(trim($row['username'])) == strtolower(trim($_POST['username']))){ // check the result
        respond("error", "Sorry, the username ".$_POST['username']." is already in use. Please choose a different username.");}
}
else if (strtolower(trim($row['email'])) == strtolower(trim($_POST['email']))) { // and again for email adress
    respond("error", "Sorry, the email ".$_POST['email']." is already in use. Please choose a different email.");}
}
于 2013-02-10T18:21:26.723 回答