-1

我正在制作一个小型用户注册系统,以尝试自学更多 PHP 和 MySQL。到目前为止,我已经到了这一点:

   <?php

    $errormsg ="";
    if (isset($_POST['adduser'])){

    $email = $_POST['email'];
    $pword = $_POST['pword'];
    $pword2 = $_POST['pword2'];

    $email = stripslashes($email);
    $email = strip_tags($email);
    $pword = stripslashes($pword);
    $pword = strip_tags($pword);
    $pword2 = stripslashes($pword2);
    $pword2 = strip_tags($pword2);

    if ($email == "") {
        $errormsg ="Error, You must fill in the email box.";
    }
    else if ($pword == "") {
        $errormsg ="Error, You must fill in the password box.";
    }
    else if ($pword2 == "") {
        $errormsg ="Error, You must fill in the repeat password box.";
    }
    else if ($pword != $pword2) {
        $errormsg ="Error, Your passwords don't match!";
    }
    else {
        $errormsg = "Success!";
    }
}
?>

这个回显目前已经成功,我计划在完成后将数据添加到数据库中。

如何检查电子邮件是否有效?(例如是“example@example.com”而不仅仅是“rgaegegegege”)

使用带斜杠和标签的安全性如何?我还能做些什么来降低它的破解能力?

谢谢你的帮助!

4

2 回答 2

4

这些filter_var()函数是验证电子邮件、网址等的最简单方法之一。

要验证电子邮件,您可以执行以下操作:

if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === true) {
   // valid
}else {
   echo "Email is NOT valid!";
}
于 2013-05-25T15:56:36.757 回答
0

你可以试试这样

<?php
$email = $_POST['email'];

if(!preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$/i", $email)){
      echo 'email is Invalid';

     }
   else {
    echo 'email is correct ';
     }
?>
于 2013-05-25T16:15:50.820 回答