0

我正在用 PHP 编写条件来检查是否使用了某些用户凭据,并且正在使用if....elseif....else条件方法来执行此操作。在每个语句中,如果该语句为真,我将定义一个变量的值。无论如何,该else值始终被使用。

另外,如果你想要布朗尼点,这会更容易做一个switch声明吗?

$username = $_POST['username'];
$password = strong_crypt($_POST['password'] . $username );
$name = $_POST['name'];
$email = $_POST['email'];

while($row = mysqli_fetch_array($query))
{
    $allEmails = $row['email'];
    $allUnames = $row['uname'];
}

if($allEmails === $email)
{
    $message = "That email already exists. You can only have one account per email address.";
}
elseif($allUnames === $username)
{
    $message = "That username has already been taken. Please choose a different one.";
}
elseif($username === null || $email === null || $password === null || $name === null) 
{
    $message = "Please fill out all fields to register";
}
else
{
    mysqli_query($conn, "INSERT INTO login (name, uname, pword, email, lat, lon, it) VALUES ('$name', '$username', '$password', '$email', '$lat', '$lon', '$it')");
    $message = "goodtogo";
}
4

4 回答 4

1

这里的问题似乎是您在 while 循环之外进行检查,以便始终针对查询的最后一行中的值进行检查。也许这段代码更符合您的目标?

$username = $_POST['username'];
$password = strong_crypt($_POST['password'] . $username );
$name = $_POST['name'];
$email = $_POST['email'];
$message = '';

if($username === null || $email === null || $password === null || $name === null) 
{
    $message = "Please fill out all fields to register";
}
else
{
    while($row = mysqli_fetch_array($query))
    {
        $allEmails = $row['email'];
        $allUnames = $row['uname'];

        if($allEmails === $email)
        {
            $message = "That email already exists. You can only have one account per email address.";
            break;
        }
        else if($allUnames === $username)
        {
            $message = "That username has already been taken. Please choose a different one.";
            break;
        }
    }
}
if (!$message)
{
    mysqli_query($conn, "INSERT INTO login (name, uname, pword, email, lat, lon, it) VALUES ('$name', '$username', '$password', '$email', '$lat', '$lon', '$it')");
    $message = "goodtogo";
}
于 2013-06-26T15:20:58.640 回答
0

如果查询每行只选择 1 封电子邮件,那么您的代码应该看起来更像这样吗?:

 $username = $_POST['username'];
 $password = strong_crypt($_POST['password'] . $username );
 $name = $_POST['name'];
 $email = $_POST['email'];
 $taken=false;
 $invalid=false;
 while($row = mysqli_fetch_array($query))
   {
       $singleEmail = $row['email'];
       $singleUname = $row['uname'];


   if($singleEmail== $email)
   {
      $message = "That email already exists. You can only have one account per email   
       address.";
       $taken=true;
    }
    else if($singleUname== $username)
   {
       $message = "That username has already been taken. Please choose a different 
        one.";
      $taken=true;
   }
   else if($username == null || $email == null || $password == null || $name == null) 
   {
      $message = "Please fill out all fields to register";
      $invalid=true;
   }

}//end while

if (!$taken && !$invalid){

     mysqli_query($conn, "INSERT INTO login (name, uname, pword, email, lat, lon, it) 
     VALUES ('$name', '$username', '$password', '$email', '$lat', '$lon', '$it')");
      $message = "goodtogo";

}

这将使整个事情处于一个循环中。一次检查 1 封电子邮件。

否则,您可以查询数据库以返回所有电子邮件,将它们放入数组中,然后将输入的电子邮件与数组进行比较。例如

 $allEmails() //assume array populated from db

 if(in_array($email, $allEmails)){ //then it already exists
于 2013-06-26T15:24:56.730 回答
0

你应该改变你的查询行如下

$query = "SELECT * FROM users WHERE `email`='{$email}'"; 
$isEmail = mysql_num_rows(mysql_query($query));
if($isEmail>0) $message = "That email already exists. You can only have one account per email address.";
$query = "SELECT * FROM users WHERE `uname`='{$name}'";
$isUser = mysql_num_rows(mysql_query($query));
if($isUser>0) $message = "That username has already been taken. Please choose a different one.";
于 2013-06-26T15:24:59.990 回答
0

变量$allEmails$allUnames包含数据库最后返回的条目的值。我建议您将 SQL 查询更改为:

SELECT * FROM `users` where `email` = '$email'


SELECT * FROM `users` where `uname` = '$username'

或使用数组:

$allEmails = array();
$allUnames = array();
while($row = mysqli_fetch_array($query))
{
    $allEmails[] = $row['email'];
    $allUnames[] = $row['uname'];
}

并使用该in_array()函数检查输入的值是否在该数组中。

此外,您的查询容易受到SQL 注入的攻击。

于 2013-06-26T15:25:00.130 回答