-1

我尝试了很多使此代码适用于我的 registration.php 页面,我只想检查电子邮件和用户名是否已在我的数据库中注册。我尝试只检查用户名,它工作正常,但现在我还想检查电子邮件是否已注册。对此的任何帮助将不胜感激。下面是我的registration.php的代码,希望有人帮忙!谢谢!

<?php

/*
Our "config.inc.php" file connects to database every time we include or require
it within a php script.  Since we want this script to add a new user to our db,
we will be talking with our database, and therefore,
let's require the connection to happen:
*/
require("config.inc.php");

//if posted data is not empty
if (!empty($_POST)) {
//If the username or password is empty when the user submits
//the form, the page will die.
//Using die isn't a very good practice, you may want to look into
//displaying an error message within the form instead.  
//We could also do front-end form validation from within our Android App,
//but it is good to have a have the back-end code do a double check.
if (empty($_POST['username']) || empty($_POST['password']) || empty($_POST['FullName']) || empty($_POST['emailadd'])) {


    // Create some data that will be the JSON response 
    $response["success"] = 0;
    $response["message"] = "Please fill in all the fields!";

    //die will kill the page and not execute any code below, it will also
    //display the parameter... in this case the JSON data our Android
    //app will parse
    die(json_encode($response));
}

//if the page hasn't died, we will check with our database to see if there is
//already a user with the username specificed in the form.  ":user" is just
//a blank variable that we will change before we execute the query.  We
//do it this way to increase security, and defend against sql injections
$query        = " SELECT 1 FROM users WHERE username = :user , eadd = :email";
//now lets update what :user should be
$query_params = array(
    ':user' => $_POST['username'],
    ':email' => $_POST['eadd']
);

//Now let's make run the query:
try {
    // These two statements run the query against your database table. 
    $stmt   = $db->prepare($query);
    $result = $stmt->execute($query_params);
}
catch (PDOException $ex) {
    // For testing, you could use a die and message. 
    //die("Failed to run query: " . $ex->getMessage());

    //or just use this use this one to product JSON data:
    $response["success"] = 0;
    $response["message"] = "Database Error1. Please Try Again!";
    die(json_encode($response));
}

//fetch is an array of returned data.  If any data is returned,
//we know that the username is already in use, so we murder our
//page
$row = $stmt->fetch();
if ($row) {
    // For testing, you could use a die and message. 
    //die("The username is already in use! Try a different username!");

    //You could comment out the above die and use this one:
    $response["success"] = 0;
    $response["message"] = "The username is already in use! Try a different username!";
    die(json_encode($response));
}

//If we have made it here without dying, then we are in the clear to 
//create a new user.  Let's setup our new query to create a user.  
//Again, to protect against sql injects, user tokens such as :user and :pass
$query = "INSERT INTO users ( username, password, FullName, eadd ) VALUES ( :user, :pass, :fulnme, :email )";

//Again, we need to update our tokens with the actual data:
$query_params = array(
    ':user' => $_POST['username'],
    ':pass' => $_POST['password'],
    ':fulnme' => $_POST['FullName'],
    ':email' => $_POST['eadd']
    );

//time to run our query, and create the user
try {
    $stmt   = $db->prepare($query);
    $result = $stmt->execute($query_params);
}

catch (PDOException $ex) {
    // For testing, you could use a die and message. 
    //die("Failed to run query: " . $ex->getMessage());

    //or just use this use this one:
    $response["success"] = 0;
    $response["message"] = "Database Error2. Please Try Again!";
    die(json_encode($response));
}

//If we have made it this far without dying, we have successfully added
//a new user to our database.  We could do a few things here, such as 
//redirect to the login page.  Instead we are going to echo out some
//json data that will be read by the Android application, which will login
//the user (or redirect to a different activity, I'm not sure yet..)
$response["success"] = 1;
$response["message"] = "Registration was successful!";
echo json_encode($response);

//for a php webservice you could do a simple redirect and die.
//header("Location: login.php"); 
//die("Redirecting to login.php");


} else {
?>
<h1>Register</h1> 
<form action="register.php" method="post"> 
    Full Name<br /> 
    <input type="text" name="Name" value="" /> 
    <br /><br /> 
    Email Address<br /> 
    <input type="text" name="eadd" value="" /> 
    <br /><br /> 
    Username:<br /> 
    <input type="text" name="username" value="" /> 
    <br /><br /> 
    Password:<br /> 
    <input type="password" name="password" value="" /> 
    <br /><br /> 
            <input type="submit" value="Register" /> 
</form>
<?php
}

?>
4

3 回答 3

1

在您显示的代码中,检查您的数据库中是否有人具有相同的用户名和相同的电子邮件,

例子:

你在数据库中

toto, toto@gmail.com
toto2, toto2@gmail.com

与您的测试有人注册

toto,toto2@gmail.com

您的测试找不到任何人,因为没有人需要 toto 和 toto2@gmail.com 的电子邮件地址,

您需要制作 2 个单独的 stmt,一个用于用户名,一个用于电子邮件地址

于 2013-07-23T11:30:06.827 回答
0

我认为您的问题在于您的查询:

$query        = " SELECT 1 FROM users WHERE username = :user , eadd = :email";

什么是SELECT 1!?!?!也许SELECT *你需要使用AND

$query        = " SELECT * FROM users WHERE username = :user AND eadd = :email";
于 2013-07-23T11:32:21.867 回答
-2

创建一个这样的函数。这用于检查电子邮件是否已存在于服务器中。

 功能用户存在($用户名){
$username = sanitize($username);
$query = mysql_query("SELECT * FROM `users` WHERE `user_name` = '$username'");
返回 (mysql_result($query,0) >= 1) ?真假;

然后创建一个 If 嵌套循环来查看用户名是真还是假。对电子邮件重复相同的操作。干杯...

于 2013-07-23T11:26:27.877 回答