1

如果存在用户名,我在将注册表单写入 .txt 文件时遇到问题。目前,如果 user.txt 中存在用户名并打印出 false ,我不想写出该文件,如果不存在,则继续并写出 user.txt 文件。

<?php
    if($_POST['submit'])
    {
            $usernameexist =  $_POST['usernameexist'];
            $username = $_POST['username'];
            $password = $_POST['password'];
            $firstname = $_POST['firstname'];
            $lastname = $_POST['lastname'];
            $dob = $_POST['dob'];
            $gender = $_POST['gender'];
            $email = $_POST['email'];
            $address = $_POST['address'];
            $membership = $_POST['membership'];
            $creditcard = $_POST['creditcard'];
            $cardexpiry = $_POST['cardexpiry'];
            $duration = $_POST['duration'];
            $name = "/^[A-Za-z]+$/";
            $emailaddress = "/^\w+([\.-]?\w+)*@\w+([\.-]?\w+)*(\.\w{2,3})+$/";



            $male_status = 'unchecked';
            $female_status = 'unchecked';

            // Server side form validation using php.
            // Validate username field if empty or not.
            if (empty($username)){
                    $err_username = 'Please enter your username.';
            }else{  

                    // Load file and check if username exist
                    $filename = 'user.txt';
                    if (file_exists($filename)){
                        $fp = fopen ('user.txt', 'r'); 
                        while ($line = fgetcsv($fp,100,",")) { 
                            if ( ($line[0] == $_POST['username']) ) { 
                                $usernameexist = "Username Exist!";
                                $err_usernameexist = $usernameexist;
                            } 
                        }
                        fclose ($fp);
                    }
                    else{
                        echo '<p> File does not exist! </p>';
                    }
                    //$val_username = $username;

            }

            // Validate password field if empty or not.
            if (empty($password)){
                $err_password = 'Please enter your password.';
            }else{
                $val_password = $password;
            }

            // First Name
            if (empty($firstname)){
                $err_firstname = 'Please enter your first name.';
            }else{
                $val_firstname = $firstname;
            }

            // Last Name
            if (empty($lastname)){
                $err_lastname = 'Please enter a valid last name.';
            }else{
                $val_lastname = $lastname;
            }

            // Gender
            if (isset($_POST['submit'])){
                $selected_radio = $_POST['gender'];
                if($selected_radio == 'Male') {
                    $male_status = 'checked';
                }else if ($selected_radio == 'Female'){
                    $female_status = 'checked';
                }
            }

            // Email Address
            if (!preg_match($emailaddress, $email)){
                $err_email = 'Please enter a valid email address.';
            }else{
                $val_email = $email;
            }

            if ($_POST['membership'] != 0){
                $err_membership = 'Nothing selected!';
            }else{
                $val_membership = $membership;
                }

            // Credit Card
            if (empty($creditcard)){
                $err_creditcard = 'Field is empty, please try again.';
            }else{
                $val_creditcard = $creditcard;
            }

            // Card Expiry
            if (empty($cardexpiry)){
                $err_cardexpiry = 'Field is empty, please try again.';
            }else{
                $val_cardexpiry = $cardexpiry;
            }

            // Duration
            if (empty($duration)){
                $err_duration = 'Field is empty, please try again.';
            }else{
                $val_duration = $duration;
            }

            if (!empty($username) && !empty($password) && !empty($firstname) 
                                && !empty($lastname) && preg_match($emailaddress, $email)
                                && ($_GET['membership'] != '0') && !empty($creditcard) && !empty($cardexpiry)
                                && !empty($duration)){
                $fp = fopen ('user.txt', 'r+'); 
                while ($line = fgetcsv($fp,100,",")){
                    if($line[0] == $_POST['username']){
                        $usernameexist = "Username Exist!";
                        $err_usernameexist = $usernameexist;
                        echo 'Username EXIST AND WRONG';
                    }
                    else{
                        $output_string = $username. ", "
                        .$password. ", "
                        .$firstname. ", "
                        .$lastname .", "
                        .$dob .", "
                        .$gender .", "
                        .$email .", "
                        .$address .", "
                        .$membership .", "
                        .$creditcard .", "
                        .$cardexpiry .", "
                        .$duration ."\n";

                        $fp = fopen ('user.txt', 'a');
                        fwrite ($fp, $output_string);
                        echo "<p> Your Registration was successful! </p>";
                    }
            }fclose($fp);
            }
            else{
                        echo 'Please re-check your field as field marked with "*" is required';
            }

    }

    ?>

任何帮助都非常感谢,如果我有点新,如果它看起来太令人困惑,请原谅我的问题。

谢谢。

4

1 回答 1

0

请原谅明显的批评,但是您的代码存在很多问题,我认为如果我首先指出一些不良做法会有所帮助:

  1. 不要继续重新分配变量。只需将它们用作 $_POST['whatever'] 将它们复制到其他内存密集型结构中没有任何优势。它混淆而不是澄清您的代码。
  2. 切勿将信用卡详细信息存储在纯文本文件中。
  3. 为什么要使用自定义 CSV 数据结构?这就是数据库在紧要关头为 XML 提供的。
  4. 您两次测试用户名是否存在,都没有在正确的位置解决问题。

对于你的答案:

if (!empty($username) && !empty($password) && !empty($firstname) 
                                && !empty($lastname) && preg_match($emailaddress, $email)
                                && ($_GET['membership'] != '0') && !empty($creditcard) && !empty($cardexpiry)
                                && !empty($duration)){
                $fp = fopen ('user.txt', 'r+'); 
                while ($line = fgetcsv($fp,100,",")){
                    if($line[0] == $_POST['username']){
                        $usernameexist = "Username Exist!";
                        $err_usernameexist = $usernameexist;
                        echo 'Username EXIST AND WRONG';
                    }
                    else{
                        $output_string = $username. ", "
                        etc...

这里似乎是你的问题。它的意思是:“如果数据错误,请检查用户名是否存在,如果存在,请说出来,否则如果数据正确,请将其发布到文件中。[但不要先测试用户名是否存在]

本质上,您正在测试用户名是否存在于错误的位置。

将用户名存在检查移到 else 的另一侧。您甚至可以(冒险地)测试 strlen($err_usernameexist)>0 因为如果用户名存在,这将返回 true。

再一次,这是危险的代码,尽管它在 CSV 文件操作中形成了一个有趣的练习,但它并不适合它似乎是为明显的应用程序类型而设计的。如果用户在他们的数据中加上逗号,它也会中断。

您可以通过创建一个不受逗号影响但不受引号影响的数组来正确使用 fputcsv:

myarray=array($name,$password,$encryptedcreditcard,$etcetc);
fputcsv($fp,$myarray);

但是,您应该将数据保存在 mysql 中,您至少可以 AES_ENCRYPT 您的机密数据。或者,有大量免费发布的 PHP AES 类。Mysql 将快速处理非常大的数据集,而您的数据集会随着时间的推移变得越来越慢......

于 2013-08-08T09:59:58.317 回答