我正在尝试完成用户在我的网站上的注册过程。带有激活链接的确认电子邮件正确发送。但是,当我单击激活链接时,我只能得到结果“错误,看起来您正在尝试做一些不寻常的事情。请联系我们”,当人们试图搞砸时,这应该是保留的结果等。我编写的 SQL 查询旨在将已注册信息但尚未激活其帐户的人从“tempusers”表转移到“users”表。一旦他们单击电子邮件中的链接,就会发生这种情况。我看不出我的逻辑哪里错了,为什么当'tempusers'表中有注册用户时,这条记录没有被拾取。这是我的activation.php 代码。
<?php
include("includes/connect.php");
if(isset($_GET['email']) && preg_match(
'/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/', $_GET['email'])){
$email = mysql_real_escape_string($_GET['email']);
}
if(isset($_GET['key']) && (strlen($_GET['key'])==32)){
$key = mysql_real_escape_string($_GET['key']);
}
if(isset($email) && isset($key)){
$result = mysql_query(" SELECT * FROM tempusers WHERE (email='$email' AND activation='$key') LIMIT 1 ")
or die(mysql_error());
while($row = mysql_fetch_array($result)){
$user_id = mysql_real_escape_string($row['user_id']);
$username = mysql_real_escape_string($row['username']);
$email = mysql_real_escape_string($row['email']);
$password = mysql_real_escape_string($row['password']);
}
$result1 = mysql_query(" INSERT INTO users (user_id,username,email,password,role,credits)
VALUES ('','$username','$email','$password','user',0)") or die(mysql_error());
$result2 = mysql_query(" DELETE FROM tempusers WHERE user_id='$user_id' ") or die(mysql_error());
if(!$result1){
echo "Oops your account could not be activated, please contact the system admin team!";
}else{
header( 'Location:prompt.php?x=0' );
}
}else{
echo "Error, looks like you were trying to do something out of the ordinary. Please contact us";
}
?>