我根据从 PHP 书籍中学到的点点滴滴创建了一个注册脚本。不幸的是,在本地主机上测试时(提交测试注册页面后),它会在浏览器中显示 PHP 脚本的来源。有什么我做错了吗?有谁知道任何开源注册脚本?
谢谢
<?php
$submitted = $_POST["submitted"];
if ($submitted == 'yes') {
$firstName = mysql_real_escape_string($_POST["firstName"]);
$lastName = mysql_real_escape_string($_POST["lastName"]);
$eMail = mysql_real_escape_string($_POST["eMail"]);
$password = mysql_real_escape_string($_POST["password"]);
$confirmPassword = mysql_real_escape_string($_POST["confirmPassword"]);
// Kill script if input fields are blank
if ($firstName == '' or $lastName == '' or $eMail == '' or $password == '' or $confirmPassword == '') {
die();
}
// Check if passwords match
if ($password != $confirmPassword) {
die();
}
// Check if password is appropriat length
$passwordLength = strlen($password);
if ($passwordLength < 6 or $passwordLength > 30) {
die();
}
//////////////////////////
// Insert into database //
//////////////////////////
// Signup time in Unix Epoch
$time = time();
// Human readable date
$date = date("F jS, Y g:i:s A");
$sql = "INSERT into userInfo (firstName, lastName, password, eMail, time, date) VALUES ('$firstName', '$lastName', '$password', '$eMail', '$time', '$date')";
$sqlserver = "localhost";
$sqluser = "xxxxxx";
$sqlpassword = "xxxxxx";
mysql_connect($sqlserver, $sqluser, $sqlpassword) or die(mysql_error());
mysql_select_db("store");
// Check database if username already exists
$newEmail = $eMail;
$checkUsername = mysql_query("SELECT eMail FROM userinfo WHERE eMail = '$newEmail'");
$numRows = mysql_num_rows($checkUsername);
if ($numRows > 0) {
die();
}
mysql_query($sql) or die(mysql_error());
mysql_close();
header("Location: http://store.viddir.com/login/");
exit;
} else {
die();
}
?>