2

我有注册表单,我希望用户必须激活他们的电子邮件,一旦用户激活他们,然后用户可以登录他们的帐户,否则用户不能登录?

问题

问题是用户可以在没有电子邮件激活的情况下登录吗?

代码

$email2=$_POST['email'];
$querycheck=mysql_query("select activation from students 
                         where semail='$email2'") or die ("Query Activated Problem");
$rowcheck=mysql_fetch_array($querycheck);
$act=$rowcheck['activation'];

if($act=='activated')
  {

    $email=$_POST['email'];
    $password=$_POST['password'];
    $email = stripslashes($email);
    $password= stripslashes($password);
    $email = mysql_real_escape_string($email);
    $password = mysql_real_escape_string($password);

    $querymysql=mysql_query("select * from students where semail='$email'
                             and spassword='$password'  ") or die ("query problem");
    $row=mysql_fetch_array($querymysql);


    if($row)
      {

        session_register("email");
        session_register("password"); 

        header('Location:index.php');   
      }
    else {
      $message="Please Check Your Login Details";   
      header('Location:login.php?login_error='.$message.'');    
    }

  }
else if($act=='')
  {
    $actmsg="Your Email Is Not Activated Yet";  
    header('Location:login.php?actmsg='.$actmsg.'');        
  }
4

3 回答 3

1

session_register : 这个函数在 PHP 5.3.0 中被弃用,在 PHP 5.4.0 中被移除。

直接使用$_SESSION设置变量。

于 2014-04-15T08:07:25.713 回答
0

添加一个名为激活的字段 tinyint 字段。然后将您的选择更改为 select * from students where semail='$email' and spassword='$password' " and activate=1

您激活链接应该为用户设置为 1。

于 2013-10-07T16:45:27.657 回答
0

仔细检查表格activation中的字段。students然后,让我们将您的代码从MySQL转换为MySQLiMySQL已被弃用。

/* ESTABLISH CONNECTION FIRST */

<?php

$connection=mysqli_connect("YourHost","YourUsername","YourPassword","DatabaseName");

if(mysqli_connect_errno()){

echo "Error".mysqli_connect_error();
}

$email2=mysqli_real_escape_string($con,$_POST['email']); /* LETS USE REAL ESCAPE STRING TO PREVENT A BIT OF SQL INJECTION */
$querycheck=mysqli_query($connection,"SELECT activation FROM students 
                         WHERE semail='$email2'");
while($rowcheck=mysqli_fetch_array($querycheck)){
$act=$rowcheck['activation'];
}

if($act=='activated')
{    
    $email=$_POST['email'];
    $password=$_POST['password'];
    $email = stripslashes($email);
    $password= stripslashes($password);
    $email = mysqli_real_escape_string($email);
    $password = mysqli_real_escape_string($password);

    $querymysql=mysqli_query("SELECT * FROM students WHERE semail='$email'
                             and spassword='$password'");
    $row=mysqli_num_rows($querymysql); /* I CHANGED THIS PART OF YOUR CODE */

    if($row!=0) /* SO THIS CONDITION ALSO CHANGES */
      {    
        session_register("email");
        session_register("password"); 

        header('Location:index.php');   
      }

    else {
      $message="Please Check Your Login Details";   
      header('Location:login.php?login_error='.$message.'');    
    }

}

else if($act=='')
  {
    $actmsg="Your Email Is Not Activated Yet";  
    header('Location:login.php?actmsg='.$actmsg.'');        
  }

?>
于 2014-04-15T06:05:47.383 回答