0

我正在尝试制作一个带有会员部分的网站。要注册会员部分,您必须已经在数据库中。您将获得您的用户名和密码,然后在您注册时输入您的电子邮件、地址和密码。

所以我的问题是,当我知道我输入了正确的信息时,我收到一条错误消息,指出用户名或 reg_id 不正确。

else {
    mysql_close($con);
    header("location: index.php?signup&error-msg=Incorrect Username or Registration ID.");
}

这是我的登录表格:

<form action="function.php?signup" method="post">
  <table cellspacing="20" class="span12">
    <tr>
      <td>
        <input type="text" name="name" placeholder="Full Name">
      </td>
    </tr>
    <tr>
      <td>
        <input type="email" name="email" placeholder="Email">
      </td>
    </tr>
    <tr>
      <td>
        <input type="text" name="address" placeholder="Address">
      </td>
    </tr>
    <tr>
      <td>
        <input type="text" name="reg_id" placeholder="Your Registration ID">
      </td>
    </tr>
    <tr>
      <td>
        <input type="password" name="password" placeholder="Password">
      </td>
    </tr>
    <tr>
      <td>
        <input type="submit" placeholder="Confirm Signup" value="Confirm Signup">
      </td>
    </tr>
  </table>
</form>

在 function.php 我有一堆不同的功能等,但注册表单是:

elseif (isset($_GET['signup'])) {

  $username = $_POST['username'];
  $reg_id   = $_POST['reg_id'];

  $qry = mysql_query("
    SELECT *
    FROM users
    WHERE username = '$username'
      AND registration_id = '$reg_id' ", $con);

  if (!$qry) {
    mysql_close($con);
    die("Query Failed: " . mysql_error());
  } else {
    $row = mysql_fetch_array($qry);
  }

  if ($_POST['username'] == $row["username"] && $_POST['reg_id'] == $row["registration_id"]) {
    $password = $_POST['password'];
    $email    = $_POST['email'];
    $address  = $_POST['address'];

    $qry = mysql_query("
      INSERT INTO users
        (password, profile_email, profile_address)
      VALUES ('$password', '$email', '$address')", $con);

    if (!$qry) {
      die("Query Failed: " . mysql_error());
    } else {
      header('location: index.php?success-msg=You have successfully signed up');
    }
  }

  else {
    mysql_close($con);
    header("location: index.php?signup&error-msg=Incorrect Username or Registration ID.");
  }

}

我不确定我搞砸了什么,或者我是否做对了,因为我还在学习。我要感谢任何提前帮助我的人,非常感谢所有帮助。

-詹姆士

4

3 回答 3

5

$_POST['username']应符合$_POST['name']HTML 格式。

于 2013-10-01T20:01:08.343 回答
1

使用更新而不是插入。以下是更正后的补丁:

$qry = mysql_query("UPDATE users SET password='$password',profile_email='$email',profile_address='$address' 
        WHERE registration_id='$reg_id'");
于 2013-10-01T20:03:35.853 回答
1

你可以使用这样的东西:

if (isset($_GET['signup'])){//if

    $username = $_POST['name'];
    $reg_id = $_POST['reg_id'];

    $qry = mysql_query("SELECT * FROM users WHERE username='$username' AND registration_id='$reg_id'", $con) or die(mysql_error());
    $row=mysql_num_rows($qry);

    if($row == '1'){ ///if regcode exists
    ////insert into database
    $password = $_POST['password'];
    $email = $_POST['email'];
    $address = $_POST['address'];

    $qry2 = mysql_query("INSERT INTO
            users(password,profile_email,profile_address)
            VALUES ('$password','$email','$address')", $con) or die(mysql_error());
    header('location: index.php?success-msg=You have successfully signed up');

    }///if regcode exists
    else{
      ///didn't find the reg id
      header("location: index.php?signup&error-msg=Incorrect Username or Registration ID.");

    }


    }//if
于 2013-10-01T20:11:44.887 回答