在另一个用户注册时,如何检查mysql数据库中是否已存在电子邮件或用户名,因此我可以停止注册过程,并可能建议新用户在数据库中不存在另一个2/3新用户名.
所以我尝试解决这个问题,我只能得到一种检查数据库中是否已经存在电子邮件的方法,同时我需要一种可以检查数据库中的用户名和电子邮件并分别打印$error的方法.我的意思是,如果电子邮件存在而用户名不存在,则只会打印错误电子邮件,并且用户名也相同.
我希望有人能理解我.
<?PHP
if(isset($_POST['register'])) {
$username = $_POST['username'];
$full_name = ucwords($_POST['full_name']);
$email = $_POST['email'];
$password = trim($_POST['password']);
$time = time();
$age = $_POST['age'];
$gender = $_POST['gender'];
// Geolocation
$longitude = $_SESSION['longitude'];
$latitude = $_SESSION['latitude'];
$geo_info = $geo->getInfo($latitude,$longitude);
$city = $geo_info['geonames'][0]['name'];
$country = $geo_info['geonames'][0]['countryName'];
$check_d = $db->query("SELECT username, email from users WHERE username = '$username' OR email = '$email'");
$check_d = $check_d->num_rows;
if($check_d == 0) {
$db->query("INSERT INTO users (profile_picture,username,full_name,email,password,registered,credits,age,gender,ip,country,city,longitude,latitude) VALUES ('default_avatar.png','$username','$full_name','$email','".$auth->hashPassword($password)."','$time','100','$age','$gender','$ip','".$country."','".$city."','".$longitude."','".$latitude."')");
setcookie('justRegistered', 'true', time()+6);
setcookie('mm-email',$email,time()+60*60*24*30,'/');
header('Location: '.$domain.'/people');
}
else { $error = 'Username or password already exist, Try Another';
}
}
if($auth->isLogged()) {
$first_name = $system->getFirstName($_SESSION['full_name']);
$logged_in_user = header('Location: '.$domain.'/people');
}
$users = $db->query("SELECT * FROM users ORDER BY RAND() LIMIT 7");
?>
解决方法:
在实现中,我首先检查邮件,然后检查数据库中的用户名.如果两者都已在数据库中,则稍后的错误消息(用于用户名)将覆盖电子邮件的消息.您应该更改它,以向用户提供有关为何无法将数据集插入表的更精确的反馈.
在执行任何检查之前,我将初始化$error AS null变量,因为如果其中一个约束检查失败,它将被覆盖,我可以在检查以确定是否应执行插入操作之后简单地检查它是否仍为null或不.
注意:您不应该使用此脚本,因为它很容易受到sql注入的攻击.请参阅此线程以了解您应更改的内容:How can I prevent SQL injection in PHP?
$error = null;
$check_mail = $db->query("SELECT id FROM users WHERE email='" . $email . "'");
if ($check_mail->num_rows > 0) {
$error = 'Email already exists';
}
$check_username = $db->query("SELECT id FROM users WHERE username='" . $username . "'");
if ($check_username->num_rows > 0) {
$error = 'username already exists';
}
if($error === null){
$db->query("INSERT INTO users (profile_picture,full_name,email,password,registered,credits,age,gender,ip,country,city,longitude,latitude) VALUES ('default_avatar.png','$full_name','$email','" . $auth->hashPassword($password) . "','$time','100','$age','$gender','$ip','" . $country . "','" . $city . "','" . $longitude . "','" . $latitude . "')");
setcookie('justRegistered', 'true', time() + 6);
setcookie('mm-email', $email, time() + 60 * 60 * 24 * 30, '/');
header('Location: ' . $domain . '/people');
}
