donglv1831 2015-01-15 11:31
浏览 80
已采纳

密码匹配php并验证用户名和密码

I am trying to create a register page and on this i have several tasks which i would like to complete. 

1)The username to only accept a-z A-Z 0-10 characters
2)The passwords being entered at the stage of registration are checked to
  see if they match, if not get the user to try again 
3)Set the passwords to only accept A-Z a-z 0-10 ! characters

I am working on task 2, the code i have works but although it shows the error it is still entering the data in the database. not sure where i am going. 

if(isset($_POST['submit'])){

$username = mysql_real_escape_string($_POST['username']);
  $password1 = mysql_real_escape_string($_POST['password1']);
$password2 = mysql_real_escape_string($_POST['password2']);
$email = mysql_real_escape_string($_POST['email']);

    $selected = mysql_select_db("register", $dbhandle);

 $query = "SELECT * FROM users WHERE email='".$email."' 
OR username= '".$username."'";

$result = mysql_query($query);

if(mysql_num_rows($result) > 0){
 echo "A record already exists."; 
 exit;
}

else{
$insert = mysql_query("INSERT into users (username, password1, password2, email) VALUES    
 ('".$username."','".$password1."','".$password2."','".$email."')");
}
if($insert){
echo "Success";
}

else{
echo "There was an error " . mysql_error();
}

mysql_close();

 if ($_POST['password1']!= $_POST['password2'])
 {
 echo("Oops! Password did not match! Try again. ");
}
}
?>
  • 写回答

4条回答 默认 最新

  • dongyuxiao6295 2015-01-15 11:37
    关注

    You need to check if there are any errors during the registration and if not then insert the data in database. Check below code;

    $err = "";

//your extra code and validations

if ($_POST['password1']!= $_POST['password2'])
   $err .= "Oops! Password did not match! Try again."; //append to $err

if ($err=="")
{
  //insert here
}

//display $err somewhere below

    Or you need to modify your code like this

    if(isset($_POST['submit']))
{
    $username = mysql_real_escape_string($_POST['username']);
    $password1 = mysql_real_escape_string($_POST['password1']);
    $password2 = mysql_real_escape_string($_POST['password2']);
    $email = mysql_real_escape_string($_POST['email']);

    $selected = mysql_select_db("register", $dbhandle);

    $query = "SELECT * FROM users WHERE email='".$email."' OR username= '".$username."'";

    $result = mysql_query($query);

    if(mysql_num_rows($result) > 0)
    {
        echo "A record already exists."; 
        exit;
    }
    else
    {
        if ($_POST['password1']!= $_POST['password2'])
            echo("Oops! Password did not match! Try again. ");
        else
        {
            $insert = mysql_query("INSERT into users (username, password1, password2, email) VALUES ('".$username."','".$password1."','".$password2."','".$email."')");

            if($insert)
                echo "Success";
            else
                echo "There was an error " . mysql_error();
        }
    }

    mysql_close();
}

    The username to only accept a-z A-Z 0-10 characters

    Use the following code for username validation

    if (preg_match('/^[a-zA-Z0-9]+$/', $username))
    echo "valid username";
else 
    echo "invalid username";

    Set the passwords to only accept A-Z a-z 0-10 ! characters

    Use the following code for password validation

    if (preg_match('/^[a-zA-Z0-9!]+$/', $password1))
    echo "valid password";
else 
    echo "invalid password";

    Full Code

    if(isset($_POST['submit']))
{
    $username = mysql_real_escape_string($_POST['username']);
    $password1 = mysql_real_escape_string($_POST['password1']);
    $password2 = mysql_real_escape_string($_POST['password2']);
    $email = mysql_real_escape_string($_POST['email']);

    $selected = mysql_select_db("register", $dbhandle);

    $query = "SELECT * FROM users WHERE email='".$email."' OR username= '".$username."'";

    $result = mysql_query($query);

    if(mysql_num_rows($result) > 0)
    {
        echo "A record already exists."; 
        exit;
    }
    else
    {
        if ($_POST['password1']!= $_POST['password2'])
            echo("Oops! Password did not match! Try again. ");
        else
        {

            //too many if/else blocks but don't want to change the structure of your code
            if (!preg_match('/^[a-zA-Z0-9]+$/', $username))
                echo "invalid username";
            else
            {
                if (!preg_match('/^[a-zA-Z0-9!]+$/', $password1))
                    echo "invalid password";
                else
                {
                    $insert = mysql_query("INSERT into users (username, password1, password2, email) VALUES ('".$username."','".$password1."','".$password2."','".$email."')");

                    if($insert)
                        echo "Success";
                    else
                        echo "There was an error " . mysql_error();
                }
            }
        }
    }

    mysql_close();
}
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(3条)

报告相同问题?

悬赏问题

  • ¥15 delta降尺度计算的一些细节,有偿
  • ¥15 Arduino红外遥控代码有问题
  • ¥15 数值计算离散正交多项式
  • ¥30 数值计算均差系数编程
  • ¥15 redis-full-check比较 两个集群的数据出错
  • ¥15 Matlab编程问题
  • ¥15 训练的多模态特征融合模型准确度很低怎么办
  • ¥15 kylin启动报错log4j类冲突
  • ¥15 超声波模块测距控制点灯,灯的闪烁很不稳定,经过调试发现测的距离偏大
  • ¥15 import arcpy出现importing _arcgisscripting 找不到相关程序