dongweicha6077 2014-04-03 13:21
浏览 12
已采纳

我的注册表单中忽略了验证。

I am try to verify fields in the registration form the (password match) the UserID is not taken and the email too.

This is my code

<?php
    if(isset($_POST['submit'])){
        $msg="";
        $id="";
        $name=$_POST['cName'];
        $address=$_POST['cAddrss'];
        $country=$_POST['cCountry'];
        $mobil=$_POST['cTel'];
        $sex=$_POST['cSex'];
        $email=$_POST['cEmail'];
        $userName=$_POST['cUsername'];
        $userPassword=$_POST['cPassword'];
        $confPassword=$_POST['concPassword'];

        $checkEmail=$db->query("select * from users where email ='".$email."'");
        $checkUID=$db->query("select * from users where user_name ='".$userName."'");

        if($userPassword !== $confPassword)
        {
            $msg="Password don't match";
        }
        if($checkEmail -> num_rows == 1)
        {
            $msg = "<span style='color:#F00; font-size:14px; font-weight:bold;'>This email already taken</span>";
        }
        if($checkUID -> num_rows == 1) 
        {
            $msg = "<span style='color:#F00; font-size:14px; font-weight:bold;'>This User name already taken</span>";
        }
        if($put=$db->prepare("INSERT INTO users(id, name, mobile, sex, country, address, user_name, user_password, email)VALUE(?, ?, ?, ?, ?, ?, ?, ?, ?)"))
            {
                $put->bind_param('issssssss', $id, $name, $mobil, $sex, $country, $address, $userName, $userPassword, $email);
                $put->execute();
                $put->close();
            }
            else
            {
                die($db->error);
            }
            header("Location:index.php?pid=3&smsg=smsg");
        }
?>

What happens is the form ignores my Verification and jump to the header and send me to the success page as an everything is fine.

At the top of my form I used this to show the $msg if there is any <?php if(!empty($msg)) {echo $msg;} ?>

  • 写回答

1条回答 默认 最新

  • duancan8382 2014-04-03 14:02
    关注

    Try this approach:

    if($userPassword !== $confPassword){
    $msg.="Password don't match";
}else{
    //Password matches, now we can hit the database
    $checkEmail=$db->query("select * from users where email ='".$email."'");
    $checkUID=$db->query("select * from users where user_name ='".$userName."'");

    $emailExist =($checkEmail -> num_rows > 0);
    $userNameExist = ($checkUID -> num_rows > 0);

    if(!$emailExist && !$userNameExist){
        $put=$db->prepare("INSERT INTO users(id, name, mobile, sex, country, address, user_name, user_password, email)VALUE(?, ?, ?, ?, ?, ?, ?, ?, ?)");
        $put->bind_param('issssssss', $id, $name, $mobil, $sex, $country, $address, $userName, $userPassword, $email);
        if($put->execute()){        
          //record Inserted now redirect
          $msg .= "Success! no validation error";
          header("Location:index.php?pid=3&smsg=smsg");
        }else{
         //error
          $msg = "error while INSERT";
          die($db->error);
        }
    }else{
        //found record  
        $msg.= $emailExist ? "This email already taken" : "";
        $msg.= $userNameExist ? "This User name already taken" : "";
    }
}
echo $msg;
    • Only call DB when password matches
    • added success condition
    • moved redirection code to success block
    • concatenation of error message
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥60 大一项目课,微信小程序
  • ¥15 求视频摘要youtube和ovp数据集
  • ¥15 在启动roslaunch时出现如下问题
  • ¥15 汇编语言实现加减法计算器的功能
  • ¥20 关于多单片机模块化的一些问题
  • ¥30 seata使用出现报错,其他服务找不到seata
  • ¥35 引用csv数据文件(4列1800行),通过高斯-赛德尔法拟合曲线,在选取(每五十点取1点)数据,求该数据点的曲率中心。
  • ¥20 程序只发送0X01,串口助手显示不正确,配置看了没有问题115200-8-1-no,如何解决?
  • ¥15 Google speech command 数据集获取
  • ¥15 vue3+element-plus页面崩溃