gpt4 book ai didi

php - 如何使用 php pdo 连接检查 mysql 中的值?

转载 作者:行者123 更新时间:2023-11-30 00:39:14 38 4
gpt4 key购买 nike

我是 php 的初学者,所以我需要有关注册脚本的帮助。我有 4 个字段,1 个用户名(在后面转换为电子邮件地址),1 个所有者当前电子邮件地址和 2 个密码字段。注册正常,我只想添加用户名验证(无论是否存在)。我的问题是我不知道在哪里以及如何做,我应该创建一个函数吗?如何?我想保持简单,所以我没有创建任何类型的 session ,是否可以不创建任何类型的 session ?这是代码:

<?php

$host = '127.0.0.1';
$dbuser = 'reguser';
$dbpass = 'regpass';
$dbn = 'regform';


$conn = new PDO("mysql:host=$host;dbname=$dbn", $dbuser, $dbpass);


$RegScrIdErr = $RegScrIdChrErr = $OwnAddressErr = $Password1Err = $Password2Err = $PasswordMErr = "";

$formValid = true;

if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["RegScrId"])) {$RegScrIdErr = "Userame is required"; $formValid = false;}
else {$RegScrId = check_input($_POST["RegScrId"]);
if (!preg_match("/^[a-zA-Z0-9]*$/",$RegScrId)){$RegScrIdErr = "Only letters and numbers allowed"; $formValid = false;}

}

if (empty($_POST["OwnAddress"])) {$OwnAddressErr = "Email is required"; $formValid = false;}
else {$OwnAddress = check_input($_POST["OwnAddress"]);
if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$OwnAddress)){$OwnAddressErr = "Invalid email format"; $formValid = false;}
}

if (empty($_POST["Password1"])) {$Password1Err = "Password field can't be empty!"; $formValid = false;}
else {$Password1 = check_input($_POST["Password1"]);}
if (empty($_POST["Password2"])){$Password2Err = "Password Confirmation can't be empty!"; $formValid = false;}
else {$Password2 = check_input($_POST["Password2"]);
if ($_POST["Password1"]!= $_POST["Password2"]) {$PasswordMErr = "Password does not match!"; $formValid = false;}
}
if ($formValid) { header('Location: index.html'); }
}




function check_input($data){
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}




$RegScrIdFull = "$RegScrId@RegScrserver.com";
$userIp = $_SERVER['REMOTE_ADDR'];
$hash = hash('sha1', $Password1);

FUNCTION createSalt(){
$text = md5(uniqid(rand(), TRUE));
RETURN substr($text, 0, 3);
}
$salt = createSalt();
$PasswordSec = hash('sha256', $salt . $hash);

if ($formValid) {

$qry = $conn->PREPARE('INSERT INTO userlist (RegScrId, password, email, userIp, salt) VALUES (?, ?, ?, ?, ?)');
$qry->EXECUTE(array($RegScrIdFull, $hash, $OwnAddress, $userIp, $salt));
$conn = null;

}
?>


<div id="wrapper">
<header><img src="img/logo3.png" width="170" height="110" /><br><br>
</header><br>
<div id="section_contact">
<form name="register" method="post" action="<?php echo $_SERVER["PHP_SELF"];?>"><br />
<table width="850" border="0" id="tb-form">
<tr>
<td class="tb-form-left" colspan="2"><h4><strong>Sign Up</strong></h4><br /></td>
</tr>
<tr>
<td class="tb-form-left"><input type="text" name="OwnAddress" maxlength="30" placeholder=" Own Email Address" value="<?php echo $ $OwnAddress;?>" /><span class="error"><?php echo $OwnAddressErr;?></span></td>
</tr>
<tr>
<td class="tb-form-left"><input type="text" class="RegScrIdPic" maxlength="28" name="RegScrId" id="email" placeholder=" RegScrserver Username" value="<?php echo $RegScrId;?>" /><span class="error"><?php echo $RegScrIdErr;?><?php echo $RegScrIdChrErr;?></span></td>
</tr>
<tr>
<td class="tb-form-left"><input type="password" name="Password1" placeholder=" Enter Password"/><span class="error"><?php echo $Password1Err;?></span></td>
</tr>
<tr>
<td class="tb-form-left"><input type="password" name="Password2" placeholder=" Confirm Password" /><span class="error"><?php echo $Password2Err;?><?php echo $PasswordMErr;?></span></td>
</tr>
<tr>
<td class="tb-form-left"><input id="form-btn" type="submit" value="Create Account" /></td>
</tr>
</table>
</form>
</div>


</div>


</div>
</body>
</html>

最佳答案

如果你想在数据库中存在用户名时实现验证,你首先应该询问数据库用户名是否确实存在。在插入之前,您应该使用 SELECT 查询

$sth = $conn->prepare('SELECT id FROM users WHERE username=:username');
$sth->bindValue(':username',$username,PDO::PARAM_STR);
sth->execute();
while($row = $sth->fetch()){
/// ....... here you get username
}
// if in $row you get username you can use now validation for example
if(!empty($row)){
my_validation_function();
}
else{
// we dont want approaching form so we redirect customer to some page
header('location: some url');
}


if ($formValid) {


$qry = $conn->PREPARE('INSERT INTO userlist (RegScrId, password, email, userIp, salt) VALUES (?, ?, ?, ?, ?)');
$qry->EXECUTE(array($RegScrIdFull, $hash, $OwnAddress, $userIp, $salt));
$conn = null;

}

关于php - 如何使用 php pdo 连接检查 mysql 中的值?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/21919218/

38 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com