时间戳

首页 > 解决方案 > 查询 mySQL 以检查用户是否已存在于两个表中

php - 查询 mySQL 以检查用户是否已存在于两个表中

问题描述

我正在关注如何为网站创建用户注册系统的教程。我已经完成了这一步,但我需要检查两个表中的多个值以查看它们是否存在。本教程不这样做。

这是我的注册表:

<form action="/members/register/" name="registerForm">
    <div>
        <h2>Register</h2>
        <h6>welcome</h6>
        <div class="register">
            <input type="text" name="firstname" placeholder="First Name" required>
            <input type="text" name="lastname" placeholder="Last Name" required>
            <input type="text" name="email" placeholder="Email" required>
            <label for="dob">Date of Birth:
                <input type="date" name="dob" id="dob" placeholder="Date of Birth" required>
            </label>
            <input type="text" name="username" placeholder="Username" required>
            <input type="password" name="password" placeholder="Password" required>
            <input type="password" name="passwordconfirm" placeholder="Confirm Password" required>
            <p>By creating an account you agree to our <a href="/legal/terms-of-use/">Terms &amp; Privacy</a>.</p>
            <button type="submit" name="registerNow">Register</button>
        </div>
    </div>
</form>

我需要检查的 mySQL 数据库表是:

users
  -id
  -username
  -password
  -userID (foreign key)

registered
  -id
  -nameFirst
  -nameLast
  -email
  -dob

我需要创建一个查询来检查以下是否已经存在:1)名字和姓氏一起,2)用户名,或 3)电子邮件。

此外,一旦我了解了如何执行这样的查询,我仍然?对查询中的内容感到有些困惑。此外,此代码示例仅检查用户名是否存在并输出“用户名已存在”。请选择另一个。我需要根据表中已存在的字段输出不同的内容。这是教程中的代码:

if ($stmt = $con->prepare('SELECT id, password FROM accounts WHERE username = ?')) {
// Bind parameters (s = string, i = int, b = blob, etc), hash the password using the PHP password_hash function.
$stmt->bind_param('s', $_POST['username']);
$stmt->execute();
$stmt->store_result();
// Store the result so we can check if the account exists in the database.
if ($stmt->num_rows > 0) {
    // Username already exists
    echo 'Username already exists. Please choose another.';
} else {
    // Insert new account
}
$stmt->close();
} else {
// Something is wrong with the sql statement, check to make sure accounts table exists with all 3 fields.
echo 'Could not prepare statement!';
}
$con->close();

会是这样吗?

SELECT id, password 
FROM users, registered 
WHERE users.username = ? OR (registered.nameFirst = ? AND registered.nameLast = ?) OR registered.email = ?

再一次,我正在学习如何使用本教程来做到这一点,所以我不想就代码的操作方式对代码进行任何更改。我知道有更好的方法可以做到这一点。我以此为起点来学习和进步。

标签: phpmysqlmysqliregistration

解决方案

由于您要做的就是检查注册值是否已经存在,因此使用EXISTS子查询可能最简单,而不是同时使用JOIN两个表。像这样的东西:

SELECT
    EXISTS (SELECT * FROM users WHERE username = ?) AS found_username,
    EXISTS (SELECT * FROM registered WHERE nameFirst = ? AND nameLast = ?) AS found_name,
    EXISTS (SELECT * FROM registered WHERE email = ?) AS found_email

在此查询中,?代表用户名、名字、姓氏和电子邮件值的占位符。使用带有占位符的预准备语句的目的是防止 SQL 注入,有关更多信息,请参阅此 Q&A。使用它们还有一个好处是无需在输入中转义特殊字符(例如,如果您想O'Hara使用单引号括起来的值插入到 nameLast 字段中)。

因此,对于您的代码,您可以执行以下操作:

if ($stmt = $con->prepare('SELECT
        EXISTS (SELECT * FROM users WHERE username = ?) AS found_username,
        EXISTS (SELECT * FROM registered WHERE nameFirst = ? AND nameLast = ?) AS found_name,
        EXISTS (SELECT * FROM registered WHERE email = ?) AS found_email')) {
    // Bind parameters (s = string, i = int, b = blob, etc)
    $stmt->bind_param('ssss', $_POST['username'], $_POST['firstname'], $_POST['lastname'], $_POST['email']);
    $stmt->execute();
    $stmt->bind_result($found_username, $found_name, $found_email);
    $stmt->fetch();
    // Store the result so we can check if the account exists in the database.
    if ($found_username) {
        // Username already exists
        echo 'Username already exists. Please choose another.';
    }
    elseif ($found_name) {
        // Name already exists
        echo 'Name already exists. Please choose another.';
    }
    elseif ($found_email) {
        // Email already exists
        echo 'Email already exists. Please choose another.';
    }
    else {
        // Insert new account
    }
    $stmt->close();
} 
else {
    // Something is wrong with the sql statement, check to make sure accounts table exists with all 3 fields.
    echo 'Could not prepare statement!';
}
$con->close();

推荐阅读