php - 验证在我的注册码 php 中不起作用
问题描述
我想通过数据库注册用户
在用户设置数据库名称和密码并确认密码后,我将错误消息存储在会话中并以 html 形式显示
我使用 if 来检查条件,如果不是,则将用户发送到 html 并显示错误。
但是当我运行代码时只是有效的
rgstrhtml.php
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" href="css.css">
<link href="https://fonts.googleapis.com/css?family=Ubuntu" rel="stylesheet">
<title>Sign Up</title>
</head>
<body>
<div class="main">
<p class="sign" align="center">Create Account</p>
<form class="form1" action="rgstr.php" method="post">
<input class="input " type="text" align="center" name="database_uname" id="database_uname" required />
<input class="input" type="text" align="center" placeholder="User Name" name="txt_uname" id ="txt_uname" required />
<input class="input" type="email" align="center" placeholder="Email" name="email" />
<input class="input" type="password" align="center" size = "25" placeholder="Password" name="password" id="password" required />
<input class="input" type="password" align="center" size = "25" id="copassword" name="copassword" placeholder="confirm password" required />
<input class="submit" type="submit" align="center" id="submit" name="sign_up" value="Sign Up" />
<center>
<br/>
<a >Already have account?  </a> <a href="login.php" align="center" class="forgot"> Sign In</a>
<br/>
</center>
</form>
</div>
<?php
if(isset($_SESSION["error2"])){
$error2= $_SESSION["error2"];
echo "<p class='error'> $error2 </p>";
}
if(isset($_SESSION["error3"])){
$error3= $_SESSION["error3"];
echo "<p class='error'> $error3 </p>";
}
if(isset($_SESSION["error4"])){
$error4= $_SESSION["error4"];
echo "<p class='error'> $error4 </p>";
}
?>
</body>
</html>
<?php
unset($_SESSION["error2"]);
unset($_SESSION["error3"]);
unset($_SESSION["error4"]);
?>
rgsrt.php
<?php
session_start();
include_once 'database.php';
if(isset($_POST['sign_up'])) {
$databasenam = $_POST['database_uname'];
$uname = $_POST['txt_uname'];
$email = $_POST['email'];
$password = $_POST['password'];
$copassword = $_POST['copassword'];
$error2 = "* Passwords do not match. ";
$error3 = "* Passwords should be 8 digits at least.";
$error4 = "* This database name was taken, please try another.";
$sqll = "SHOW DATABASES LIKE '$databasenam'";
$resultt = mysqli_query($conn, $sqll);
if($resultt->num_rows) {
$_SESSION["error4"] = $error4;
header('Location: rgstrhtml.php');
}
if ($password != $copassword) {
$_SESSION["error2"] = $error2;
header('Location: rgstrhtml.php');
}
if (strlen($password) < 8) {
$_SESSION["error3"] = $error3;
header('Location: rgstrhtml.php');
}
else {
$resultc = mysqli_query($conn, " CREATE DATABASE " . $databasenam . "");
$use_query = "use " . $databasenam . "";
$resultuse = mysqli_query($conn, $use_query);
$admin_query = "CREATE TABLE admin (
id int NOT NULL PRIMARY KEY AUTO_INCREMENT,
admin_name VARCHAR(30) NOT NULL,
admin_pass VARCHAR(30) NOT NULL,
admin_email VARCHAR(30) NOT NULL UNIQUE
) ";
$resultadmin = mysqli_query($conn, $admin_query);
$sqla = "INSERT INTO admin (admin_name ,admin_pass , admin_email)VALUES('$uname','$password','$email')";
$resultinsertadmn = mysqli_query($conn, $sqla);
$_SESSION['username'] = $uname;
$_SESSION['inv'] = $databasenam;
header('Location: session.php');
}
}
?>
解决方案
创建数据库的else
块只连接到if (strlen($password) >= 8)
. 因此,即使其他验证失败,只要密码足够长,您也会执行它。
您需要检查所有错误,并跳过创建数据库。
<?php
session_start();
include_once 'database.php';
if(isset($_POST['sign_up'])) {
$databasenam = $_POST['database_uname'];
$uname = $_POST['txt_uname'];
$email = $_POST['email'];
$password = $_POST['password'];
$copassword = $_POST['copassword'];
$error2 = "* Passwords do not match. ";
$error3 = "* Passwords should be 8 digits at least.";
$error4 = "* This database name was taken, please try another.";
$any_error = false;
$sqll = "SHOW DATABASES LIKE '$databasenam'";
$resultt = mysqli_query($conn, $sqll);
if($resultt->num_rows) {
$_SESSION["error4"] = $error4;
$any_error = true;
}
if ($password != $copassword) {
$_SESSION["error2"] = $error2;
$any_error = true;
}
if (strlen($password) < 8) {
$_SESSION["error3"] = $error3;
$any_error = true;
}
if ($any_error) {
header('Location: rgstrhtml.php');
exit();
}
$resultc = mysqli_query($conn, " CREATE DATABASE " . $databasenam . "");
$use_query = "use " . $databasenam . "";
$resultuse = mysqli_query($conn, $use_query);
$admin_query = "CREATE TABLE admin (
id int NOT NULL PRIMARY KEY AUTO_INCREMENT,
admin_name VARCHAR(30) NOT NULL,
admin_pass VARCHAR(30) NOT NULL,
admin_email VARCHAR(30) NOT NULL UNIQUE
) ";
$resultadmin = mysqli_query($conn, $admin_query);
$sqla = "INSERT INTO admin (admin_name ,admin_pass , admin_email)VALUES('$uname','$password','$email')";
$resultinsertadmn = mysqli_query($conn, $sqla);
$_SESSION['username'] = $uname;
$_SESSION['inv'] = $databasenam;
header('Location: session.php');
}
?>
推荐阅读
- javascript - 如果在字符串上调用任何 Array.prototype 函数,字符串是否会转换为对象?它是一个运行时友好的操作吗?(JavaScript)
- php - 根据 WooCommerce 中的自定义字段过滤产品
- office-js - Excel office API:从任务窗格调用函数
- python - PANDAS 通过逐行迭代第二个数据帧中的值来创建列,直到所有值都为真
- javascript - 如何处理 catch(err) 块上的 @typescript-eslint/no-unsafe-member-access 规则?
- c# - 此平台不支持操作 - 示例
- c# - 可以查看 CefSharp 离屏浏览器
- javascript - 每 30 秒存储一次用户视频进度 Plyr.js
- c++ - 谁能帮我弄清楚基本的 C++ 编程问题?
- autodesk-forge - 除了不受 setThemingColor 影响的对象之外,是否可以使模型变暗?