首頁猿問注冊(cè)表 - 拒絕某些條件并向用戶返回消息

注冊(cè)表 - 拒絕某些條件并向用戶返回消息

PHP

江戶川亂折騰 2023-04-28 15:15:33

我正在嘗試實(shí)現(xiàn)它，如果用戶試圖創(chuàng)建一個(gè)帳戶，他們必須滿足特定的字符串長度 ETC。如果他們不這樣做，那么頁面應(yīng)該向他們吐出一條消息。我僅針對(duì)用戶名嘗試了以下操作作為測試，但它并不成功。我只用了幾天 PHP，謝天謝地，我是新手，我已經(jīng)在谷歌、youtube 和 stackoverflow 上搜索過，但似乎無法讓它適用于我的具體情況。<?php include_once 'config.php';$_SESSION['message'] = "Initiating Account Creation.";$mysqli = sqlsrv_connect($serverName, $conn_array) or die ($_SESSION['message'] = "No connection to the database.");if (isset($_POST['register'])) { session_start(); // No crazy special characters in user or email because it can mess with SQL query + inputs. $username = ($_POST['username']); $email = ($_POST['email']); //VERIFY TWO PASSWORDS ARE EQUAL. $password = ($_POST['password']); $password2 = ($_POST['confirmpassword']); $str_len1 = strlen(($_POST['username'])); if ($str_len1 < 6) { $_SESSION['message'] = "Registration Failed. Unable to add $username to the database!"; // exit(); using this completely erases the form even after refreshing the page. } if ($password == $password2) { //md5 hashed password for basic security. $password = md5($password); $sql = " SET ANSI_NULLS ON SET QUOTED_IDENTIFIER ON SET CONCAT_NULL_YIELDS_NULL ON SET ANSI_WARNINGS ON SET ANSI_PADDING ON exec dnmembership.dbo.__NX__CreateAccount '$username','$password','$email' "; sqlsrv_query ($mysqli, $sql); $_SESSION['message'] = "Registration Successful. Added $username to the database!"; header("location: welcome.php");}else{ $_SESSION['message'] = "Registration error. Try a valid username, password, or email."; } }?>

查看完整描述

1 回答

絕地?zé)o雙

TA貢獻(xiàn)1946條經(jīng)驗(yàn) 獲得超4個(gè)贊

首先，你的代碼很亂。我試圖清理它；請(qǐng)以我的代碼為例，并嘗試練習(xí)編寫干凈的代碼。

其次，永遠(yuǎn)不要用它$_SESSION['']來聲明消息。最好是使用 simple echo。更好的是，我添加了一個(gè)功能。

退出()函數(shù)方法：

session_start();

include('config.php');

// For error or success messages place the following functions in your functions.php file and include the file here.

// The following functions are based on bootstrap classes for error and success message. If you are not using bootstrap you can stylize your own.

function alertSuccess($msg){

$alert = "<div class='alert alert-success'>".$msg."</div>";

return $alert;

}

function alertError($msg){

$alert = "<div class='alert alert-danger'>".$msg."</div>";

return $alert;

}

function alertInfo($msg){

$alert = "<div class='alert alert-info'>".$msg."</div>";

return $alert;

}

// Storing Form Inputs

$username = (!empty($_POST['username']))?mysqli_real_escape_string($_POST['username']):null;

$email = (!empty($_POST['email']))?mysqli_real_escape_string($_POST['email']):null;

$password = (!empty($_POST['password']))?$_POST['password']:null;

$password2 = (!empty($_POST['confirmpassword']))?$_POST['confirmpassword']:null;

if(isset($_POST['register'])) {

// Set "Creating Account" message. This is unnecessary but if you want it then okay.

echo alertInfo("Initiating Account Creation...");

// If username is null then rest of the code will not be executed

if($username == null){

echo alertError("Invalid username!");

exit();

}

// If password is not equal then rest of the code will not be executed

if($password != $password2){

echo alertError("Password mismatch");

exit();

}

// If username is less than 6 characters long then rest of the code will not be executed

if(strlen($username) < 6){

echo alertError("Username must contain at least 6 characters.");

exit();

}

// All checks done already (including password check). Now process the query.

$password = md5($password);

$sql = "SET ANSI_NULLS ON

SET QUOTED_IDENTIFIER ON

SET CONCAT_NULL_YIELDS_NULL ON

SET ANSI_WARNINGS ON

SET ANSI_PADDING ON

exec dnmembership.dbo.__NX__CreateAccount '$username','$password','$email'

";

if(sqlsrv_query($mysqli, $sql)){

echo alertSuccess("Registration Successful! Please wait....");

header("Location: welcome.php");

exit();

}else{

echo alertError("Sorry, something went wrong! Please refresh the page and try again.");

}

If...Else 函數(shù)方法：同樣可以使用 If...Else 方法實(shí)現(xiàn)。

if($username == null){

echo alertError("Invalid username!");

}else if($password != $password2){

echo alertError("Password mismatch");

}else if(strlen($username) < 6){

echo alertError("Username must contain at least 6 characters.");

}else{

// All checks done already (including password check). Now process the query.

$password = md5($password);

$sql = "SET ANSI_NULLS ON

SET QUOTED_IDENTIFIER ON

SET CONCAT_NULL_YIELDS_NULL ON

SET ANSI_WARNINGS ON

SET ANSI_PADDING ON

exec dnmembership.dbo.__NX__CreateAccount '$username','$password','$email'

";

if(sqlsrv_query($mysqli, $sql)){

echo alertError("Registration Successful! Please wait....");

header("Location: welcome.php");

exit();

}else{

echo alertError("Sorry, something went wrong! Please refresh the page and try again.");

}

使用您喜歡的任何方法。兩者都很完美。

請(qǐng)注意，我不確切知道如何在 SQL SERVER 中工作，因此，我沒有研究您的$sql部分。休息是 100% 正確的。如果您使用的是 PDO，我也會(huì)檢查 SQL。請(qǐng)從合適的人那里確認(rèn)您正在為您的任務(wù)使用正確的 SQL。

此外，以前，您的代碼無法正常工作的一個(gè)原因可能是用戶名輸入可能為空，或者簡單地說，PHP 沒有收到用戶名的表單輸入。因此，我也添加了對(duì)用戶名是否為空的檢查。如果它返回“無效的用戶名！” 然后檢查您的表單字段name=""部分的用戶名字段。

另請(qǐng)注意，您的代碼$_SESSION['message']在頁面頂部聲明，而session_start()在下方聲明?，F(xiàn)在告訴我將如何$_SESSION['message']識(shí)別是否有會(huì)話開始？除非你開始一個(gè)會(huì)話，否則你不能聲明$_SESSION變量。這將導(dǎo)致錯(cuò)誤。因此，這就是為什么我要求您session_start()在頁面頂部聲明這是必需且有效的 PHP 實(shí)踐的原因。

反對(duì) 回復(fù) 2023-04-28