Fatal编程技术网
  • php/
  • Php 检查数据库中是否已存在用户名和电子邮件

Php 检查数据库中是否已存在用户名和电子邮件

php mysql validation email

Php 检查数据库中是否已存在用户名和电子邮件,php,mysql,validation,email,Php,Mysql,Validation,Email,我刚开始使用php,我尝试创建一个系统,如果您键入已有的用户名或密码,我会拒绝“创建帐户”。谢谢您,很抱歉我的英语不好。 我已经试过了。无效: 这是我的php: 如果(mysqli_num_rows($res)>0)在这一行之前,您缺少了非常重要的一行if(mysqli_num_rows($res) 首先,session\u start()被调用两次。如果($password==$password2){ 您的代码还缺少一个;和一些}(用于正确关闭if条件) 现在解决方案: 在处理数据库查询的结果

我刚开始使用php,我尝试创建一个系统,如果您键入已有的用户名或密码,我会拒绝“创建帐户”。谢谢您,很抱歉我的英语不好。 我已经试过了。无效:

这是我的php: 
如果(mysqli_num_rows($res)>0)在这一行之前,您缺少了非常重要的一行
if(mysqli_num_rows($res)


首先,
session\u start()
被调用两次。
如果($password==$password2){

您的代码还缺少一个
和一些
}
(用于正确关闭
if
条件)

现在解决方案:
在处理数据库查询的结果之前,您需要连接到数据库并执行适当的SQL命令,然后才能得到所需的结果。您的代码缺少此进程。
在下面的代码中检查我的注释↓ 然后在更正的代码中再次检查

if ($password == $password2) {
        session_start(); // remove this repeated call
        $password = ($password);
        $sql="select * from account_info where (username='$username' or email='$email')";
        if (mysqli_num_rows($res) > 0) { // $res isn't defined
          $row = mysqli_fetch_assoc($res);
          if ($username==$row['username'])
          {
              $_SESSION['message'] = "Username je vec registrovan";
          }
          else($email==$row['email']){  // `else` doesn't work this way, use `elseif`
              $_SESSION['message'] = "Email je vec registrovan"  // ; missing
          }

更正代码:

建议:

  • 使用准备好的语句,而不是直接将用户提供的输入传递到SQL
    (关键是,您当前的代码容易受到SQL注入的攻击)
  • 使用支持PHP并提供语法突出显示的IDE(Atom、Visual Studio代码、PhpStorm等)
    • 我试过这个

    <?php
session_start();

$db = mysqli_connect("localhost", "root", "", "itsnikola");
if (isset($_POST['register_btn'])) {
    $name      = mysqli_real_escape_string($db, $_POST['name']);
    $lastname  = mysqli_real_escape_string($db, $_POST['lastname']);
    $username  = mysqli_real_escape_string($db, $_POST['username']);
    $email     = mysqli_real_escape_string($db, $_POST['email']);
    $password  = mysqli_real_escape_string($db, $_POST['password']);
    $password2 = mysqli_real_escape_string($db, $_POST['password2']);

    if ($password == $password2) {
        $password = ($password);
        $sql      = "select * from account_info where (username='$username' or email='$email')";
        $res      = mysqli_query($db, $sql); // you were calling $res but it wasn't defined; this connects to the DB and executes SQL and then assigns the result
        if (mysqli_num_rows($res) > 0) {
            $row = mysqli_fetch_assoc($res);
            if ($username == $row['username']) {
                $_SESSION['message'] = "Username je vec registrovan";
            } elseif ($email == $row['email']) {  // changed `else` to `elseif` to include the condition, `else` doesn't accept conditional checks
                $_SESSION['message'] = "Email je vec registrovan";  // added ;
            } else {
                $sql = "INSERT INTO users(name, lastname, username, email, password) VALUES('$name' , '$lastname' , '$username' , '$email' , '$password')";
                mysqli_query($db, $sql);
                $_SESSION['message'] = "Sada si ulogovan";
                $_SESSION['message'] = $username;
                header("location:login.php");
            }
        } // required to close `if (mysqli_num_rows($res) > 0)`
    } // required to close the password checking condition
    else {
        $_SESSION['message'] = "Ne podudaraju se lozinke!";
    }
}
?>

    如果您能准确地解释什么是不起作用的,那会很有帮助——错误消息?没有插入数据库?未检测到重复?等

    if ($password == $password2) {
        session_start(); // remove this repeated call
        $password = ($password);
        $sql="select * from account_info where (username='$username' or email='$email')";
        if (mysqli_num_rows($res) > 0) { // $res isn't defined
          $row = mysqli_fetch_assoc($res);
          if ($username==$row['username'])
          {
              $_SESSION['message'] = "Username je vec registrovan";
          }
          else($email==$row['email']){  // `else` doesn't work this way, use `elseif`
              $_SESSION['message'] = "Email je vec registrovan"  // ; missing
          }

    

    if (isset($_POST['register_btn'])) {
    $name      = mysqli_real_escape_string($db, $_POST['name']);
    $lastname  = mysqli_real_escape_string($db, $_POST['lastname']);
    $username  = mysqli_real_escape_string($db, $_POST['username']);
    $email     = mysqli_real_escape_string($db, $_POST['email']);
    $password  = mysqli_real_escape_string($db, $_POST['password']);
    $password2 = mysqli_real_escape_string($db, $_POST['password2']);

    if ($password == $password2) {
        $password = ($password);
        $sql      = "SELECT * FROM users WHERE (username='$username' OR email='$email')";
        $res      = mysqli_query($db, $sql); // you were calling $res but it wasn't defined; this connects to the DB and executes SQL and then assigns the result
        if (mysqli_num_rows($res) > 0) {
            $row = mysqli_fetch_assoc($res);
            if ($username == $row['username']) {
                $_SESSION['message'] = "Username je vec registrovan";
            } elseif ($email == $row['email']) {  // changed `else` to `elseif` to include the condition, `else` doesn't accept conditional checks
                $_SESSION['message'] = "Email je vec registrovan";  // added ;
            }
        } else {
            $sql = "INSERT INTO users (name, lastname, username, email, password) VALUES ('$name', '$lastname', '$username', '$email', '$password')";
            if (mysqli_query($db, $sql)) {
                // New record inserted
                $_SESSION['message'] = "Sada si ulogovan";
                $_SESSION['message'] = $username;
                header("location: login.php");
            } else {
                echo("Error: " . mysqli_error($db));
            }
        }
    } // required to close the password checking condition
    else {
        $_SESSION['message'] = "Ne podudaraju se lozinke!";
    }
}

    

    <?php
session_start();

$db = mysqli_connect("localhost", "root", "", "itsnikola");
if (isset($_POST['register_btn'])) {
    $name      = mysqli_real_escape_string($db, $_POST['name']);
    $lastname  = mysqli_real_escape_string($db, $_POST['lastname']);
    $username  = mysqli_real_escape_string($db, $_POST['username']);
    $email     = mysqli_real_escape_string($db, $_POST['email']);
    $password  = mysqli_real_escape_string($db, $_POST['password']);
    $password2 = mysqli_real_escape_string($db, $_POST['password2']);

    if ($password == $password2) {
        $password = ($password);
        $sql      = "select * from account_info where (username='$username' or email='$email')";
        $res      = mysqli_query($db, $sql); // you were calling $res but it wasn't defined; this connects to the DB and executes SQL and then assigns the result
        if (mysqli_num_rows($res) > 0) {
            $row = mysqli_fetch_assoc($res);
            if ($username == $row['username']) {
                $_SESSION['message'] = "Username je vec registrovan";
            } elseif ($email == $row['email']) {  // changed `else` to `elseif` to include the condition, `else` doesn't accept conditional checks
                $_SESSION['message'] = "Email je vec registrovan";  // added ;
            } else {
                $sql = "INSERT INTO users(name, lastname, username, email, password) VALUES('$name' , '$lastname' , '$username' , '$email' , '$password')";
                mysqli_query($db, $sql);
                $_SESSION['message'] = "Sada si ulogovan";
                $_SESSION['message'] = $username;
                header("location:login.php");
            }
        } // required to close `if (mysqli_num_rows($res) > 0)`
    } // required to close the password checking condition
    else {
        $_SESSION['message'] = "Ne podudaraju se lozinke!";
    }
}
?>