Fatal编程技术网
  • php/
  • 使用PHP检查MYSQL上是否存在用户和电子邮件

使用PHP检查MYSQL上是否存在用户和电子邮件

php sql

使用PHP检查MYSQL上是否存在用户和电子邮件,php,sql,Php,Sql,我到处找了找,但找不到正确的东西。 我有输入:用户名、密码和电子邮件 我想检查用户名和电子邮件,知道它们是否存在于数据库中 如果有,它会给出一个错误,如果没有,它会创建一个新帐户 这是我现在的代码: 形式 检查 结束 创建不存在的帐户的输出为: 添加用户时出错 我对PHP很陌生,所以我不确定出了什么问题。是因为我对username和e-mail-check/sql/etc变量使用了相同的变量,还是我只是做错了 知道这为什么不起作用吗?我编辑了新函数的第一部分,以检查是否有任何结果。当然,所有的东

我到处找了找,但找不到正确的东西。 我有输入:用户名、密码和电子邮件

我想检查用户名和电子邮件,知道它们是否存在于数据库中

如果有,它会给出一个错误,如果没有,它会创建一个新帐户

这是我现在的代码:

形式

检查

结束

创建不存在的帐户的输出为:

添加用户时出错

我对PHP很陌生,所以我不确定出了什么问题。是因为我对username和e-mail-check/sql/etc变量使用了相同的变量,还是我只是做错了

知道这为什么不起作用吗?

我编辑了新函数的第一部分,以检查是否有任何结果。当然,所有的东西都逃走了,所以你是安全的

function registNew() {
        $con = mysqli_connect("localhost","root","","work");
        $username = mysqli_real_escape_string($con, $_POST["username"]);
        $password = mysqli_real_escape_string($con, $_POST["password"]);
        $email = mysqli_real_escape_string($con, $_POST["email"]);

        if(mysqli_connect_errno())
        {
            echo "Error MySQL: " .mysqli_connect_errno();
        }

        $rsUsers = mysqli_query($con,"SELECT * FROM users WHERE username = '".$username."'");
        $rsEmails = mysqli_query($con,"SELECT * FROM users WHERE email = '".$email."'");
        $numUsers = mysqli_num_rows($rsUsers);
        $numEmails = mysqli_num_rows($rsEmails);

        if($numUsers > 0 || $numEmails > 0) {
            echo "User already exists";
        }
        else
        {

                $newUser= "INSERT INTO users(username,password,email) VALUES('$username','$password','$email')";
                if(mysqli_query($con,$newUser))
                {
                    echo "Account has been created<br/>";
                    /* header('Location: login.php'); */
                }
                else
                {
                    echo "Error at adding user<br/>";
                    header("refresh:5;url=register.php");
                }

        }
    }
我可以问一下,为什么要再说一次db_的名字吗?work是dbname,还有,real_Escape_string是什么意思?它有什么作用?我也会尝试用这个来编辑我的代码并检查它。谢谢你,我是斯利。忽略了参数中的空字符串。编辑答案。rel_escape_string从字符串中转义特殊字符,因此您可以安全地避免SQL注入。我将代码编辑为与您的类似,但他只检查用户,然后检查电子邮件,正如您所看到的,在其他情况下,我尝试检查用户,但在这种情况下,改变了您的想法,但它给了我同样的答案,并说:警告:mysqli_num_rows期望参数1是mysqli_result,第59行的C:\xampp\htdocs\Publicidades\register.php中给出的字符串,那么查询中一定会有某种错误。我建议回显SQL查询,并尝试在phpmyadmin或您正在使用的任何MySQL软件中运行它,然后查看错误是什么。我再次编辑了你的代码,以避免不必要的第二次电子邮件检查。一定是因为我的数据库,我将尝试签出它。泰 
        <?php
        function registNew() {
        $con = mysqli_connect("localhost","root","","work");
        $username = mysqli_real_escape_string($con , $_POST["username"]);
        $password = mysqli_real_escape_string($con , $_POST["password"]);
        $email = mysqli_real_escape_string($con , $_POST["email"]);

        if(mysqli_connect_errno())
        {
            echo "Error MySQL: " .mysqli_connect_errno();
        }

        $sqlUser = "SELECT * FROM users WHERE username = '".$username."'";
        $rs = mysqli_query($con ,$sqlUser);
        $numUsers = mysqli_num_rows($rs);

        if($numUsers > 0) {
            echo "User already exists<br/>";
        }
        else
        {
            $sqlEmail = "SELECT * FROM utilizadores WHERE email = '".$email."'";
            $rs = mysqli_query($con ,$sqlEmail);
            $numEmails = mysqli_num_rows($rs);

            if($numEmails > 0) {
                echo "E-Mail already exists<br/>";
            }
            else 
            {
                $newUser= "INSERT INTO utilizadores(username,password,email) VALUES('$username','$password','$email')";
                if(mysqli_query($con ,$newUser))
                {
                    echo "Account has been created!<br/>";
                    mysqli_close($con);
                    header('Location: login.php');
                }
                else
                {
                    echo "Error at adding user<br/>";
                    header("refresh:5;url=register.php");
                }
            }
        }
    }
    ?>

    <?php
    if(!isset($_SESSION)) {
        session_start();
    }

    if(!isset($_POST["register"]))
    {
        formulary();  
    }
    else
    {
        registNew();
    }
    ?>

function registNew() {
        $con = mysqli_connect("localhost","root","","work");
        $username = mysqli_real_escape_string($con, $_POST["username"]);
        $password = mysqli_real_escape_string($con, $_POST["password"]);
        $email = mysqli_real_escape_string($con, $_POST["email"]);

        if(mysqli_connect_errno())
        {
            echo "Error MySQL: " .mysqli_connect_errno();
        }

        $rsUsers = mysqli_query($con,"SELECT * FROM users WHERE username = '".$username."'");
        $rsEmails = mysqli_query($con,"SELECT * FROM users WHERE email = '".$email."'");
        $numUsers = mysqli_num_rows($rsUsers);
        $numEmails = mysqli_num_rows($rsEmails);

        if($numUsers > 0 || $numEmails > 0) {
            echo "User already exists";
        }
        else
        {

                $newUser= "INSERT INTO users(username,password,email) VALUES('$username','$password','$email')";
                if(mysqli_query($con,$newUser))
                {
                    echo "Account has been created<br/>";
                    /* header('Location: login.php'); */
                }
                else
                {
                    echo "Error at adding user<br/>";
                    header("refresh:5;url=register.php");
                }

        }
    }