Fatal编程技术网
  • php/
  • PHP寄存器未响应正确的结果

PHP寄存器未响应正确的结果

php

PHP寄存器未响应正确的结果,php,mysqli,echo,Php,Mysqli,Echo,逻辑错误。条件语句挂起了危险:-) 用这个 <?php $server_host = "host"; $server_username = "username"; $server_password = "password"; $server_dbName = "data base name"; $player_username = $_POST ["usernamePost"]; $player_password = $_POST ["passwordPost"]; $player_di

逻辑错误。条件语句挂起了危险:-)
用这个

<?php
$server_host = "host";
$server_username = "username";
$server_password = "password";
$server_dbName = "data base name";

$player_username = $_POST ["usernamePost"];
$player_password = $_POST ["passwordPost"];
$player_displayName = $_POST ["displayNamePost"];

$conn = new mysqli ($server_host, $server_username, $server_password, $server_dbName);

if (!$conn) {
    echo "Error connecting to the server.";
}

$query_code = "SELECT Username FROM users WHERE Username = '{$_POST[usernamePost]}'";
$result_login = mysqli_query ($conn,$query_code);
$anything_found = mysqli_num_rows ($result_login);

if ($anything_found > 0) {
echo "An account with this username or display name already exsists, please choose another.";  
}

if ($anything_found <= 0) {

$sql = "INSERT INTO users (Username, Password, Display_Name)
        VALUES ('".$player_username."','".$player_password."','".$player_displayName."')";
$result = mysqli_query ($conn,$sql);
if ($result) {
    echo "You may now login.";
}
if (!$result) {
        echo "Error.";




        }
}   
?>

这段代码太糟糕了:(这不仅是因为不存在错误处理、sql注入漏洞,而且主要是因为逻辑和流被破坏。这些
if
s乞求
else
,这些不必要的变量,这些
echo()
关于致命错误…明白了。这是我的第一个PHP脚本,所以我仍在学习安全、哈希和加密。你说的“ifs乞求其他”是什么意思?谢谢你的回答:)。服务器\u主机也应该是locahost,发布你得到的错误和表结构

<?php
    $server_host = "host";
    $server_username = "username";
    $server_password = "password";
    $server_dbName = "data base name";

    $player_username = $_POST ["usernamePost"];
    $player_password = $_POST ["passwordPost"];
    $player_displayName = $_POST ["displayNamePost"];

    $conn = new mysqli ($server_host, $server_username, $server_password, $server_dbName);

    if (!$conn) {
        echo "Error connecting to the server.";
    }

    else{
    $query_code = "SELECT Username FROM users WHERE Username = '{$_POST[usernamePost]}'";
    $result_login = mysqli_query ($conn,$query_code);
    $anything_found = mysqli_num_rows ($result_login);

    if ($anything_found > 0) {
    echo "An account with this username or display name already exsists, please choose another.";  
    }

    elseif ($anything_found <= 0) {

    $sql = "INSERT INTO users (Username, Password, Display_Name)
            VALUES ('".$player_username."','".$player_password."','".$player_displayName."')";
    $result = mysqli_query ($conn,$sql);
    if ($result) {
        echo "You may now login.";
    }
    else{

        echo "Error.";

    }
    } 
    } 


 ?>