PHP寄存器未响应正确的结果
逻辑错误。条件语句挂起了危险:-)PHP寄存器未响应正确的结果,php,mysqli,echo,Php,Mysqli,Echo,逻辑错误。条件语句挂起了危险:-) 用这个 <?php $server_host = "host"; $server_username = "username"; $server_password = "password"; $server_dbName = "data base name"; $player_username = $_POST ["usernamePost"]; $player_password = $_POST ["passwordPost"]; $player_di
用这个
<?php
$server_host = "host";
$server_username = "username";
$server_password = "password";
$server_dbName = "data base name";
$player_username = $_POST ["usernamePost"];
$player_password = $_POST ["passwordPost"];
$player_displayName = $_POST ["displayNamePost"];
$conn = new mysqli ($server_host, $server_username, $server_password, $server_dbName);
if (!$conn) {
echo "Error connecting to the server.";
}
$query_code = "SELECT Username FROM users WHERE Username = '{$_POST[usernamePost]}'";
$result_login = mysqli_query ($conn,$query_code);
$anything_found = mysqli_num_rows ($result_login);
if ($anything_found > 0) {
echo "An account with this username or display name already exsists, please choose another.";
}
if ($anything_found <= 0) {
$sql = "INSERT INTO users (Username, Password, Display_Name)
VALUES ('".$player_username."','".$player_password."','".$player_displayName."')";
$result = mysqli_query ($conn,$sql);
if ($result) {
echo "You may now login.";
}
if (!$result) {
echo "Error.";
}
}
?>
这段代码太糟糕了:(这不仅是因为不存在错误处理、sql注入漏洞,而且主要是因为逻辑和流被破坏。这些if
s乞求else
,这些不必要的变量,这些echo()
关于致命错误…明白了。这是我的第一个PHP脚本,所以我仍在学习安全、哈希和加密。你说的“ifs乞求其他”是什么意思?谢谢你的回答:)。服务器\u主机也应该是locahost,发布你得到的错误和表结构
<?php
$server_host = "host";
$server_username = "username";
$server_password = "password";
$server_dbName = "data base name";
$player_username = $_POST ["usernamePost"];
$player_password = $_POST ["passwordPost"];
$player_displayName = $_POST ["displayNamePost"];
$conn = new mysqli ($server_host, $server_username, $server_password, $server_dbName);
if (!$conn) {
echo "Error connecting to the server.";
}
else{
$query_code = "SELECT Username FROM users WHERE Username = '{$_POST[usernamePost]}'";
$result_login = mysqli_query ($conn,$query_code);
$anything_found = mysqli_num_rows ($result_login);
if ($anything_found > 0) {
echo "An account with this username or display name already exsists, please choose another.";
}
elseif ($anything_found <= 0) {
$sql = "INSERT INTO users (Username, Password, Display_Name)
VALUES ('".$player_username."','".$player_password."','".$player_displayName."')";
$result = mysqli_query ($conn,$sql);
if ($result) {
echo "You may now login.";
}
else{
echo "Error.";
}
}
}
?>