用于电子邮件验证的PHP代码中存在错误

用于电子邮件验证的PHP代码中存在错误,php,mysql,database,email,validation,Php,Mysql,Database,Email,Validation,我正在尝试为我的数据库创建电子邮件验证表单,但遇到了一些问题。当我尝试运行下面的代码时,我得到一个错误:没有选择数据库 我还得到一个未定义的变量错误。我想在username字段下将用户名放入我的数据库中,但显然$name是一个未定义的变量。第xx行错误未定义变量MySQL_queryINSERT进入注册用户名、密码、电子邮件、哈希值'。mysql\u real\u escape\u字符串$name 我正在使用WAMP服务器。数据库的名称是sitememberdetails,而 表i需要输入is注

我正在尝试为我的数据库创建电子邮件验证表单,但遇到了一些问题。当我尝试运行下面的代码时,我得到一个错误:没有选择数据库

我还得到一个未定义的变量错误。我想在username字段下将用户名放入我的数据库中,但显然$name是一个未定义的变量。第xx行错误未定义变量MySQL_queryINSERT进入注册用户名、密码、电子邮件、哈希值'。mysql\u real\u escape\u字符串$name

我正在使用WAMP服务器。数据库的名称是sitememberdetails,而 表i需要输入is注册中的信息。我对这一点很陌生——有谁能告诉我如何定义变量,以及如何选择db,即使它看起来已经被选中了

     <?php

             $host = "localhost";
             $username = "";
             $password = "";
             $databasename = "sitememberdetails";
             $email="xxxxxx@xxxxxxxx.xxx";


              $connection = mysql_connect($host,$username,$password) or die        
             ("Error: ".mysql_error());

               mysql_select_db($databasename);("sitememberdetails") or  

               die(mysql_error());   



                    if(isset($_POST['name']) && !empty($_POST['name']) AND  

                    isset($_POST['email']) && !empty($_POST['email'])){  
                     $name = mysql_real_escape_string($_POST['name']);  
                     $email = mysql_real_escape_string($_POST['email']); }  



                      if(!preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a- 

                        z0-9-]+)*(\.[a-z]{2,3})$/i", $email)){

$msg = 'The email you have entered is invalid, please try again.';  
                }else{  

                    $msg = 'Your account has been made, <br /> please verify it     

              by clicking the activation link that has been send to  

                 your email.';  
                       }  


                        $hash = md5( rand(0,1000) ); 


                         $password = rand(1000,5000); 



                        mysql_query("INSERT INTO registrations (username, password,  

                          email, hash) VALUES( 
                          '". mysql_real_escape_string($name) ."', 
                          '". mysql_real_escape_string(md5($password)) ."', 
                          '". mysql_real_escape_string($email) ."', 
                          '". mysql_real_escape_string($hash) ."') ") or  

                          die(mysql_error());



                             $to      = $email; // Send email to our user  
                      $subject = 'Signup | Verification'; // Give the email a subject  
                      $message = ' 
                       Thanks for signing up! 
                      Your account has been created, you can login with the following  

                       credentials after you have activated your account by pressing  

                       the url below. 

                 Username: '.$name.' 
                 Password: '.$password.' 

                      Please click this link to activate your account: 
                      http://www.yourwebsite.com/verify.php?email='.$email.'& 

                      hash='.$hash.' 
                       ';  
                     $headers = 'From:noreply@yourwebsite.com' . "\r\n"; // Set from  

                       headers  
                       mail($to, $subject, $message, $headers); // Send our email  


                        ?>
尝试更改此代码

mysql_select_db($databasename);("sitememberdetails") or  

           die(mysql_error());
对此

mysql_select_db($databasename) or  die(mysql_error());
下线


似乎$name值未过帐到表单中。如果name变量已设置且不为空,则将对其进行转义,但是如果name变量根本未设置,会发生什么情况?没有对此进行检查,因此它将继续,直到到达INSERT语句并导致错误为止


请看示例1以选择数据库。$databasename后面有一个分号;这没有意义。

这里有一些修改过的代码,使用PDO而不是mysql。让我知道这一个是否有效,我们可以从那里解决任何问题

<?php

            $host = 'localhost';
            $dbname = 'sitememberdetails';
            $user = '';
            $pass = '';
            try
            {
                $DB = new PDO("mysql:host=$host;dbname=$dbname", $user, $pass); 
            }
            catch(PDOException $e)
            {  
                echo $e->getMessage();  
            }

            if(isset($_POST['name']) && !empty($_POST['name']) AND isset($_POST['email']) && !empty($_POST['email']))
            {  
                $name = $_POST['name'];  
                $email = $_POST['email'];
            }
            else
            {
                $name = 'No Name';  
                $email = 'No Email';
            }

            if(!preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/i", $email))
            {
                $msg = 'The email you have entered is invalid, please try again.';  
            }else{  
                $msg = 'Your account has been made, <br /> please verify it by clicking the activation link that has been send to your email.';  
            }  

            $hash = md5( rand(0,1000) ); 
            $password = rand(1000,5000); 

            $query = "INSERT INTO registrations (username, password, email, hash) VALUES('?', '?', '?', '?')";
            $sth = $DB->prepare($query);
            //By using ?'s and prepare/execute, PDO will prevent SQL Injection for you!
            $sth->execute(array($name, md5($password), $email, $hash));

            $to      = $email; // Send email to our user  
            $subject = 'Signup | Verification'; // Give the email a subject  
            $message = 'Thanks for signing up! Your account has been created, 
                        you can login with the following credentials after you 
                        have activated your account by pressing the url below. 
                        Username: '.$name.' 
                        Password: '.$password.' 

                        Please click this link to activate your account: 
                        http://www.yourwebsite.com/verify.php?email='.$email.'& 

                        hash='.$hash;  
            $headers = 'From:noreply@yourwebsite.com' . "\r\n"; // Set from header  
            mail($to, $subject, $message, $headers); // Send our email  
?>

查看此修改后的代码:

<?php
         $host = "localhost";
         $username = "";
         $password = "";
         $databasename = "sitememberdetails";
         $email="xxxxxx@xxxxxxxx.xxx";


        $connection = mysql_connect($host,$username,$password) or die ("Error: ".mysql_error());
        mysql_select_db($databasename) or die(mysql_error());   


               $name = "";
           if(isset($_POST['name']) && !empty($_POST['name']) AND  
           isset($_POST['email']) && !empty($_POST['email'])){  
                 $name = mysql_real_escape_string($_POST['name']);  
                 $email = mysql_real_escape_string($_POST['email']); }  



                if(!preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/i", $email)){
                    $msg = 'The email you have entered is invalid, please try again.';  }
            else { 
                $msg = 'Your account has been made, <br /> please verify it     
                            by clicking the activation link that has been send to your email.';  
                  }  


            $hash = md5( rand(0,1000) ); 
            $password = rand(1000,5000); 

            mysql_query("INSERT INTO registrations (username, password,email, hash) VALUES( 
                      '". mysql_real_escape_string($name) ."', 
                      '". mysql_real_escape_string(md5($password)) ."', 
                      '". mysql_real_escape_string($email) ."', 
                      '". mysql_real_escape_string($hash) ."') ") or die(mysql_error());

            $to = $email; // Send email to our user  
                $subject = 'Signup | Verification'; // Give the email a subject  
            $message = ' Thanks for signing up! 
                Your account has been created, you can login with the following  
                credentials after you have activated your account by pressing  
                the url below. 
                    Username: '.$name.' 
                    Password: '.$password.' 
                Please click this link to activate your account: 
                http://www.yourwebsite.com/verify.php?email='.$email.'& 
                hash='.$hash.' 
               ';  

            $headers = 'From:noreply@yourwebsite.com' . "\r\n"; // Set from  

                mail($to, $subject, $message, $headers); // Send our email  

?>

我建议您使用PDO而不是mysql_uu函数

请研究使用或替代旧的mysql驱动程序。mysql驱动程序现在不受支持,并且存在一些安全问题。你应该避免使用mysql函数,因为它们会贬值。使用filter\u var$email,filter\u VALIDATE\u email而不是正则表达式。thnks Isa/dcirello-我对此非常陌生,但有一个最后期限,所以我只想尝试让代码以任何方式工作,我可以先,一旦它启动并运行,我将尝试更新不推荐使用的标签。代码运行正常,只是我不断收到拒绝用户@'localhost'访问数据库'sitememberdetails'的错误。你知道为什么会这样吗?我正在使用Wampserver。请在phpMyAdmin面板中检查您在连接中使用的用户的用户和权限。祝你好运。山姆干杯-我在网上都遇到了两个错误:$sth=$DB->prepare$query。错误是未定义的变量:C:\wamp\www\Root\siginuppage.php中的DB&致命错误:对C:\wamp\www\Root\siginuppage.php中的非对象调用成员函数prepare。@Danielokeeffe我认为这是与数据库连接有关的问题。试着把$DB=1;下面是catch语句中的echo,看看这是否“删除”了第一个错误,如果是,则表示您的初始数据库连接失败。感谢Delta解决了这个问题。除了我现在还有一个1!修复此错误意味着现在选择了一个数据库,但现在表示用户@“localhost”对数据库“sitememberdetails”的访问被拒绝!!数据库名称正确,如果用户名和密码为空,是否应允许我访问?我没有在phpmyadmin中更改它们。我认为wamp服务器默认的mysql用户名是root。但我不确定,因为我没有使用它。这是最后一个问题的谷歌搜索结果,我保证-将用户名指定为root,现在它声明警告:邮件:无法连接到本地主机端口25的mailserver,请在php.ini中验证SMTP和SMTP端口设置,或者在第90行使用C:\wamp\www\root\siginuppage.php中的ini\u设置。这是邮件$to、$subject、$message、$headers;。好像解决的问题越多,出现的问题就越多!这是否与站点目前不处于活动状态有关?您必须在计算机上设置smtp服务器,或者在实际服务器上尝试此代码。几乎所有托管公司都在其web服务器上设置smtp服务器。
<?php
         $host = "localhost";
         $username = "";
         $password = "";
         $databasename = "sitememberdetails";
         $email="xxxxxx@xxxxxxxx.xxx";


        $connection = mysql_connect($host,$username,$password) or die ("Error: ".mysql_error());
        mysql_select_db($databasename) or die(mysql_error());   


               $name = "";
           if(isset($_POST['name']) && !empty($_POST['name']) AND  
           isset($_POST['email']) && !empty($_POST['email'])){  
                 $name = mysql_real_escape_string($_POST['name']);  
                 $email = mysql_real_escape_string($_POST['email']); }  



                if(!preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/i", $email)){
                    $msg = 'The email you have entered is invalid, please try again.';  }
            else { 
                $msg = 'Your account has been made, <br /> please verify it     
                            by clicking the activation link that has been send to your email.';  
                  }  


            $hash = md5( rand(0,1000) ); 
            $password = rand(1000,5000); 

            mysql_query("INSERT INTO registrations (username, password,email, hash) VALUES( 
                      '". mysql_real_escape_string($name) ."', 
                      '". mysql_real_escape_string(md5($password)) ."', 
                      '". mysql_real_escape_string($email) ."', 
                      '". mysql_real_escape_string($hash) ."') ") or die(mysql_error());

            $to = $email; // Send email to our user  
                $subject = 'Signup | Verification'; // Give the email a subject  
            $message = ' Thanks for signing up! 
                Your account has been created, you can login with the following  
                credentials after you have activated your account by pressing  
                the url below. 
                    Username: '.$name.' 
                    Password: '.$password.' 
                Please click this link to activate your account: 
                http://www.yourwebsite.com/verify.php?email='.$email.'& 
                hash='.$hash.' 
               ';  

            $headers = 'From:noreply@yourwebsite.com' . "\r\n"; // Set from  

                mail($to, $subject, $message, $headers); // Send our email  

?>