Php 检查用户名是否存在或不工作?
我已经检查了其他答案,并尝试将其复制到我的答案中,但我得到了一个未识别的Php 检查用户名是否存在或不工作?,php,mysqli,Php,Mysqli,我已经检查了其他答案,并尝试将其复制到我的答案中,但我得到了一个未识别的行错误 <?php session_start(); if(isset($_SESSION['user_id'])) { header("Location: index.php"); } include_once 'dbconnect.php'; //set validation error flag as false $error = false; //check if form is submitt
行
错误
<?php
session_start();
if(isset($_SESSION['user_id'])) {
header("Location: index.php");
}
include_once 'dbconnect.php';
//set validation error flag as false
$error = false;
//check if form is submitted
if (isset($_POST['signup'])) {
$first_name = mysqli_real_escape_string($con, $_POST['first_name']);
$last_name = mysqli_real_escape_string($con, $_POST['last_name']);
$username = mysqli_real_escape_string($con, $_POST['username']);
$email = mysqli_real_escape_string($con, $_POST['email']);
$password = mysqli_real_escape_string($con, $_POST['password']);
$cpassword = mysqli_real_escape_string($con, $_POST['cpassword']);
$quote = mysqli_real_escape_string($con, $_POST['quote']);
$who = mysqli_real_escape_string($con, $_POST['who']);
//name can contain only alpha characters and space
if ($_POST['username'] == $row['username']){
$error = true;
$username_error = '<div class="error-notice">
<div class="oaerror danger">
<strong>Uh oh!</strong> - Username is already in use.
</div>';
}
没关系,我明白了。我必须在代码上方执行此操作
$result = mysqli_query($con, "SELECT * FROM users WHERE username = '" . $username. "'");
if($row = mysqli_fetch_array($result)){
你把$row分配到哪里?哦,我没有。。。我应该将其分配给什么?您应该使用而不是连接查询。即使是mysqli\u real\u escape\u string()
对于注入攻击也不是100%安全的。我还不知道如何做到这一切。我是个新手,所以我的计划是一步一步地进步。