Php e> $mail是在发布时,但在应用任何筛选器之前,以及在应用每个筛选器之后。这可以将搜索范围缩小到实际发生错误的位置。我试过了。。但它不起作用:/无论如何,对于上面的代码,我使用str_replace函数定义了它。这两种方法都不起作用mysql_real
Php e> $mail是在发布时,但在应用任何筛选器之前,以及在应用每个筛选器之后。这可以将搜索范围缩小到实际发生错误的位置。我试过了。。但它不起作用:/无论如何,对于上面的代码,我使用str_replace函数定义了它。这两种方法都不起作用mysql_real,php,mysql,member,email-validation,Php,Mysql,Member,Email Validation,e> $mail是在发布时,但在应用任何筛选器之前,以及在应用每个筛选器之后。这可以将搜索范围缩小到实际发生错误的位置。我试过了。。但它不起作用:/无论如何,对于上面的代码,我使用str_replace函数定义了它。这两种方法都不起作用mysql_real_escape_string(更新了我的答案)@Elena-不,在从表单中获取之前,您在str_replace函数中使用$email变量。然后,在下一行,你抓取帖子数据。更新你的问题并包括你的connect_to_db.php代码。不:(这也不
e> $mail是在发布时,但在应用任何筛选器之前,以及在应用每个筛选器之后。这可以将搜索范围缩小到实际发生错误的位置。我试过了。。但它不起作用:/无论如何,对于上面的代码,我使用str_replace函数定义了它。这两种方法都不起作用mysql_real_escape_string(更新了我的答案)@Elena-不,在从表单中获取之前,您在str_replace函数中使用$email变量。然后,在下一行,你抓取帖子数据。更新你的问题并包括你的connect_to_db.php代码。不:(这也不起作用。)谢谢你的建议,这很有帮助!!我会再次检查mysql_real_escape_字符串,看看是否有什么结果:)旁注:我想你把str_replace()和preg_replace()弄混了,你在使用一种模式吗?把你的connect_to_db.php代码放在这里,它可以是mysql_real_escape_string.Kindo正确的方式来构建一个问题并密切关注答案和评论。这个问题我给+1分。谢谢。不行:)不行。。我以前试过!!无论如何谢谢:)你能帮我添加
print\r($email);模具()代码>在第一个$email
语句之后。如果成功,请尝试下一步,直到找到错误的起始位置,这三个函数都可以使用:$email=stripslashes($_POST['email']);$email=strip_标签($email);$email=mysql\u real\u escape\u字符串($email);我不知道是什么引起了这场争吵最后的提示,那我就放弃了。设置$email=”“代码>在$errorMsg=”“之前代码>。让我知道,让我松一口气:)
$errorMsg = "";
// First we check to see if the form has been submitted
if (isset($_POST['username'])){
//Connect to the database through our include
include_once "connect_to_mysql.php";
// Filter the posted variables
$username = str_replace("[^A-Z a-z0-9]", "", $_POST['username']); // filter everything but numbers and letters
$country = str_replace("[^A-Z a-z0-9]", "", $_POST['country']); // filter everything but spaces, numbers, and letters
$county = str_replace("[^A-Z a-z0-9]", "", $_POST['county']); // filter everything but spaces, numbers, and letters
$city = str_replace("[^A-Z a-z0-9]", "", $_POST['city']); // filter everything but spaces, numbers, and letters
$accounttype = str_replace("[^a-z]", "", $_POST['accounttype']); // filter everything but lowercase letters
$email=str_replace( '/@/', '@', $email );
$email = stripslashes($_POST['email']);
$email = strip_tags($email);
$email = mysql_real_escape_string($email);
$password = str_replace("[^A-Z a-z0-9]", "", $_POST['password']); // filter everything but numbers and letters
// Check to see if the user filled all fields with
// the "Required"(*) symbol next to them in the join form
// and print out to them what they have forgotten to put in
if((!$username) || (!$country) || (!$county) || (!$city) || (!$accounttype) || (!$email) || (!$password)){
$errorMsg = "You did not submit the following required information!<br /><br />";
if(!$username){
$errorMsg .= "--- User Name";
} else if(!$country){
$errorMsg .= "--- Country";
} else if(!$county){
$errorMsg .= "--- State";
} else if(!$city){
$errorMsg .= "--- City";
} else if(!$accounttype){
$errorMsg .= "--- Account Type";
} else if(!$email){
$errorMsg .= "--- Email Address";
} else if(!$password){
$errorMsg .= "--- Password";
}
} else {
// Database duplicate Fields Check
$sql_username_check = mysql_query("SELECT id FROM members WHERE username='$username' LIMIT 1");
$sql_email_check = mysql_query("SELECT id FROM members WHERE email='$email' LIMIT 1");
$username_check = mysql_num_rows($sql_username_check);
$email_check = mysql_num_rows($sql_email_check);
if ($username_check > 0){
$errorMsg = "<u>ERROR:</u><br />Your User Name is already in use inside our system. Please try another.";
} else if ($email_check > 0){
$errorMsg = "<u>ERROR:</u><br />Your Email address is already in use inside our system. Please try another.";
} else {
// Add MD5 Hash to the password variable
$hashedPass = md5($password);
// Add user info into the database table, claim your fields then values
$sql = mysql_query("INSERT INTO members (username, country, county, city, accounttype, email, password, signupdate)
VALUES('$username','$country','$state','$city','$accounttype','$email','$hashedPass', now())") or die (mysql_error());
// Get the inserted ID here to use in the activation email
$id = mysql_insert_id();
// Create directory(folder) to hold each user files(pics, MP3s, etc.)
mkdir("memberFiles/$id", 0755);
// Start assembly of Email Member the activation link
$to = "$email";
// Change this to your site admin email
$from = "info@chrysikourtina.x10.mx";
$subject = "Complete your registration";
//Begin HTML Email Message where you need to change the activation URL inside
$message = '<html>
<body bgcolor="#FFFFFF">
Hi ' . $username . ',
<br /><br />
You must complete this step to activate your account with us.
<br /><br />
Please click here to activate now >>
<a href="http://http://chrysikourtina.x10.mx/activation.php?id=' . $id . '">
ACTIVATE NOW</a>
<br /><br />
Your Login Data is as follows:
<br /><br />
E-mail Address: ' . $email . ' <br />
Password: ' . $password . '
<br /><br />
Thanks!
</body>
</html>';
// end of message
$headers = "From: $from\r\n";
$headers .= "Content-type: text/html\r\n";
$to = "$to";
// Finally send the activation email to the member
mail($to, $subject, $message, $headers);
// Then print a message to the browser for the joiner
print "<br /><br /><br /><h4>OK $firstname, one last step to verify your email identity:</h4><br />
We just sent an Activation link to: $email<br /><br />
<strong><font color=\"#990000\">Please check your email inbox in a moment</font></strong> to click on the Activation <br />
Link inside the message. After email activation you can log in.";
exit(); // Exit so the form and page does not display, just this success message
} // Close else after database duplicate field value checks
} // Close else after missing vars check
} //Close if $_POST
?>
<table width="600" align="center" cellpadding="4">
<tr>
<td width="7%">REGISTER AS A MEMBER HERE </td>
</tr>
</table>
<table width="600" align="center" cellpadding="5">
<form action="join_form.php" method="post" enctype="multipart/form-data">
<tr>
<td colspan="2"><font color="#FF0000"><?php echo "$errorMsg"; ?></font></td>
</tr>
<tr>
<td width="163"><div align="right">User Name:</div></td>
<td width="409"><input name="username" type="text" value="<?php echo "$username"; ?>" /></td>
</tr>
<tr>
<td><div align="right">Country:</div></td>
<td><select name="country">
<option value="<?php echo "$country"; ?>"><?php echo "$country"; ?></option>
<option value="Cyprus">Cyprus</option>
<option value="United Kingdom">United Kingdom</option>
</select></td>
</tr>
<tr>
<td><div align="right">County: </div></td>
<td><input name="county" type="text" value="<?php echo "$county"; ?>" /></td>
</tr>
<tr>
<td><div align="right">City: </div></td>
<td>
<input name="city" type="text" value="<?php echo "$city"; ?>" />
</td>
</tr>
<tr>
<td><div align="right">Account Type: </div></td>
<td><select name="accounttype">
<option value="<?php echo "$accounttype"; ?>"><?php echo "$accounttype"; ?></option>
<option value="a">Normal User</option>
<option value="b">Expert User</option>
<option value="c">Super User</option>
</select></td>
</tr>
<tr>
<td><div align="right">Email: </div></td>
<td><input name="email" type="text" id="<?php echo "$email"; ?>" value="<?php echo "$email"; ?>" />
</td>
</tr>
<tr>
<td><div align="right"> Password: </div></td>
<td><input name="password" type="password" value="<?php echo "$password"; ?>" />
<font size="-2" color="#006600">(letters or numbers only, no spaces no symbols)</font></td>
</tr>
<tr>
<td><div align="right"> Captcha: </div></td>
<td>Add Captcha Here for security</td>
</tr>
<tr>
<td><div align="right"></div></td>
<td><input type="submit" name="Submit" value="Submit Form" /></td>
</tr>
</form>
</table>
$email = $_POST['email'];
$email=str_replace( '/@/', '@', $email );
$email = mysql_real_escape_string(strip_tags(stripslashes($email)));
$email = stripslashes($_POST['email']);
$email=str_replace( '/@/', '@', $email );
$email = strip_tags($email);
$email = mysql_real_escape_string($email);
<?php $email = isset($_POST['email']) ? $_POST['email'] : ''; ?>