php注册表不检查用户名是否存在

tpgth1q7 于 2021-06-21 发布在 Mysql

关注(0)|答案(2)|浏览(219)

我在为一个简单的注册系统写代码。我有这个部分，我检查用户名或电子邮件是否已经存在。如果是这种情况，它应该显示一条错误消息，但它不起作用。如果用户名或电子邮件存在，则仍将提交注册表。
这是我的密码
注册.php

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" 
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  <link rel="shortcut icon" href="favicon.png" type="image/x-icon"/>
  <link rel="icon" type="image/png" href="favicon.png" />
  <title>Registro</title>
</head>

<body>      
  <?php
  if(isset($_POST['submit'])){
    $mysqli = NEW 
    MySQLi('localhost','user','pass','database');
                        $username     =    $_POST['username'];
                        $name         = $_POST['name'];
                        $pass=          $_POST['pass'];
                        $email=         $_POST['email'];
                        $phone=      $_POST['phone'];

                        $querya=mysqli_query($mysqli,"select * from table where username='$username' && email='$email'");
                        $num_rowss=mysqli_num_rows($querya);

                        if ($num_rowss>0){
                            echo "Username or password is taken, please write a new one."
                        }else{

                        $query = "INSERT INTO table(username,name,pass,email,phone)VALUES('"
                        . $mysqli->real_escape_string($username) .
                        "' , '"
                        . $mysqli->real_escape_string($name) .
                        "' , '"
                        . $mysqli->real_escape_string($pass) .
                        "' , '"
                        . $mysqli->real_escape_string($email) .
                        "' , '"
                        . $mysqli->real_escape_string($phone) .
                        "')
                        ";

                        $insert = $mysqli->query($query);

                        if($insert){
                            header('Location: login.php');

                        }

                        }

                    $mysqli->close();   

}
?>

  <div>
            <h1>Register</h1>
            <form action="" method="post" name="registro" id="formulario"><br><br>
                <table>
                    <tr><td>Username: <input type="text" name="username" id="username" required></td> 
                    </tr>
                    <tr><td>Name:<input type="text" name="name" id="name" required></td> 
                    </tr>
                    <tr><td>Password: <input type="password" name="pass" required></td> 
                    </tr>
                    <tr><td>Email: <input type="email" name="email" required></td> 
                    </tr>
                    <tr><td>Phone: <input type="text" name="phone" required></td> 
                    </tr>
                    <tr><td> <input name="submit" id="submit" type="submit" value="Registrar" /></td></tr>
                </table><br><br>
            </form>
            </div>

    </body>

mysql php registration

来源：https://stackoverflow.com/questions/48347176/php-registration-form-not-cheking-if-username-exists

2条答案

按热度按时间

dtcbnfnu1#

有几件事：
关注sql注入使用参数
它应该是或，不是&&。您想知道是否找到用户名或电子邮件。
你应该有一些方法来处理错误。
您的查询应如下所示：

$querya=mysqli_query($mysqli,"select * from table where username='$username' OR email='$email'");
 $num_rowss=mysqli_num_rows($querya);

赞(0）回复(0）举报 2021-06-21

xmjla07d2#

试试这个。对我来说很管用抱歉如果不行的话！

$querya = "SELECT username, email FROM table WHERE username = '".$name."' OR email = '".$email."'";
        $result = $mysqli->query($sql);

        if(mysqli_num_rows($result) > 0)
        {
            echo 'Username or password is taken, please write a new one.';
        }
        else
        {

赞(0）回复(0）举报 2021-06-21

我来回答

php注册表不检查用户名是否存在

2条答案

相关问题

热门标签

最新问答