我在为一个简单的注册系统写代码。我有这个部分,我检查用户名或电子邮件是否已经存在。如果是这种情况,它应该显示一条错误消息,但它不起作用。如果用户名或电子邮件存在,则仍将提交注册表。
这是我的密码
注册.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="shortcut icon" href="favicon.png" type="image/x-icon"/>
<link rel="icon" type="image/png" href="favicon.png" />
<title>Registro</title>
</head>
<body>
<?php
if(isset($_POST['submit'])){
$mysqli = NEW
MySQLi('localhost','user','pass','database');
$username = $_POST['username'];
$name = $_POST['name'];
$pass= $_POST['pass'];
$email= $_POST['email'];
$phone= $_POST['phone'];
$querya=mysqli_query($mysqli,"select * from table where username='$username' && email='$email'");
$num_rowss=mysqli_num_rows($querya);
if ($num_rowss>0){
echo "Username or password is taken, please write a new one."
}else{
$query = "INSERT INTO table(username,name,pass,email,phone)VALUES('"
. $mysqli->real_escape_string($username) .
"' , '"
. $mysqli->real_escape_string($name) .
"' , '"
. $mysqli->real_escape_string($pass) .
"' , '"
. $mysqli->real_escape_string($email) .
"' , '"
. $mysqli->real_escape_string($phone) .
"')
";
$insert = $mysqli->query($query);
if($insert){
header('Location: login.php');
}
}
$mysqli->close();
}
?>
<div>
<h1>Register</h1>
<form action="" method="post" name="registro" id="formulario"><br><br>
<table>
<tr><td>Username: <input type="text" name="username" id="username" required></td>
</tr>
<tr><td>Name:<input type="text" name="name" id="name" required></td>
</tr>
<tr><td>Password: <input type="password" name="pass" required></td>
</tr>
<tr><td>Email: <input type="email" name="email" required></td>
</tr>
<tr><td>Phone: <input type="text" name="phone" required></td>
</tr>
<tr><td> <input name="submit" id="submit" type="submit" value="Registrar" /></td></tr>
</table><br><br>
</form>
</div>
</body>
2条答案
按热度按时间dtcbnfnu1#
有几件事:
关注sql注入使用参数
它应该是或,不是&&。您想知道是否找到用户名或电子邮件。
你应该有一些方法来处理错误。
您的查询应如下所示:
xmjla07d2#
试试这个。对我来说很管用抱歉如果不行的话!