1. 首頁
  2. 問答
  3. 編碼註冊系統

編碼註冊系統

2015-09-04 117 views
-1

的我明顯的不良企圖所以我試着去建立一個網站,即時通訊開發一個登錄系統,我非常新的PHP所以我跳進深結束了一下。我的目標是創建一個註冊表單,如果密碼不匹配,它不會添加數據並顯示錯誤,並且如果用戶名被佔用。我已經找到了這兩個代碼,但我不確定如何一起實現它們。編碼註冊系統

<?php 
$dbhost = "localhost"; 
$dbuser = "root"; 
$dbpass = ""; 
$dbname = "immo"; 

//Connection to the DB 
$con = mysqli_connect($dbhost,$dbuser,$dbpass,$dbname) or die ($dberror1); 

    session_start(); 
    if (isSet($_POST['Register']) && isSet($_POST['Username']) && isSet($_POST['Password']) && $_POST['Username'] != '' && $_POST['Password'] != '') { 
     $Password = $_POST['Password']; 
     $passMD5 = md5($Password); 
     $Username = $_POST['Username']; 
     $q = mysqli_query($con, "SELECT * FROM `users` WHERE `Username`='$Username'"); 
     if (mysqli_num_rows($q) > 0) { 
      echo 'That username is already taken.'; 
     } 
     if ($_POST['Password']!= $_POST['ConfirmPassword']){ 
      echo("Oops! Password did not match! Try again. "); 
     } 
     else{ 
      $qq = mysqli_query($con, "INSERT INTO `users` VALUES ('', '$Username', '$passMD5')"); 
      if ($qq) { 
       echo 'Registered successfully!'; 
      }else 
       echo 'Failed to register.'; 
     } 
    } 
?> 


<form method="post" class="registration_form"> 
    <fieldset> 
<legend>Registration Form </legend> 

<table> 
<tbody> 
<tr> 
    <td class="label"><label for="Username">Username :</label></td> 
    <td class="input"><input type="text" id="Username" name="Username" required/></td> 
    <td class="error"></td> 
</tr> 
<tr> 
    <td class="label"><label for="Fname">First Name :</label></td> 
    <td class="input"><input type="text" id="Firstname" name="Firstname" required/></td> 
    <td class="error"></td> 
</tr> 
<tr> 
    <td class="label"> <label for="Lname">Last Name :</label></td> 
    <td class="input"><input type="text" id="Lastname" name="Lastname" required/></td> 
    <td class="error"></td> 
</tr> 
<tr> 
    <td class="label"><label for="e-mail">E-mail :</label></td> 
    <td class="input"><input type="email" id="Email" name="Email" required/></td> 
    <td class="error"></td> 
</tr> 
<tr> 
    <td class="label"><label for="Password">Password:</label></td> 
    <td class="input"><input type="password" id="Password" name="Password" required/></td> 
    <td class="error"></td> 
</tr> 
<tr> 
    <td class="label"><label for="ConfirmPassword">Confirm Password:</label></td> 
<td class="input"><input type="password" id="ConfirmPassword" name="ConfirmPassword" required/></td> 
    <td class="error"></td> 
</tr> 
<tr> 
    <td><input type="hidden" name="formsubmitted" value="TRUE" /></td> 
    <td><input type="submit" id="Register" value="Register" name="Register" /></td> 
    <td class="error"></td> 
</tr> 
</tbody> 
</table> 
    </fieldset> 
</form>

來源

2015-09-04 nathzOO

+0

旁註:您可以減少整個'如果(isSet($ _ POST [ '註冊'])......'簡單'如果(空! ($ _POST ['Register'])....'和其他人,不需要'!='''或者簡單的三元操作符 –

+0

你真的不應該使用MD5密碼哈希值,你真的應該使用PHP的[內置函數](http://jayblanchard.net/proper_password_hashing_with_PHP.html)來處理密碼安全性。如果您使用的PHP版本低於5.5,您可以使用'password_hash()'[兼容包](https://github.com/ircmaxell/password_compat)。 –

+0

[你的腳本是在對SQL注入攻擊的風險。(http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) –

回答

1

不漂亮,但:

<?php 
    session_start(); 
    if (isSet($_POST['Register']) && isSet($_POST['Username']) && isSet($_POST['Password']) && $_POST['Username'] != '' && $_POST['Password'] != '') { 
     $Password = $_POST['Password']; 
     $passMD5 = md5($Password); 
     $Username = $_POST['Username']; 
     $q = mysqli_query($con, "SELECT * FROM `users` WHERE `Username`='$Username'"); 
     if (mysqli_num_rows($q) == 0) {   
      if ($_POST['Password'] == $_POST['ConfirmPassword']){ 
       $qq = mysqli_query($con, "INSERT INTO `users` VALUES ('', '$Username', '$passMD5')"); 
       if ($qq) { 
        echo 'Registered successfully!'; 
       } else { 
        echo 'Failed to register.'; 
       } 
      } else { 
       echo "Oops! Password did not match! Try again."; 
      } 
     } else { 
      echo 'That username is already taken.'; 
     } 
    } 
?>

來源

2015-09-04 16:27:14

+0

口口聲聲說未能註冊 – nathzOO

+0

鑑於OP的形式是猶太教; - )並且他們的連接是成功的。 –

+0

好吧,看起來密碼是匹配的,你沒有插入數據。看起來你還沒有連接到數據庫。您是否已連接到頁面中較高的數據庫?在運行查詢之前,您需要這樣做。另外,正如其他人所提到的,您應該切換到PDO,但這完全是一個單獨的主題。 –

相關問題

 相關問題