1. 首頁
  2. 問答
  3. PHP註冊表格打印錯誤

PHP註冊表格打印錯誤

2015-09-04 86 views
0

完成了一個php/mysql登錄系統。我也製作了一個可以使用的註冊系統,但是如果電子郵件/用戶名已經註冊,或者輸入的用戶名或密碼丟失等,我需要在html中打印出一個錯誤。PHP註冊表格打印錯誤

As現在它會自動死掉並在空白頁面上打印出錯信息。

它看起來像這樣:

 if(empty($_POST['password'])) 
    { 
     die("Please enter a password"); 
    }

我已經試過這樣:

$errors = array(); 
if(empty($_POST['password'])) 
{ 
    $errors[] = 'Please enter a password'; 
}

,然後打印出來的HTML中。但它會忽略密碼輸入並只是註冊用戶帳戶(使用加密密碼,在phpmyadmin中)。

它看起來必須死去,但我應該怎麼做呢?

這裏是整個代碼:

<?php 
require("*mysql_connection file*"); 


if(!empty($_POST)) 
{ 

    if(empty($_POST['username'])) 
    { 
     die("Please enter a username."); 
    } 

    $errors = array(); 
    if(empty($_POST['password'])) 
    { 
     $errors[] = 'Please enter your password'; 
    } 

    if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) 
    { 
     die("Invalid E-Mail Address"); 
    } 

    $query = " 
     SELECT 
      1 
     FROM users 
     WHERE 
      username = :username 
    "; 

    $query_params = array( 
     ':username' => $_POST['username'] 
    ); 

    try 
    { 
     $stmt = $db->prepare($query); 
     $result = $stmt->execute($query_params); 
    } 
    catch(PDOException $ex) 
    { 
     die("Failed to run query: " . $ex->getMessage()); 
    } 

    $row = $stmt->fetch(); 

    if($row) 
    { 
     die("This username is already in use"); 
    } 

    $query = " 
     SELECT 
      1 
     FROM users 
     WHERE 
      email = :email 
    "; 

    $query_params = array( 
     ':email' => $_POST['email'] 
    ); 

    try 
    { 
     $stmt = $db->prepare($query); 
     $result = $stmt->execute($query_params); 
    } 
    catch(PDOException $ex) 
    { 
     die("Failed to run query: " . $ex->getMessage()); 
    } 

    $row = $stmt->fetch(); 

    if($row) 
    { 
     die("Email already registered."); 
    } 

    $query = " 
     INSERT INTO users ( 
      username, 
      password, 
      salt, 
      email 
     ) VALUES ( 
      :username, 
      :password, 
      :salt, 
      :email 
     ) 
    "; 

    $salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647)); 


    $password = hash('sha256', $_POST['password'] . $salt); 

    for($round = 0; $round < 65536; $round++) 
    { 
     $password = hash('sha256', $password . $salt); 
    } 

    $query_params = array( 
     ':username' => $_POST['username'], 
     ':password' => $password, 
     ':salt' => $salt, 
     ':email' => $_POST['email'] 
    ); 

    try 
    { 
     $stmt = $db->prepare($query); 
     $result = $stmt->execute($query_params); 
    } 
    catch(PDOException $ex) 
    { 

     die("Failed to run query: " . $ex->getMessage()); 
    } 

    header("Location: *login page*"); 
    die("Redirecting to *login page*"); 
}

>

來源

2015-09-04 saltcracker

+0

你不火的查詢?請讓你的問題更清楚。 –

+0

立即更新整個代碼。 – saltcracker

回答

0 
<?php 
require("*mysql_connection file*"); 


if(!empty($_POST)) 
{ 

    if(empty($_POST['username'])) 
    { 
     die("Please enter a username."); 
    } 

    $errors = array(); 
    if(empty($_POST['password'])) 
    { 
     $errors[] = 'Please enter your password'; 
    } 

    if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) 
    { 
     die("Invalid E-Mail Address"); 
    } 

    $query = " 
     SELECT 
      1 
     FROM users 
     WHERE 
      username = :username 
    "; 

    $query_params = array( 
     ':username' => $_POST['username'] 
    ); 

    try 
    { 
     $stmt = $db->prepare($query); 
     $result = $stmt->execute($query_params); 
    } 
    catch(PDOException $ex) 
    { 
     die("Failed to run query: " . $ex->getMessage()); 
    } 

    $row = $stmt->fetch(); 

    if($row) 
    { 
     die("This username is already in use"); 
    } 

    $query = " 
     SELECT 
      1 
     FROM users 
     WHERE 
      email = :email 
    "; 

    $query_params = array( 
     ':email' => $_POST['email'] 
    ); 

    try 
    { 
     $stmt = $db->prepare($query); 
     $result = $stmt->execute($query_params); 
    } 
    catch(PDOException $ex) 
    { 
     die("Failed to run query: " . $ex->getMessage()); 
    } 

    $row = $stmt->fetch(); 

    if($row) 
    { 
     die("Email already registered."); 
    } 

    $query = " 
     INSERT INTO users ( 
      username, 
      password, 
      salt, 
      email 
     ) VALUES ( 
      :username, 
      :password, 
      :salt, 
      :email 
     ) 
    "; 

    $salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647)); 


    $password = hash('sha256', $_POST['password'] . $salt); 

    for($round = 0; $round < 65536; $round++) 
    { 
     $password = hash('sha256', $password . $salt); 
    } 

    $query_params = array( 
     ':username' => $_POST['username'], 
     ':password' => $password, 
     ':salt' => $salt, 
     ':email' => $_POST['email'] 
    ); 


    if (empty($errors)) { /********* EDITS ***********/ 

     try 
     { 
      $stmt = $db->prepare($query); 
      $result = $stmt->execute($query_params); 
     } 
     catch(PDOException $ex) 
     { 

      die("Failed to run query: " . $ex->getMessage()); 
     } 

    }/********* EDITS ***********/ 

    header("Location: *login page*"); 
    die("Redirecting to *login page*"); 
} 
?>

這是遠不夠理想,但我不能arsed重寫你的整個代碼。 主要評論是使用openssl_random_pseudo_bytes而不是你自己的東西來彌補鹽,或者你可以從mcrypt系列功能中取出IV。

來源

2015-09-04 19:04:09

0

試試這個: -

if(""== trim($_POST['password'])) 
    { 
      die("Please enter a password"); 
    } 
else //password is entered 
{ 
//your code 
}

來源

2015-09-04 19:08:46

+0

沒有工作,用戶無需輸入密碼即可創建。謝謝你試圖幫助我! – saltcracker

+0

代碼再次通過它更新..go –

相關問題

 相關問題