(This is my first try with php)
* I just remembered PHP code doesn't show up in the source so here it is:
enter code here
include('connection.php');
if(isset($_POST['form'])){
if(empty($_POST['username']) || empty($_POST['password']) || empty($_POST['conf_pass']) || empty($_POST['email'])){
echo 'Please fill out all fields.';
}elseif($_POST['password'] != $_POST['conf_pass']){
echo 'Your Passwords do not match.';
}else{
$url = 'http://graves-incorporated.com/test_sites/plantation_park_2012/';
echo '';
echo 'Congrats, You are now Registered.';
mysql_query("INSERT INTO users VALUES(NULL, '$_POST[username]', '$_POST[password]', '$_POST[email]')");
}
}
?>
I want to make sure I don't get duplicate users and/or email addresses in the database. I set up a Unique Key in MySQL for Username and Email, which prevents it, but the user on the actual form doesn't know that, it still tells them "Congrats, you are signed up" or whatever it says... haha
So what can I add to the php code (and where in the code) that would prevent this?
Thanks for helping this major noob,
Dan Graves
解决方案<?php
include('connection.php');
if(isset($_POST['form'])){
if(empty($_POST['username']) || empty($_POST['password']) || empty($_POST['conf_pass']) || empty($_POST['email'])){
echo 'Please fill out all fields.';
}elseif($_POST['password'] != $_POST['conf_pass']){
echo 'Your Passwords do not match.';
}else{
$dup = mysql_query("SELECT username FROM users WHERE username='".$_POST['username']."'");
if(mysql_num_rows($dup) >0){
echo 'username Already Used.';
}
else{
$url = 'http://graves-incorporated.com/test_sites/plantation_park_2012/';
echo '';
$sql = mysql_query("INSERT INTO users VALUES(NULL, '$_POST[username]', '$_POST[password]', '$_POST[email]')");
if($sql){
echo 'Congrats, You are now Registered.';
}
else{
echo 'Error Registeration.';
}
}
}
}
?>
2977
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
