因此,我一直在学习网络开发课程,并且在构建网站时,在创建注册/登录页面时开始遇到问题。当我在注册表中将值留空并单击“提交”时。我收到缺少“用户名,电子邮件,密码等”的错误。但是,它将空值存储在我的数据库中。另一个问题是,当我输入密码时,即使我输入正确的密码值,它也会提示我密码应该有多长时间,然后它不会提示我确认新密码,以便它们匹配。即使输入任何密码,它也会接受它,并且我会同时收到以下错误消息:密码至少应为8个字符长,大写字母为1等。但是我也会收到“成功”消息,说我收到了“激活链接” ”。当我单击激活链接时,它在数据库中说“已激活”,并表示是这样,但是当我尝试使用信息登录时,它说“用户名或密码错误”。
我对这一切都很陌生,但是我找不到解决方案。
这是我在寄存器中的代码
<!--Start a session-->
<?php
session_start();
//here we are connecting to db by linking the file to connection.php
include('connections.php');
//Check user inputs
// Define error message
$missingUsername = '<p><strong>Please enter the username!</strong></p>';
$missingEmail = '<p><strong>Please enter your email!</strong></p>';
$invalidEmail = '<p><strong>Please enter a valid email</strong></p>';
$missingPassword = '<p><strong>Please enter a password!</strong></p>';
$invalidPassword = '<p><strong>Your password should be at least 8 characters long and include one capital letter and one number!</strong></p>';
$differentPassword2 = '<p><strong>The passwords don\'t match!</strong></p>';
$missingPassword2 = '<p><strong>Please enter password again</strong></p>';
//Get username, email, password, passwowrd2
//GET USERNAME
if(empty($_POST["username"])){
$errors .= $missingUsername;
}else{
$username = filter_var($_POST["username"], FILTER_SANITIZE_STRING);
}
//GET EMAIL
if(empty($_POST["email"])){
$errors .= $missingEmail;
}else{
$email = filter_var($_POST["email"], FILTER_SANITIZE_EMAIL);
// VALIDATING EMAIL if email invalid
if(!filter_var($email, FILTER_VALIDATE_EMAIL)){
$errors .= $invalidEmail;
}
}
//GET PASSWORDs
if(empty($_POST["password"])){
$errors .= $missingPassword;
}elseif(!(strlen($_POST["password"])>8
and preg_match('/[A-Z]/',$_POST["password"])
and preg_match('/[0-9]/',$_POST["password"]))){
$errors .= $invalidPassword;
}else{
$password = filter_var($_POST["password"], FILTER_SANITIZE_STRING);
//IF SECOND PASSWORD MISSING
if(empty($_POST["password2"])){
$errors .= $missingPassword2;
}else{
$password2 = filter_var($_POST["password2"], FILTER_SANITIZE_STRING);
if($password !== $password2){
$errors .= $differentPassword;
}
}
}
//IF THERE ARE ANY ERRROR PRINT ERRORS
if($errors){
$resultMessage = '<div class="alert alert-danger">' . $errors . '</div>';
echo $resultMessage;
}
//IF THERE ARE NO ERRORS
$username = mysqli_real_escape_string($link,$username);
$email = mysqli_real_escape_string($link,$email);
$password = mysqli_real_escape_string($link,$password);
//hashing password
//$_Password = md5($_Password);
$password = hash('sha256',$password);
//128 bits -> 32 characters
//256 bits ->64 characters
//IF *USERNAME* EXISTS IN THE USERS TABLE PRINT ERROR
$sql = "SELECT * FROM users WHERE username = '$username'";
$result = mysqli_query($link, $sql);
if(!$result){
echo '<div class="alert alert-danger">Error running the query!</div>';
//echo '<div class="alert alert-danger">'. mysqli_error($link).'</div>';
exit;
}
$results = mysqli_num_rows($result);
if($results){
echo '<div class="alert alert-danger">That username is already registered. Do you want to log in?</div>';
exit;
}
//IF THE *EMAIL* exists in the users table print error
$sql = "SELECT * FROM users WHERE email = '$email'";
$result = mysqli_query($link, $sql);
if(!$result){
echo '<div class="alert alert-danger">Error running the query!</div>';
exit;
}
$results = mysqli_num_rows($result);
if($results){
echo '<div class="alert alert-danger">That email is already registered. Do you want to login?</div>';
exit;
}
//CREATE A UNIQUE ACTIVATION CODE
$activationKey =
bin2hex(openssl_random_pseudo_bytes(16));
// bytes:unit of data = 8 bits
// bit: 0 or 1
// 16 bytes = 16 * 8= 128 bits
// (2*2*2*2)*2*2*2*2...*2
// 16*16*...*16
// 32 characters
//INSERT USER DETAILS AND ACTIVATION CODE IN THE USERS TABLE
$sql = "INSERT INTO users (username, email, password, activation) VALUES ('$username', '$email', '$password', '$activationKey')";
$result = mysqli_query($link, $sql);
if(!$result){
echo '<div class="alert alert-danger">There was an error inserting users detail in the database!</div>';
exit;
}
//SEND THE USER AN EMAIL WITH A LINK TO ACTIVATE.PHP WITH THEIR EMAIL AND ACTIVATION CODE
$message = "Please click on this link to activate your account:\n\n";
$message .= "" . urlencode($email) . "&key=$activationKey";
if(mail($email, 'Confirm your registration', $message, 'From:'.'muharem22@gmail.com')){
echo "<div class='alert alert-success'>Thank you for registering! A confirmation email has been sent to $email. Please click on the activation link to activate your account!</div>";
}
?>
Here is a screen shot of my register form
感谢您的任何建议/建议
答案 0 :(得分:0)
数据库中空条目的问题是因为发现任何错误后代码不会停止。
发现任何错误时,您必须添加出口。
if($errors)
{
$resultMessage = '<div class="alert alert-danger">' . $errors . '</div>';
echo $resultMessage;
exit;
}