PHP 报名系统
PHP Signup system
我正在 php 中测试新内容,但我很难理解我的 php 代码有什么问题。
所以基本上,当我输入仅包含字符的正常注册登录时,我的 php 会抛出代码中第 18 行的 msg "signup=invalid" 。请帮忙
<?php
if (isset($_POST['submit'])) {
include_once 'dbc.php';
$login = mysqli_real_escape_string($conn, $_POST['login']);
$pwd = mysqli_real_escape_string($conn, $_POST['pwd']);
//Error handler
//Check for empty fields
if (empty($login) || empty($pwd)) {
header("Location: register.php?signup=empty");
exit();
} else {
//Check if input characters are valid
if (preg_match("/^[a-zA-Z]*$/", $first)) {
header("Location: register.php?signup=invalid");
exit();
} else {
$sql = "SELECT * FROM user WHERE name='$login'";
$result = mysqli_query($conn, $sql);
$resultCheck = mysqli_num_rows($result);
if ($resultCheck > 0) {
header("Location: register.php?signup=nametaken");
exit();
} else {
//hash
$hashedPwd = password_hash($pwd, PASSWORD_DEFAULT);
//Insert user into database
$sql = "INSERT INTO user (user_login, user_pwd) VALUES ('$login', '$hashedPwd');";
mysqli_query($conn, $sql);
header("Location: register.php?signup=success");
exit();
}
}
}
} else {
header("Location: register.php");
exit();
}
这一行
if (preg_match("/^[a-zA-Z]*$/", $first)) {
应该是
if (!preg_match("/^[a-zA-Z]*$/", $login)) {
由于 $first 没有被声明,它永远是真的,因为它只包含数字!表示如果它不等于
我正在 php 中测试新内容,但我很难理解我的 php 代码有什么问题。 所以基本上,当我输入仅包含字符的正常注册登录时,我的 php 会抛出代码中第 18 行的 msg "signup=invalid" 。请帮忙
<?php
if (isset($_POST['submit'])) {
include_once 'dbc.php';
$login = mysqli_real_escape_string($conn, $_POST['login']);
$pwd = mysqli_real_escape_string($conn, $_POST['pwd']);
//Error handler
//Check for empty fields
if (empty($login) || empty($pwd)) {
header("Location: register.php?signup=empty");
exit();
} else {
//Check if input characters are valid
if (preg_match("/^[a-zA-Z]*$/", $first)) {
header("Location: register.php?signup=invalid");
exit();
} else {
$sql = "SELECT * FROM user WHERE name='$login'";
$result = mysqli_query($conn, $sql);
$resultCheck = mysqli_num_rows($result);
if ($resultCheck > 0) {
header("Location: register.php?signup=nametaken");
exit();
} else {
//hash
$hashedPwd = password_hash($pwd, PASSWORD_DEFAULT);
//Insert user into database
$sql = "INSERT INTO user (user_login, user_pwd) VALUES ('$login', '$hashedPwd');";
mysqli_query($conn, $sql);
header("Location: register.php?signup=success");
exit();
}
}
}
} else {
header("Location: register.php");
exit();
}
这一行
if (preg_match("/^[a-zA-Z]*$/", $first)) {
应该是
if (!preg_match("/^[a-zA-Z]*$/", $login)) {
由于 $first 没有被声明,它永远是真的,因为它只包含数字!表示如果它不等于