PHP 仅当两个变量都不为空时,使用逻辑运算符检查空变量才有效
PHP empty variables check with logical operator only works if both variables are not empty
我正在尝试检查我的数据库 table。
它检查提供的用户名是否存在电子邮件地址或密码。如果他们中的任何一个出现在所提供用户名的数据库中,用户将看到一条错误消息并且记录不会被更改。
问题: 但是,出于某种原因,我的检查只有在密码和电子邮件都存在以供记录时才有效(如果电子邮件地址不显示错误消息是空的,但密码不是)。下面是我的代码:
require ('core/dbcon.php');
$user = mysqli_real_escape_string($con, $_GET['user']);
$acc_status = mysqli_real_escape_string($con, $_GET['status']);
if(empty($_POST['form']) === false){
$usr_email = mysqli_real_escape_string($con, $_POST['email']);
$pwd = mysqli_real_escape_string($con, $_POST['password']);
$rpwd = mysqli_real_escape_string($con, $_POST['rpwd']);
$qry = mysqli_query($con, "SELECT * FROM users WHERE email='$usr_email'") or die(mysqli_error($con));
$usr_details = mysqli_fetch_assoc($qry);
if(empty($usr_details['email'])=== true && empty($usr_details['password'])=== true){
if(mysqli_num_rows($qry) == 0){
if($pwd && $rpwd && $usr_email){
if($pwd === $rpwd){
$pwd = md5($pwd);
$query = mysqli_query($con, "SELECT * FROM users WHERE username='$user' AND email='$usr_email'") or die(mysqli_error($con));
if (mysqli_num_rows($query)== 1){
//update database table
}else{
$errors[] = 'Error! Your details were not added to the system due to a technical error. Please contact the Admin.';
}
}else{
$errors[] = 'Please make sure that the password entered in both fields are the same.';
}
}else{
$errors[] = 'Please complete all fields marked with a red asterisk';
}
}else{
$errors[] = 'Error! <b>'.$usr_email.'</b> already existis in our system.';
}
}else{
$errors[] = 'Error! It looks like the username you have entered has been assigned an email address and password already.';
}
}
我有一个用户名 'testuser'、电子邮件 'test@email.com' 和密码 'password' 的记录。我的检查工作正常,它显示错误 "Error! It looks like the username you have entered has been assigned an email address and password already." 但是,当我从数据库中删除电子邮件地址时,它以某种方式假定满足以下条件:if(empty($usr_details['email'])=== true && empty($usr_details['password'])=== true){ 当 empty($usr_details['password'])===false。
我尝试将逻辑运算符从 && 更改为 || 但我遇到了同样的问题(因为 OR 应该首先接受一个空变量和一个非空变量)。非常感谢您的帮助。
而不是:
if(empty($usr_details['email'])=== true && empty($usr_details['password'])=== true){
试试这个:
if($usr_details['email'] === NULL || $usr_details['password'] === NULL){
对于空数据库值,NULL 更好。
编辑:
您的查询将 return 为空,因为您只检查 $usr_details['email'],这在数据库中找不到。所以条件会满足。
如果你想正确地得到这个,请尝试使用 username 或 unique id
进行查询
$qry = mysqli_query($con,"select * from user where id=1");
或
$qry = mysqli_query($con,"select * from user where username='username'");
或者您应该在查询中检查 username 和 password:
$qry = mysqli_query($con,"select * from user where email='email' OR password='password'");
我刚刚发现问题出在我的查询上,正如 Lukas Hajdu 所暗示的:
$qry_email = mysqli_query($con, "SELECT email FROM users WHERE email='$usr_email'") or die(mysqli_error($con));
出于某种原因,它仅在数据库中已存在电子邮件地址时才进行 if(empty($usr_details['email'])=== true && empty($usr_details['password'])=== true){ 检查。
为了解决这个问题,我不得不形成另一个查询:
$qry_user = mysqli_query($con, "SELECT * FROM users WHERE username='$user'") or die(mysqli_error($con));
$usr_details = mysqli_fetch_assoc($qry_user);
我不知道为什么会这样,也不知道如何改进我的代码。所以请随时提供建议:)
我正在尝试检查我的数据库 table。
它检查提供的用户名是否存在电子邮件地址或密码。如果他们中的任何一个出现在所提供用户名的数据库中,用户将看到一条错误消息并且记录不会被更改。
问题: 但是,出于某种原因,我的检查只有在密码和电子邮件都存在以供记录时才有效(如果电子邮件地址不显示错误消息是空的,但密码不是)。下面是我的代码:
require ('core/dbcon.php');
$user = mysqli_real_escape_string($con, $_GET['user']);
$acc_status = mysqli_real_escape_string($con, $_GET['status']);
if(empty($_POST['form']) === false){
$usr_email = mysqli_real_escape_string($con, $_POST['email']);
$pwd = mysqli_real_escape_string($con, $_POST['password']);
$rpwd = mysqli_real_escape_string($con, $_POST['rpwd']);
$qry = mysqli_query($con, "SELECT * FROM users WHERE email='$usr_email'") or die(mysqli_error($con));
$usr_details = mysqli_fetch_assoc($qry);
if(empty($usr_details['email'])=== true && empty($usr_details['password'])=== true){
if(mysqli_num_rows($qry) == 0){
if($pwd && $rpwd && $usr_email){
if($pwd === $rpwd){
$pwd = md5($pwd);
$query = mysqli_query($con, "SELECT * FROM users WHERE username='$user' AND email='$usr_email'") or die(mysqli_error($con));
if (mysqli_num_rows($query)== 1){
//update database table
}else{
$errors[] = 'Error! Your details were not added to the system due to a technical error. Please contact the Admin.';
}
}else{
$errors[] = 'Please make sure that the password entered in both fields are the same.';
}
}else{
$errors[] = 'Please complete all fields marked with a red asterisk';
}
}else{
$errors[] = 'Error! <b>'.$usr_email.'</b> already existis in our system.';
}
}else{
$errors[] = 'Error! It looks like the username you have entered has been assigned an email address and password already.';
}
}
我有一个用户名 'testuser'、电子邮件 'test@email.com' 和密码 'password' 的记录。我的检查工作正常,它显示错误 "Error! It looks like the username you have entered has been assigned an email address and password already." 但是,当我从数据库中删除电子邮件地址时,它以某种方式假定满足以下条件:if(empty($usr_details['email'])=== true && empty($usr_details['password'])=== true){ 当 empty($usr_details['password'])===false。
我尝试将逻辑运算符从 && 更改为 || 但我遇到了同样的问题(因为 OR 应该首先接受一个空变量和一个非空变量)。非常感谢您的帮助。
而不是:
if(empty($usr_details['email'])=== true && empty($usr_details['password'])=== true){
试试这个:
if($usr_details['email'] === NULL || $usr_details['password'] === NULL){
对于空数据库值,NULL 更好。
编辑:
您的查询将 return 为空,因为您只检查 $usr_details['email'],这在数据库中找不到。所以条件会满足。
如果你想正确地得到这个,请尝试使用 username 或 unique id
$qry = mysqli_query($con,"select * from user where id=1");
或
$qry = mysqli_query($con,"select * from user where username='username'");
或者您应该在查询中检查 username 和 password:
$qry = mysqli_query($con,"select * from user where email='email' OR password='password'");
我刚刚发现问题出在我的查询上,正如 Lukas Hajdu 所暗示的:
$qry_email = mysqli_query($con, "SELECT email FROM users WHERE email='$usr_email'") or die(mysqli_error($con));
出于某种原因,它仅在数据库中已存在电子邮件地址时才进行 if(empty($usr_details['email'])=== true && empty($usr_details['password'])=== true){ 检查。
为了解决这个问题,我不得不形成另一个查询:
$qry_user = mysqli_query($con, "SELECT * FROM users WHERE username='$user'") or die(mysqli_error($con));
$usr_details = mysqli_fetch_assoc($qry_user);
我不知道为什么会这样,也不知道如何改进我的代码。所以请随时提供建议:)