1. 首頁
  2. 問答
  3. Mysql PDO轉換驗證

Mysql PDO轉換驗證

2016-10-29 70 views
0

我對PDO是全新的,我試圖轉換我的註冊頁面, 我能夠獲取數據庫中的信息,但是我倒下了,我讓它變得更復雜,然後它需要。我是否需要在每個功能中使用2套POSTMysql PDO轉換驗證

此外,我的回聲驗證錯誤與創建函數中的EXCEPTION衝突。

我有一個寄存器功能,我用稱它爲我的註冊頁面

<?php validate_register();?>

以下這是我的驗證註冊碼

/* Validate register */ 

function validate_register(){ 

    $errors = []; 

    $min = 3; 
    $max = 20; 

    if(isset($_POST['signupBtn'])){  

     $email = $_POST['email']; 
     $username = $_POST['username']; 
     $birthdate = $_POST['birthdate']; 
     $password = $_POST['password']; 

     if (empty($email)) { 
      $errors[] = "Email Address Required."; 
     } 

     if (empty($username)) { 
      $errors[] = "Userame Required."; 
     } 

     if (empty($birthdate)) { 
      $errors[] = "Date of Birth Required."; 
     } 

     if (empty($password)) { 
      $errors[] = "Password Required."; 
     } 

     if (! empty($errors)) { 

      echo validation_errors($errors[0]); 

     } else { 

      if (create_user($email, $username, $birthdate, $password)) { 

       set_message('Please check your email for account Information.'); 

       redirect ("index.php"); 
      } 
     } 
    } 
}

,如果驗證通過它創建用戶

/* create user */ 

function create_user($email, $username, $birthdate, $password){ 

    $email = $_POST['email']; 
    $username = $_POST['username']; 
    $birthdate = $_POST['birthdate']; 
    $password = $_POST['password']; 

    $hashed_password = password_hash($password, PASSWORD_DEFAULT); 


    try { 

     $sqlInsert = "INSERT INTO users (email, username, birthdate, password) 
        VALUES(:email, :username, :birthdate, :password)"; 

     $stmt = $db->prepare($sqlInsert); 
     $stmt->execute(array(':email' =>$email, ':username' => $username, ':birthdate' => $birthdate, ':password' => $hashed_password)); 

     if ($stmt->rowCount() == 1) { 

      return true; 
     } 


    }catch (PDOException $e){ 

     $result = $e->getMessage(); 
    } 
}

來源

2016-10-29 Case

回答

1

您不必在0123再次重新分配因爲你將它們傳遞到函數從validate_register功能:

validate_register()

function validate_register(){ 
    $errors = []; 
    $min = 3; 
    $max = 20; 

    if(isset($_POST['signupBtn'])){  
     # Just setting here is fine like you have 
     $email = $_POST['email']; 
     $username = $_POST['username']; 
     $birthdate = $_POST['birthdate']; 
     $password = $_POST['password']; 

    ...etc.

create_user()

function create_user($email, $username, $birthdate, $password){ 
    ################################################################ 
    # As noted, remove this section because you have set them in the 
    # parameters and passed them from the previous function. As long 
    # as they are in the same order when you pass them, you're good 
    ################################################################ 

    $hashed_password = password_hash($password, PASSWORD_DEFAULT); 

    try { 

     $sqlInsert = "INSERT INTO users (email, username, birthdate, password) 
        VALUES(:email, :username, :birthdate, :password)"; 

     $stmt = $db->prepare($sqlInsert); 
     $stmt->execute(array(':email' =>$email, ':username' => $username, ':birthdate' => $birthdate, ':password' => $hashed_password)); 

     if ($stmt->rowCount() == 1) { 
      return true; 
     } 
    }catch (PDOException $e){ 

     $result = $e->getMessage(); 
    } 
}

來源

2016-10-29 07:25:17 Rasclatt

+0

感謝您的解釋,但看到我的驗證是?在mysqli我有驗證回聲錯誤,但PDO似乎需要PDOException錯誤。 – Case

+0

PDOException是如果您的SQL格式不正確或者存在其他與mysql查詢有關的問題。你對這些值的驗證看起來很好。 – Rasclatt

+0

另外,你不一定需要'try' /'catch'。對於向日志進行報告很有用,但您可能不希望直接向用戶顯示結果錯誤。 – Rasclatt

相關問題

 相關問題