PHP - 檢查電子郵件和用戶名是否已經存在於MySQL數據庫

Question

我試了很多，使這個代碼適用於我的registration.php頁面，我只想檢查電子郵件和用戶名是否已經註冊在我的數據庫中。我試着只檢查用戶名，它工作正常，但現在我也想檢查電子郵件是否已註冊。任何有關這方面的幫助將不勝感激。以下是我的registration.php代碼，希望有人會幫助！謝謝！

<?php 

/* 
Our "config.inc.php" file connects to database every time we include or require 
it within a php script. Since we want this script to add a new user to our db, 
we will be talking with our database, and therefore, 
let's require the connection to happen: 
*/ 
require("config.inc.php"); 

//if posted data is not empty 
if (!empty($_POST)) { 
//If the username or password is empty when the user submits 
//the form, the page will die. 
//Using die isn't a very good practice, you may want to look into 
//displaying an error message within the form instead. 
//We could also do front-end form validation from within our Android App, 
//but it is good to have a have the back-end code do a double check. 
if (empty($_POST['username']) || empty($_POST['password']) || empty($_POST['FullName']) || empty($_POST['emailadd'])) { 


    // Create some data that will be the JSON response 
    $response["success"] = 0; 
    $response["message"] = "Please fill in all the fields!"; 

    //die will kill the page and not execute any code below, it will also 
    //display the parameter... in this case the JSON data our Android 
    //app will parse 
    die(json_encode($response)); 
} 

//if the page hasn't died, we will check with our database to see if there is 
//already a user with the username specificed in the form. ":user" is just 
//a blank variable that we will change before we execute the query. We 
//do it this way to increase security, and defend against sql injections 
$query  = " SELECT 1 FROM users WHERE username = :user , eadd = :email"; 
//now lets update what :user should be 
$query_params = array(
    ':user' => $_POST['username'], 
    ':email' => $_POST['eadd'] 
); 

//Now let's make run the query: 
try { 
    // These two statements run the query against your database table. 
    $stmt = $db->prepare($query); 
    $result = $stmt->execute($query_params); 
} 
catch (PDOException $ex) { 
    // For testing, you could use a die and message. 
    //die("Failed to run query: " . $ex->getMessage()); 

    //or just use this use this one to product JSON data: 
    $response["success"] = 0; 
    $response["message"] = "Database Error1. Please Try Again!"; 
    die(json_encode($response)); 
} 

//fetch is an array of returned data. If any data is returned, 
//we know that the username is already in use, so we murder our 
//page 
$row = $stmt->fetch(); 
if ($row) { 
    // For testing, you could use a die and message. 
    //die("The username is already in use! Try a different username!"); 

    //You could comment out the above die and use this one: 
    $response["success"] = 0; 
    $response["message"] = "The username is already in use! Try a different username!"; 
    die(json_encode($response)); 
} 

//If we have made it here without dying, then we are in the clear to 
//create a new user. Let's setup our new query to create a user. 
//Again, to protect against sql injects, user tokens such as :user and :pass 
$query = "INSERT INTO users (username, password, FullName, eadd) VALUES (:user, :pass, :fulnme, :email)"; 

//Again, we need to update our tokens with the actual data: 
$query_params = array(
    ':user' => $_POST['username'], 
    ':pass' => $_POST['password'], 
    ':fulnme' => $_POST['FullName'], 
    ':email' => $_POST['eadd'] 
    ); 

//time to run our query, and create the user 
try { 
    $stmt = $db->prepare($query); 
    $result = $stmt->execute($query_params); 
} 

catch (PDOException $ex) { 
    // For testing, you could use a die and message. 
    //die("Failed to run query: " . $ex->getMessage()); 

    //or just use this use this one: 
    $response["success"] = 0; 
    $response["message"] = "Database Error2. Please Try Again!"; 
    die(json_encode($response)); 
} 

//If we have made it this far without dying, we have successfully added 
//a new user to our database. We could do a few things here, such as 
//redirect to the login page. Instead we are going to echo out some 
//json data that will be read by the Android application, which will login 
//the user (or redirect to a different activity, I'm not sure yet..) 
$response["success"] = 1; 
$response["message"] = "Registration was successful!"; 
echo json_encode($response); 

//for a php webservice you could do a simple redirect and die. 
//header("Location: login.php"); 
//die("Redirecting to login.php"); 


} else { 
?> 
<h1>Register</h1> 
<form action="register.php" method="post"> 
    Full Name<br /> 
    <input type="text" name="Name" value="" /> 
    <br /><br /> 
    Email Address<br /> 
    <input type="text" name="eadd" value="" /> 
    <br /><br /> 
    Username:<br /> 
    <input type="text" name="username" value="" /> 
    <br /><br /> 
    Password:<br /> 
    <input type="password" name="password" value="" /> 
    <br /><br /> 
      <input type="submit" value="Register" /> 
</form> 
<?php 
} 

?> 

Answer 1

創建一個像這樣的函數..這用於檢查電子郵件是否已經存在於服務器中。

 

function user_exists($username){ 
$username = sanitize($username); 
$query = mysql_query("SELECT * FROM `users` WHERE `user_name` = '$username' "); 
return (mysql_result($query,0) >= 1) ? true : false; 

然後，創建一個If嵌套循環來查看用戶名是true還是false。 對電子郵件重複相同的操作。歡呼聲......

代碼

Answer 2

你告訴你檢查是否存在具有相同的用戶名和相同的電子郵件數據庫的人，

例子：

你在數據庫中有

toto, toto@gmail.com 
toto2, toto2@gmail.com 

與

toto,toto2@gmail.com 

測試有人註冊你R測試不會找到任何人，因爲沒有人誰擁有電子郵件地址TOTO和toto2@gmail.com，

您需要2個獨立的語句，一個用戶名和一個電子郵件地址

Answer 3

我覺得你的問題是與您的查詢：

$query  = " SELECT 1 FROM users WHERE username = :user , eadd = :email"; 

是什麼SELECT 1！？！？！也許SELECT *，你需要使用AND

$query  = " SELECT * FROM users WHERE username = :user AND eadd = :email";