1. 首頁
  2. 問答
  3. 如何從mysql數據庫獲取數據並將其發送給使用PHP的用戶?

如何從mysql數據庫獲取數據並將其發送給使用PHP的用戶?

2012-09-22 67 views
-8

我是PHP新手,我創建了一個登錄/註冊區域。一切工作都很好,但我有一件事情總是出錯。用戶成功註冊後,會發送一封自動電子郵件,其登錄詳細信息爲:用戶名= X和密碼= Y.郵件中顯示除用戶名外的所有內容。如何從消息中的mysql數據庫獲取該信息(=數據)?如何從mysql數據庫獲取數據並將其發送給使用PHP的用戶?

下面是完整的代碼:

<?php 

define('INCLUDE_CHECK',true); 

require 'connect.php'; 
require 'functions.php'; 
// Those two files can be included only if INCLUDE_CHECK is defined 


session_name('tzLogin'); 
// Starting the session 

session_set_cookie_params(2*7*24*60*60); 
// Making the cookie live for 2 weeks 

session_start(); 

if($_SESSION['id'] && !isset($_COOKIE['tzRemember']) && !$_SESSION['rememberMe']) 
{ 
// If you are logged in, but you don't have the tzRemember cookie (browser restart) 
// and you have not checked the rememberMe checkbox: 

$_SESSION = array(); 
session_destroy(); 

// Destroy the session 
} 


if(isset($_GET['logoff'])) 
{ 
$_SESSION = array(); 
session_destroy(); 

header("Location: default.php"); 
exit; 
} 

if($_POST['submit']=='Login') 
{ 
// Checking whether the Login form has been submitted 

$err = array(); 
// Will hold our errors 


if(!$_POST['username'] || !$_POST['password']) 
$err[] = 'All the fields must be filled in!'; 

if(!count($err)) 
{ 
$_POST['username'] = mysql_real_escape_string($_POST['username']); 
$_POST['password'] = mysql_real_escape_string($_POST['password']); 
$_POST['rememberMe'] = (int)$_POST['rememberMe']; 

// Escaping all input data 

$row = mysql_fetch_assoc(mysql_query("SELECT id,usr FROM tz_members WHERE usr='{$_POST['username']}' AND pass='".md5($_POST['password'])."'")); 

if($row['usr']) 
{ 
// If everything is OK login 

$_SESSION['usr']=$row['usr']; 
$_SESSION['id'] = $row['id']; 
$_SESSION['rememberMe'] = $_POST['rememberMe']; 

// Store some data in the session 

setcookie('tzRemember',$_POST['rememberMe']); 
} 
else $err[]='Wrong username and/or password!'; 
} 

if($err) 
$_SESSION['msg']['login-err'] = implode('<br />',$err); 
// Save the error messages in the session 

header("Location: default.php"); 
exit; 
} 
else if($_POST['submit']=='Register') 
{ 
// If the Register form has been submitted 

$err = array(); 

if(strlen($_POST['username'])<4 || strlen($_POST['username'])>32) 
{ 
$err[]='Your username must be between 3 and 32 characters!'; 
} 

if(preg_match('/[^a-z0-9\-\_\.]+/i',$_POST['username'])) 
{ 
$err[]='Your username contains invalid characters!'; 
} 

if(!checkEmail($_POST['email'])) 
{ 
$err[]='Your email is not valid!'; 
} 

if(!count($err)) 
{ 
// If there are no errors 

$pass = substr(md5($_SERVER['REMOTE_ADDR'].microtime().rand(1,100000)),0,6); 
// Generate a random password 

$_POST['email'] = mysql_real_escape_string($_POST['email']); 
$_POST['username'] = mysql_real_escape_string($_POST['username']); 
// Escape the input data 


mysql_query(" INSERT INTO tz_members(usr,pass,email,regIP,dt) 
VALUES(

'".$_POST['username']."', 
'".md5($pass)."', 
'".$_POST['email']."', 
'".$_SERVER['REMOTE_ADDR']."', 
NOW() 

)"); 

//The message 
$message = 
"Hello, \n 
Thank you for registering with us. \n 
Here are your login details: \n 

Username: ??? <--this is where I want the code for getting username \n 
Password: $pass \n 

Thank You 

Administrator 
www.***.com 
______________________________________________________ 
THIS IS AN AUTOMATED RESPONSE. 
***DO NOT RESPOND TO THIS EMAIL****"; 

if(mysql_affected_rows($link)==1) 
{ 
send_mail( '[email protected]***.com', 
$_POST['email'], 
'Registration System - Your New Password', 
$message); 

$_SESSION['msg']['reg-success']='We sent you an email with your new password!'; 
} 
else $err[]='This username is already taken!'; 
} 

if(count($err)) 
{ 
$_SESSION['msg']['reg-err'] = implode('<br />',$err); 
} 

header("Location: default.php"); 
exit; 
}

非常感謝。

來源

2012-09-22 Paul De Meulenaer

+0

你在代碼哪些變量?我看到'$ pass',但是有'$ username'變量嗎? –

+0

不,我沒有變量$ username。如何設置並連接到我的mysql數據庫中的值? –

+0

你不應該以明文存儲密碼。 –

回答

1

那麼,即使你不清楚你如何訪問你的數據庫,最簡單的方法是使用select語句查詢你需要的信息。

$message = "Hello, \n Thank you for registering with us. \n Here are your login details: \n 

Username: $username \n 
Password: $password \n 

Thank You 

Administrator 
www.***.com 
_____________________________________________________ 
THIS IS AN AUTOMATED RESPONSE. 
***DO NOT RESPOND TO THIS EMAIL****";

希望這是你在找什麼,那你可以學到更多在這個旅程:

//use a prepare statement for added security, and to prevent sql injection 
if ($select_stmt = $mysqli->prepare("SELECT username, password FROM users WHERE email = ?")) 
{ 
    $select_stmt->bind_param("s", $email); //this is the email from our user 
    $select_stmt->execute(); 
    $select_stmt->store_result(); 

    //if the query yield any result (thats to say the email is from a valid user) 
    if ($select_stmt->num_rows() > 0) 
    { 
    $select_stmt->bind_result($username,$password); 
    $select_stmt->fetch(); 
    } 
}

現在,您可以按以下從存儲在變量數據庫使用的值。

編輯

現在好了,您張貼的完整代碼它更容易 只是做到以下幾點:

$username = $_POST['username']; 
$message = "Hello, \n Thank you for registering with us. \n Here are your login details: \n 

Username: $username \n 
Password: $password \n 

Thank You 

Administrator 
www.***.com 
_____________________________________________________ 
THIS IS AN AUTOMATED RESPONSE. 
***DO NOT RESPOND TO THIS EMAIL****";

來源

2012-09-22 07:09:10

+0

試過這個,但現在我得到了:致命錯誤:調用成員函數prepare()上的非對象在/home/a1196003/public_html/test/default.php在線128 –

+0

哦對不起,我忘了添加以下內容:$ mysqli = new mysqli(HOST,USER,PASSWORD,DATABASE);改變你的數據庫的價值和所有應該工作。 –

+0

感謝它正在工作。 –

相關問題

 相關問題