1. 首頁
  2. 問答
  3. 註冊表格和電子郵件激活developPHP.com教程

註冊表格和電子郵件激活developPHP.com教程

2013-06-20 99 views
0

我正在關注Adam Khoury的「如何構建社交網絡網站」教程,我在第6課「註冊表單和電子郵件激活PHP MySQL JavaScript編程教程「。註冊表格和電子郵件激活developPHP.com教程

課和代碼在這裏: http://www.developphp.com/view.php?tid=1294

完成本課程後,我有一個新用戶註冊形式,但我遇到的兩個問題。

的形式表示,註冊成功後,它會顯示正確的確認消息「OK TestUser用戶,請檢查您的電子郵件收件箱和垃圾郵件箱在[email protected]在瞬間完成註冊通過激活您的帳戶進行處理。在成功激活您的帳戶之前,您無法在網站上執行任何操作。「,但是用戶的詳細信息不會輸入到用戶數據庫表中。

2.確認電子郵件不會被髮送到用戶的收件箱(或垃圾郵件爲此事)

我使用bluehost.com作爲我的服務器,我已創建BlueHost的正確的電子郵件地址(由於隱私原因,下面的代碼中的電子郵件地址已更改爲「[email protected]」)。

這是我signup.php文件:

<?php session_start(); 
// If user is logged in, header them away 
if(isset($_SESSION["username"])){ 
    header("location: message.php?msg=NO to that weenis"); 
    exit(); 
} 
?><?php if(isset($_POST["usernamecheck"])){ 
    include_once("php_includes/db_conx.php"); 
    $username = preg_replace('#[^a-z0-9]#i', '', $_POST['usernamecheck']); 
    $sql = "SELECT id FROM users WHERE username='$username' LIMIT 1"; 
    $query = mysqli_query($db_conx, $sql); 
    $uname_check = mysqli_num_rows($query); 
    if (strlen($username) < 3 || strlen($username) > 16) { 
     echo '<strong style="color:#F00;">3 - 16 characters please</strong>'; 
     exit(); 
    } 
    if (is_numeric($username[0])) { 
     echo '<strong style="color:#F00;">Usernames must begin with a letter</strong>'; 
     exit(); 
    } 
    if ($uname_check < 1) { 
     echo '<strong style="color:#009900;">' . $username . ' is OK</strong>'; 
     exit(); 
    } else { 
     echo '<strong style="color:#F00;">' . $username . ' is taken</strong>'; 
     exit(); 
    } 
} 
?><?php if(isset($_POST["u"])){ 
    // CONNECT TO THE DATABASE 
    include_once("php_includes/db_conx.php"); 
    // GATHER THE POSTED DATA INTO LOCAL VARIABLES 
    $u = preg_replace('#[^a-z0-9]#i', '', $_POST['u']); 
    $e = mysqli_real_escape_string($db_conx, $_POST['e']); 
    $p = $_POST['p']; 
    $g = preg_replace('#[^a-z]#', '', $_POST['g']); 
    $c = preg_replace('#[^a-z ]#i', '', $_POST['c']); 
    // GET USER IP ADDRESS 
    $ip = preg_replace('#[^0-9.]#', '', getenv('REMOTE_ADDR')); 
    // DUPLICATE DATA CHECKS FOR USERNAME AND EMAIL 
    $sql = "SELECT id FROM users WHERE username='$u' LIMIT 1"; 
    $query = mysqli_query($db_conx, $sql); 
    $u_check = mysqli_num_rows($query); 
    // ------------------------------------------- 
    $sql = "SELECT id FROM users WHERE email='$e' LIMIT 1"; 
    $query = mysqli_query($db_conx, $sql); 
    $e_check = mysqli_num_rows($query); 
    // FORM DATA ERROR HANDLING 
    if($u == "" || $e == "" || $p == "" || $g == "" || $c == ""){ 
     echo "The form submission is missing values."; 
     exit(); 
    } else if ($u_check > 0){ 
     echo "The username you entered is alreay taken"; 
     exit(); 
    } else if ($e_check > 0){ 
     echo "That email address is already in use in the system"; 
     exit(); 
    } else if (strlen($u) < 3 || strlen($u) > 16) { 
     echo "Username must be between 3 and 16 characters"; 
     exit(); 
    } else if (is_numeric($u[0])) { 
     echo 'Username cannot begin with a number'; 
     exit(); 
    } else { 
    // END FORM DATA ERROR HANDLING 
     // Begin Insertion of data into the database 
     // Hash the password and apply your own mysterious unique salt 

     /*$cryptpass = crypt($p); 
     include_once ("php_includes/randStrGen.php"); 
     $p_hash = randStrGen(20)."$cryptpass".randStrGen(20);*/ 
     $p_hash = md5($p);//CHANGE THIS!!!!! 

     // Add user info into the database table for the main site table 
     $sql = "INSERT INTO users (username, email, password, gender, country, ip, signup, lastlogin, notescheck)  
       VALUES('$u','$e','$p_hash','$g','$c','$ip',now(),now(),now())"; 
     $query = mysqli_query($db_conx, $sql); 
     $uid = mysqli_insert_id($db_conx); 
     // Establish their row in the useroptions table 
     $sql = "INSERT INTO useroptions (id, username, background) VALUES ('$uid','$u','original')"; 
     $query = mysqli_query($db_conx, $sql); 
     // Create directory(folder) to hold each user's files(pics, MP3s, etc.) 
     if (!file_exists("user/$u")) { 
      mkdir("user/$u", 0755); 
     } 
     // Email the user their activation link 
     $to = "$e";       
     $from = "[email protected]"; 
     $subject = 'yoursitename Account Activation'; 
     $message = '<!DOCTYPE html><html><head><meta charset="UTF-8"><title>yoursitename Message</title></head><body style="margin:0px; font-family:Tahoma, Geneva, sans-serif;"><div style="padding:10px; background:#333; font-size:24px; color:#CCC;"><a href="http://www.yoursitename.com"><img src="http://www.yoursitename.com/images/logo.png" width="36" height="30" alt="yoursitename" style="border:none; float:left;"></a>yoursitename Account Activation</div><div style="padding:24px; font-size:17px;">Hello '.$u.',<br /><br />Click the link below to activate your account when ready:<br /><br /><a href="http://www.yoursitename.com/activation.php?id='.$uid.'&u='.$u.'&e='.$e.'&p='.$p_hash.'">Click here to activate your account now</a><br /><br />Login after successful activation using your:<br />* E-mail Address: <b>'.$e.'</b></div></body></html>'; 
     $headers = "From: $from\n"; 
     $headers .= "MIME-Version: 1.0\n"; 
     $headers .= "Content-type: text/html; charset=iso-8859-1\n"; 
     mail($to, $subject, $message, $headers); 
     echo "signup_success"; 
     exit(); 
    } 
    exit(); 
} 
?> 
<!DOCTYPE html> 
<html> 
<head> 
<meta charset="UTF-8"> 
<title>Sign Up</title> 
<link rel="icon" href="favicon.ico" type="image/x-icon"> 
<link rel="stylesheet" href="style/style.css"> 
<style type="text/css"> 
#signupform{ 
    margin-top:24px;  
} 
#signupform > div { 
    margin-top: 12px; 
} 
#signupform > input,select { 
    width: 200px; 
    padding: 3px; 
    background: #F3F9DD; 
} 
#signupbtn { 
    font-size:18px; 
    padding: 12px; 
} 
#terms { 
    border:#CCC 1px solid; 
    background: #F5F5F5; 
    padding: 12px; 
} 
</style> 
<script src="js/main.js"></script> 
<script src="js/ajax.js"></script> 
<script> 
function restrict(elem){ 
    var tf = _(elem); 
    var rx = new RegExp; 
    if(elem == "email"){ 
     rx = /[' "]/gi; 
    } else if(elem == "username"){ 
     rx = /[^a-z0-9]/gi; 
    } 
    tf.value = tf.value.replace(rx, ""); 
} 
function emptyElement(x){ 
    _(x).innerHTML = ""; 
} 
function checkusername(){ 
    var u = _("username").value; 
    if(u != ""){ 
     _("unamestatus").innerHTML = 'checking ...'; 
     var ajax = ajaxObj("POST", "signup.php"); 
     ajax.onreadystatechange = function() { 
      if(ajaxReturn(ajax) == true) { 
       _("unamestatus").innerHTML = ajax.responseText; 
      } 
     } 
     ajax.send("usernamecheck="+u); 
    } 
} 
function signup(){ 
    var u = _("username").value; 
    var e = _("email").value; 
    var p1 = _("pass1").value; 
    var p2 = _("pass2").value; 
    var c = _("country").value; 
    var g = _("gender").value; 
    var status = _("status"); 
    if(u == "" || e == "" || p1 == "" || p2 == "" || c == "" || g == ""){ 
     status.innerHTML = "Fill out all of the form data"; 
    } else if(p1 != p2){ 
     status.innerHTML = "Your password fields do not match"; 
    } else if(_("terms").style.display == "none"){ 
     status.innerHTML = "Please view the terms of use"; 
    } else { 
     _("signupbtn").style.display = "none"; 
     status.innerHTML = 'please wait ...'; 
     var ajax = ajaxObj("POST", "signup.php"); 
     ajax.onreadystatechange = function() { 
      if(ajaxReturn(ajax) == true) { 
       if(ajax.responseText.replace(/^\s+|\s+$/g, "") == "signup_success"){ 
        status.innerHTML = ajax.responseText; 
        _("signupbtn").style.display = "block"; 
       } else { 
        window.scrollTo(0,0); 
        _("signupform").innerHTML = "OK "+u+", check your email inbox and junk mail box at <u>"+e+"</u> in a moment to complete the sign up process by activating your account. You will not be able to do anything on the site until you successfully activate your account."; 
       } 
      } 
     } 
     ajax.send("u="+u+"&e="+e+"&p="+p1+"&c="+c+"&g="+g); 
    } 
} 
function openTerms(){ 
    _("terms").style.display = "block"; 
    emptyElement("status"); 
} 
/* function addEvents(){ 
    _("elemID").addEventListener("click", func, false); 
} 
window.onload = addEvents; */ 
</script> 
</head> 
<body> 
<?php include_once("template_pageTop.php"); ?> 
<div id="pageMiddle"> 
    <h3>Sign Up Here</h3> 
    <form name="signupform" id="signupform" onSubmit="return false;"> 
    <div>Username: </div> 
    <input id="username" type="text" onBlur="checkusername()" onKeyUp="restrict('username')" maxlength="16"> 
    <span id="unamestatus"></span> 
    <div>Email Address:</div> 
    <input id="email" type="text" onFocus="emptyElement('status')" onKeyUp="restrict('email')" maxlength="88"> 
    <div>Create Password:</div> 
    <input id="pass1" type="password" onFocus="emptyElement('status')" maxlength="16"> 
    <div>Confirm Password:</div> 
    <input id="pass2" type="password" onFocus="emptyElement('status')" maxlength="16"> 
    <div>Gender:</div> 
    <select id="gender" onFocus="emptyElement('status')"> 
     <option value=""></option> 
     <option value="m">Male</option> 
     <option value="f">Female</option> 
    </select> 
    <div>Country:</div> 
    <select id="country" onFocus="emptyElement('status')"> 
     <?php include_once("template_country_list.php"); ?> 
    </select> 
    <div> 
     <a href="#" onClick="return false" onMouseDown="openTerms()"> 
     View the Terms Of Use 
     </a> 
    </div> 
    <div id="terms" style="display:none;"> 
     <h3>Web Intersect Terms Of Use</h3> 
     <p>1. Play nice here.</p> 
     <p>2. Take a bath before you visit.</p> 
     <p>3. Brush your teeth before bed.</p> 
    </div> 
    <br /><br /> 
    <button id="signupbtn" onClick="signup()">Create Account</button> 
    <span id="status"></span> 
    </form> 
</div> 
<?php include_once("template_pageBottom.php"); ?> 
</body> 
</html>

來源

2013-06-20 Livi17

+0

你沒有做任何檢查,看看你的SQL語句是否正常工作 - 我會添加一些調用到'mysqli_error'看。另外,你確定你的SQL字符串是否正確生成?回聲一下,看看你是否可以直接在數據庫中運行它。此外,您應該查看是否可以使用預準備語句,而不是直接將變量添加到SQL字符串中,因爲這會使您的代碼更安全。 – andrewsi

+0

我可以爲你描述一些例子的麻煩你。我是PHP和mysqli的新手。這就是我接受教程的原因。 – Livi17

+0

關於mysqli的手冊頁非常全面:http://php.net/manual/en/book.mysqli.php。你可以用mysqli_error($ db_conx)''從數據庫中得到最後一條錯誤信息。準備好的語句稍微複雜一點,但如果你看一下'prepare()'函數的頁面,它就會顯示你需要做的事情。您正在清理用戶的輸入;但準備好的陳述爲你做了很多工作。 – andrewsi

回答

1

你不應該依賴Adam Khoury的「如何構建社交網絡」教程。
一半的代碼只是過時的,並不可靠。可以從該源完成太多的SQL注入。但Ajax教程也非常好,也很可靠。這是一個很好的開始,但不應該依賴它。
mysql_太過時了。我建議使用PDO
但這又是一個老問題。

來源

2016-09-30 00:41:32 Kymetica

0

我不知道,如果你找到了答案,但我也遇到了這個問題。

1)確保來自地址的電子郵件地址是正確的,否則您將不會向他們發送電子郵件。現在,實際名稱並不需要正確,但@ Yourdomain.com可以。許多公司放入一個虛假的電子郵件地址通常是[email protected],這實際上並沒有收件箱或它確實存在,但沒有人檢查它。我親自添加該電子郵件地址,不用費心去做,因爲我寧願使用我的電子郵件插槽進行其他操作。只是澄清,使用我的方法,我從來沒有經歷過垃圾郵件問題,所有的電子郵件都去那裏收件箱。

2)我的用戶表並沒有被寫入(但USEROPTIONS是),我把它歸結爲,在該代碼

// Add user info into the database table for the main site table 
     $sql = "INSERT INTO users (username, email, password, gender, country, ip, signup, lastlogin, notescheck)  
       VALUES('$u','$e','$p_hash','$g','$c','$ip',now(),now(),now())";

在現在(說年底)以及這個需要是事實更改爲NOW()並確保將所有now()更改爲NOW()。一旦我完成了表格寫入,也只需仔細檢查以確保數據庫中的表名和行與您的代碼中的內容匹配。如果它們不匹配,那麼只需更改數據庫中的名稱我已將以下名稱添加到數據庫名稱應該是:

用戶(表名稱),用戶名(用戶表中的行的名稱),電子郵件(用戶表中的行的名稱),密碼(用戶表中的行的名稱),性別(用戶表中的行的名稱),國家(用戶表中的行的名稱),ip(用戶表中的行的名稱),註冊(用戶表中的行的名稱),lastlogin(用戶表中的行的名稱),notescheck(用戶表中的行的名稱)。您會發現沒有列出的表中有更多行,但不要擔心,因爲它們已添加到後續視頻中。

據我所知,這個問題被問了一年左右,但我發佈,讓你有答案,如果你仍然想要它,並高於一切誰有同樣的問題,那麼你在我寫這個答案後也可以找到他們需要的修復。如果這不能解決你的問題,然後發佈回覆,讓我知道,我會看看我能否幫助你。

來源

2014-01-15 17:28:09

相關問題

 相關問題