我成功完成了用于Android设备的注册/登录脚本。我对PHP很陌生,所以请多多包涵。
<?php
require "init.php";
header('Content-type: application/json');
$email = $_POST['email'];
$user_name = $_POST['user_name'];
$user_pass = $_POST['user_pass'];
$msg = "Congratulations. You are now registered to the most amazing app
ever!";
$passwordEncrypted = sha1($user_pass);
if($email && $user_name && $user_pass){
$sql_query = "select * from user_info WHERE email ='".mysqli_real_escape_string($con, $email)."' or user_name
='".mysqli_real_escape_string($con, $user_name)."'";
$result = mysqli_query($con, $sql_query);
$results = mysqli_num_rows($result);
if ($results){
$don = array('result' =>"fail","message"=>"Email or username exists.");
}else{
$sql_query = "insert into user_info values('$email','$user_name','$passwordEncrypted');";
if(mysqli_query($con,$sql_query)){
$don = array('result' =>"success","message"=>"Successfully registered!Well done");
//mail($email,"Well done",$msg);
}
}
}else if(!$email || (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))){
$don = array('result' =>"fail","message"=>"Please enter a valid email");
}else if(!$user_name){
$don = array('result' =>"fail","message"=>"Please enter your username");
}else if(!$user_pass){
$don = array('result' =>"fail","message"=>"Please enter a password");
}
}
echo json_encode($don);
?>
使用上面的代码,即使用户输入theo而不是“ [email protected]”,电子邮件也无法通过验证并进入数据库
您要在此if
语句中插入数据库:
if($email && $user_name && $user_pass){
这仅检查是否设置了$email
变量,而不检查它是否有效。
将该行更改为不触发,除非该$email
变量是有效的电子邮件:
if($email && $user_name && $user_pass && filter_var($email, FILTER_VALIDATE_EMAIL)){
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句