-1
后,我修改了代码,把$_SESSION['just'] = $username;
无法在mysql中列中插入数据
我试图做一个注册系统,一旦用户被注册,这将产生一个OTP以下问题解决了,我在本地主机上测试网站。一旦用户点击注册。 我的activateaccount.php
不工作,它应该将otp
和status
字段分别设置为NULL和1。即使OTP由用户插入不正确,它仍然将它们路由到login.html
这里是我的signup.php代码
<?php
session_start();
require 'php includes/db.ini.php';
$fill = "fill all the feilds";
$random = mt_rand(1000,1000000);
if(isset($_POST['first'])){
$first = trim(mysqli_real_escape_string($connection,$_POST['first']));
}
if(isset($_POST['last'])){
$last = trim(mysqli_real_escape_string($connection,$_POST['last']));
}
if(isset($_POST['username'])){
$username = trim(mysqli_real_escape_string($connection,$_POST['username']));
}
//invalid email can be submited, and will be accepted but the account won't be activated if the email dosen't get verified
if(isset($_POST['email'])){
$email = trim(mysqli_real_escape_string($connection,$_POST['email']));
}
if(isset($_POST['password'])){
$password = trim(mysqli_real_escape_string($connection,$_POST['password']));
}
$required = array('first', 'last', 'username', 'email', 'password');
$error = false;
foreach($required as $field) {
if (empty($_POST[$field])) {
$error = true;
}
}
if (!$error) {
//checking if any of the required feilds are empty
$sql = "SELECT Email FROM registeredusers WHERE Email='$email'";
$result = mysqli_query($connection,$sql);
$emailCheck = mysqli_num_rows($result);
$structure = "users/$username/profile photos/project photos";
if ($emailCheck>0){
echo "email exists";
}else{
if (file_exists($structure)){
echo "username already exists";
}
else{
$hpwd = password_hash($password,PASSWORD_DEFAULT);
$username_lower = strtolower($username);
$sql = "INSERT INTO registeredusers (FirstName,LastName,UserName,Email,Password,otp,status)
VALUES ('$first','$last','$username','$email','$hpwd','$random','0')";
mkdir($structure,0777,true);
$result = mysqli_query($connection,$sql);
$_SESSION['just'] = $username;
header("Location:activateaccount.html");
}
}}else{
echo "fill out all the feilds";
}
?>
我认为我创造不正常的会话或我可能正确这里不使用它来是我activateaccount.php代码
<?php
session_start();
include 'php includes/db.ini.php';
$username = $_SESSION['just'];
echo $username;
if(isset($_POST['submit'])){
$submitted_otp = trim(mysqli_real_escape_string($connection,$_POST['otp']));
}
$required = array('otp');
$error = false;
foreach($required as $field) {
if (empty($_POST[$field])) {
$error = true;
}
}
if (!$error) {
$sql = "SELECT UserName FROM registeredusers WHERE UserName='$username'";
$result = mysqli_query($connection,$sql);
$row = mysqli_fetch_assoc($result);
$otp = $row['otp'];
echo $otp;
if($otp !== $submitted_otp){
echo "the otp isn't correct";
}else{
$update = "UPDATE registeredusers SET status='1', otp=NULL";
session_destroy();
header("Location: login.html");
}}
?>
的时间间隔后,我会破坏activateaccount.php
页面上的会话。有人能帮助我吗。我甚至无法使用另一个文件回显会话。
后,会议将永远不会设置我编辑的代码,但现在它是所有说'的OTP是incorrect'我仍然认为有什么东西我的会话错了,我仍然无法将其回显出来。 @PramodPatil –
你检查过两个值是否一样? –
是的,这就是'if($ otp!== $ submitted_otp){ \t \t echo“the otp is not correct”; \t \t}''''''''将比较用户输入与我分配给变量'$ otp'的数据库中的值做比较,我仍然认为我在signup.php上创建的会话出了问题,导致I我也无法回显$ otp变量。 @PramodPatil –