注册脚本不再将用户插入表中,也不允许登录

问题描述 投票:1回答:1

注册成员并允许他们登录(更新表等)都工作正常,直到我最近做出这个改变。基本上说,如果这个人登录检查他们是成员还是管理员,并根据他们的情况向他们显示不同的页面。我手动进入桌面并将现有用户设置为“成员”,而不是1个“管理员”。现在,当我尝试签署用户时,它不再插入tblUsers

我所做的改变如下:

<?php
    if ($_SESSION['fldUserLevel'] == 'Member'){
?>
    // PAGE DETAILS
<?php
    }
?>

^^^这将显示页面的上半部分,然后显示页面下半部分的管理员:

<?php
if ($_SESSION['fldUserLevel'] == 'Admin'){
?>
    // PAGE DETAILS
<?php
    }
?>

由于我在用户签名时执行此操作,详细信息不再进入表格,有人可以建议原因吗?或者我需要一个脚本,说明所有注册的人,使UserLevel'会员'?

注册代码:

    <?php
if (isset($_POST['signup-submit'])) {

  require 'dbh.inc.php';


  $username = $_POST['uid'];
  $email = $_POST['mail'];
  $password = $_POST['pwd'];
  $passwordRepeat = $_POST['pwd-repeat'];


  // check for any empty inputs. 
  if (empty($username) || empty($email) || empty($password) || empty($passwordRepeat)) {
    header("Location: ../signup.php?error=emptyfields&uid=".$username."&mail=".$email);
    exit();
  }
  // check for an invalid username AND invalid e-mail.
  else if (!preg_match("/^[a-zA-Z0-9]*$/", $username) && !filter_var($email, FILTER_VALIDATE_EMAIL)) {
    header("Location: ../signup.php?error=invaliduidmail");
    exit();
  }
  // check for an invalid username. In this case ONLY letters and numbers.
  else if (!preg_match("/^[a-zA-Z0-9]*$/", $username)) {
    header("Location: ../signup.php?error=invaliduid&mail=".$email);
    exit();
  }
  // check for an invalid e-mail.
  else if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
    header("Location: ../signup.php?error=invalidmail&uid=".$username);
    exit();
  }
  // check if the repeated password is NOT the same.
  else if ($password !== $passwordRepeat) {
    header("Location: ../signup.php?error=passwordcheck&uid=".$username."&mail=".$email);
    exit();
  }
  else {

    // include another error handler here that checks whether or the username is already taken. We HAVE to do this using prepared statements because it is safer!

    $sql = "SELECT uidUsers FROM tblUsers WHERE uidUsers=?;";
    $stmt = mysqli_stmt_init($conn);
    if (!mysqli_stmt_prepare($stmt, $sql)) {
      header("Location: ../signup.php?error=sqlerror");
      exit();
    }
    else {
      mysqli_stmt_bind_param($stmt, "s", $username);
      mysqli_stmt_execute($stmt);
      mysqli_stmt_store_result($stmt);
      $resultCount = mysqli_stmt_num_rows($stmt);
      mysqli_stmt_close($stmt);
      if ($resultCount > 0) {
        header("Location: ../signup.php?error=usertaken&mail=".$email);
        exit();
      }
      else {
        $sql = "INSERT INTO tblUsers (uidUsers, emailUsers, pwdUsers) VALUES (?, ?, ?);";
        $stmt = mysqli_stmt_init($conn);
        if (!mysqli_stmt_prepare($stmt, $sql)) {
        header("Location: ../signup.php?error=sqlerror");
          exit();
        }
        else {
          $hashedPwd = password_hash($password, PASSWORD_DEFAULT);

          mysqli_stmt_bind_param($stmt, "sss", $username, $email, $hashedPwd);


          mysqli_stmt_execute($stmt);

          header("Location: ../signup.php?signup=success");
          exit();

        }
      }
    }
  }
  mysqli_stmt_close($stmt);
  mysqli_close($conn);
}
else {
  header("Location: ../signup.php");
  exit();
}

网页成功注册的屏幕截图:Signup Successful Message

表的屏幕截图,显示没有Kayz:Screenshot of phpMyAdmin的条目

php mysql sql
1个回答
0
投票

确保您实际设置了一个给出“Member”的变量名称;或“管理员”;但我建议,因为Romain.B建议阅读该文档设置默认值。

$member = "Member"; or "Admin";

然后你的查询应该是:$sql = "INSERT INTO tblUsers (uidUsers, emailUsers, pwdUsers, fldUserLevel) VALUES (?, ?, ?, ?);";

再往下,您需要包含$ member的新变量:mysqli_stmt_bind_param($stmt, "ssss", $username, $email, $hashedPwd, $member);

© www.soinside.com 2019 - 2024. All rights reserved.