《小今Final project》忘了密码，填写Email后，系统会send密码去Email的Code，有问题

小今

我register后，再用回同样的user name来register，data base还是有save到同样的user name,它应该出message : user name already exist,please choose another one

到底那里出了问题，还是少了一些code,请各位大大救救我

[ 本帖最后由 小今 于 5-9-2006 08:49 PM 编辑 ]

小今

这是form的code.

register.php

<HTML>
<BODY>
<TABLE BORDER=0 CELLPADDING=10 WIDTH=100%>
<TR>
<TD BGCOLOR="#FOF8FF" ALIGN=center VALIGN=top WIDTH=17%>
</TD>
<TD BGCOLOR="#FFFFFF" ALIGN=left VALIGN=top WIDTH=83%>

   <P CLASS="left"><B>REGISTER AS MEMBER</B><BR>
   Fill out this form .</P>
   <FORM ACTION="reg3.php" METHOD="POST">

         <P><INPUT TYPE="HIDDEN" NAME="user_id"
        SIZE="10" MAXLENGTH="25"></P>
    <P CLASS="bold">User Name<BR>
               <INPUT TYPE="TEXT" NAME="user_name"
        SIZE="10" MAXLENGTH="25"></P>
    <P CLASS="bold">First Name<BR>
       <INPUT TYPE="TEXT" NAME="first_name"
        SIZE="20" MAXLENGTH="25"></P>
    <P CLASS="bold">Last Name<BR>
       <INPUT TYPE="TEXT" NAME="last_name"
        SIZE="20" MAXLENGTH="25"></P>
    <P CLASS="bold">Password<BR>
       <INPUT TYPE="password" NAME="password1"
        SIZE="10" MAXLENGTH="25"> (At least 6 characters, 12 characters max)</P>
    <P CLASS="left"><B>Password</B> (again)<BR>
        <INPUT TYPE="password" NAME="password2"
        SIZE="10" MAXLENGTH="25"></P>
    <P CLASS="left"><B>Email</B> (required for confirmation)<BR>
           <INPUT TYPE="TEXT" NAME="email"
        SIZE="30" MAXLENGTH="50"></P>
        </P>
    <P><INPUT TYPE="SUBMIT" NAME="submit" VALUE="SUBMIT">
        </p>
    </FORM>
    </TD>
    </TR>
   </TABLE>
</BODY>
</HTML>





这是validation的code


reg3.php

<?php
include("dbfinfo.inc.php");
mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die (" Unable to select  database");


$user_name = $_POST['user_name'];
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$password1 = md5($_POST['password1']);
$password2 = $_POST['password2'];
$email = $_POST['email'];

$query = "SELECT user_name
                 FROM user
                 WHERE user_name ='$user_name'";

       $result = mysql_query($query);
       if ($result && mysql_num_rows($result) > 0) {
   echo "I'm sorry but the username you specified has already been taken.
         Please pick another one.";

}


if ((!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/", $email)) ||
($_POST['password1']!==$_POST['password2']) ||
(strlen($_POST['password1']) < '6') ||
(strlen($_POST['password1']) > '12') ||
(ctype_alpha($first_name) == FALSE ) ||
(ctype_alpha($last_name) == FALSE ) ||
(($user_name == "") || ($first_name == "") || ($last_name == "") ||
($password1 == "") || ($password2 == "") ||  ($email == ""))) {
      echo "<h4>ERROR -- Please fill in all the fields correctly!</h4>
               Invalid email. OR <BR>
               Password not match. OR <BR>
               Password length too short. OR <BR>
               Password length too long. OR <BR>
               First Name not in alphabet. OR <BR>
               Last Name not in alphabet. OR <BR>
               Required fields!";
}else {

$query = "INSERT INTO user (user_name,first_name,
          last_name,password1,email)
          VALUES ('$user_name','$first_name','$last_name',
          '$password1','$email')";
$result= mysql_query($query);
          if ($result) {
             echo "<h4>YOU HAVE SUCCESSFULLY REGISTERED.</h4>";

          }else {
            echo 'ERROR -- Database error';

           }

}


mysql_close();
?>

[ 本帖最后由 小今 于 4-8-2006 12:29 AM 编辑 ]

goatstudio

你的 if ($result && mysql_num_rows($result) > 0)  做了检查后, 以下的输入资料库的 code 应该放在接下来的 else 里.

小今

<?php
include("dbfinfo.inc.php");
mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die (" Unable to select  database");


$user_name = $_POST['user_name'];
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$password1 = md5($_POST['password1']);
$password2 = $_POST['password2'];
$email = $_POST['email'];




if ((!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/", $email)) ||
($_POST['password1']!==$_POST['password2']) ||
(strlen($_POST['password1']) < '6') ||
(strlen($_POST['password1']) > '12') ||
(ctype_alpha($first_name) == FALSE ) ||
(ctype_alpha($last_name) == FALSE ) ||
(($user_name == "") || ($first_name == "") || ($last_name == "") ||
($password1 == "") || ($password2 == "") ||  ($email == ""))) {
      echo "<h4>ERROR -- Please fill in all the fields correctly!</h4>
               Invalid email. OR <BR>
               Password not match. OR <BR>
               Password length too short. OR <BR>
               Password length too long. OR <BR>
               First Name not in alphabet. OR <BR>
               Last Name not in alphabet. OR <BR>
               Required fields!";

$query = "SELECT user_name
                 FROM user
                 WHERE user_name ='$user_name'";

       $result = mysql_query($query);
       if ($result && mysql_num_rows($result) > 0) {
   echo "I'm sorry but the username you specified has already been taken.
         Please pick another one.";

  }
}else {

$query = "INSERT INTO user (user_name,first_name,
          last_name,password1,email)
          VALUES ('$user_name','$first_name','$last_name',
          '$password1','$email')";
$result= mysql_query($query);
          if ($result) {
             echo "<h4>YOU HAVE SUCCESSFULLY REGISTERED.</h4>";

          }else {
            echo 'ERROR -- Database error';

           }
}



mysql_close();
?>


我try了好几此,但还是不OK.是不是这样?我不大清楚那一part要放在那里...
请多多指教.谢谢大大.

goatstudio

这是 copy and paste 来的吧? 因为主要的比较方程式你也搞乱了.

<?php
include("dbfinfo.inc.php");
mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die (" Unable to select  database");


$user_name = $_POST['user_name'];
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$password1 = md5($_POST['password1']);
$password2 = $_POST['password2'];
$email = $_POST['email'];

$query = "SELECT user_name
                 FROM user
                 WHERE user_name ='$user_name'";

$result = mysql_query($query);

if ($result && mysql_num_rows($result) > 0) {
   echo "I'm sorry but the username you specified has already been taken.
         Please pick another one.";

} else {


if ((!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/", $email)) ||
($_POST['password1']!==$_POST['password2']) ||
(strlen($_POST['password1']) < '6') ||
(strlen($_POST['password1']) > '12') ||
(ctype_alpha($first_name) == FALSE ) ||
(ctype_alpha($last_name) == FALSE ) ||
(($user_name == "") || ($first_name == "") || ($last_name == "") ||
($password1 == "") || ($password2 == "") ||  ($email == ""))) {
      echo "<h4>ERROR -- Please fill in all the fields correctly!</h4>
               Invalid email. OR <BR>
               Password not match. OR <BR>
               Password length too short. OR <BR>
               Password length too long. OR <BR>
               First Name not in alphabet. OR <BR>
               Last Name not in alphabet. OR <BR>
               Required fields!";
}else {

$query = "INSERT INTO user (user_name,first_name,
          last_name,password1,email)
          VALUES ('$user_name','$first_name','$last_name',
          '$password1','$email')";
$result= mysql_query($query);
          if ($result) {
             echo "<h4>YOU HAVE SUCCESSFULLY REGISTERED.</h4>";

          }else {
            echo 'ERROR -- Database error';

           }

}

}

mysql_close();
?>

小今

那部分的source code 是找的但不是整个copy & paste.刚才有try 过,好像OK 了.谢谢你,大大.

小今

不知道是什么问题?login时，出现以下的message:


Notice: Undefined index: user_name in c:\program files\easyphp1-8\www\cinema\login.php on line 13

Notice: Undefined index: password1 in c:\program files\easyphp1-8\www\cinema\login.php on line 14

Notice: Undefined index: user_name in c:\program files\easyphp1-8\www\cinema\login_funcs.inc.php on line 27

请问以下的code有什么问题?如果successful login,应该link到index.php,但不OK的.各位大大救救我.
login.php
<?php


  include_once("login_funcs.inc.php");


if ($LOGGED_IN = user_isloggedin()) {
      user_logout();
      $_COOKIE['user_name'] = '';
      unset($LOGGED_IN);
}

  if (strlen($_POST['user_name']) <='8' &&
strlen($_POST['password1']) <='12') {
  $feedback = user_login();
}else {
  $feedback = 'ERROR -- Username and password are too long';
}
if ($feedback == 1) {
  header ("Location:index.php");
}else {
   $feedback = 'ERROR ';
}



$php_self = $_SERVER['PHP_SELF'];

$login_form = <<<EOLOGINFORM
<TABLE BORDER=0 CELLPADDING=10 WIDTH=100%>
<TR>
<TD BGCOLOR="#FOF8FF" ALIGN=center VALIGN=top WIDTH=17%>
</TD>
<TD BGCOLOR="#FFFFFF" ALIGN=left VALIGN=top WIDTH=83%>


<P CLASS="bold">LOGIN</P>
<FORM ACTION="$php_self" METHOD="POST">
<P CLASS="bold">Username<BR>
<INPUT TYPE="TEXT" NAME="user_name" VALUE="" SIZE="10"
MAXLENGTH="15"></P>
<P CLASS="bold">Password<BR>
<INPUT TYPE="password" NAME="password1" VALUE="" SIZE="10"
MAXLENGTH="15"></P>
<P><INPUT TYPE="SUBMIT" NAME="Submit" VALUE='Login' ></P>
</FORM>
</TD>
</TR>
</TABLE>
EOLOGINFORM;
echo $login_form;

?>


login_funcs.inc
<?php
include("dbfinfo.inc.php");
mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die (" Unable to select  database");


$LOGGED_IN = false;
unset($LOGGED_IN);

function user_isloggedin() {


if (isSet($LOGGED_IN)) {
     return $LOGGED_IN;
}
if (isSet($_COOKIE["user_name"])) {
           return true;
          }else {
          return false;
          }

}


function user_login() {

if (!$_POST['user_name'] || !$_POST['password1']) {
   echo "ERROR -- Mising username or password";
}else {
  $password1 = md5($_POST['password1']);
  $user_name = ($_POST['user_name']);
  $query = "SELECT user_name
                 FROM user
                 WHERE user_name ='$user_name'";
  $result = mysql_query($query);
  if (!$result || mysql_num_rows($result) < 1) {
    echo "ERROR -- User not found or password incorrect";
  }
}
}



function user_logout() {
  setcookie('user_name','',(time()+2592000),'/','',0);

}

?>

[ 本帖最后由 小今 于 5-8-2006 10:31 AM 编辑 ]

Kal1983

试把php.ini 里的error_reporting set为 E_COMPILE_ERROR...原定为E_ALL....php.ini 的location 在c:\windows 用notepad 打开他。。。ctrl+F 找 error_reporting

红发

你logging成功后有没有把
$feedback = 1 呢？

要不然它是不会run下面的code的
if ($feedback == 1) {
  header ("Location:index.php");
}else {
   $feedback = 'ERROR ';
}

还有你的$feedback很多功能。
这样会造成你的混乱的。

$feedback = user_login();
$feedback = 'ERROR -- Username and password are too long';
if ($feedback == 1) {
$feedback = 'ERROR ';

好多的$feedback哦。

小今

戏院那种给人家选了rating之后show你是第几个投选的人，到底要如何篇写呢？谢谢
processing code:


<?
include("dbfinfo.inc.php");

mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die (" Unable to select  database");

$rater_ip_voting_restriction = true;
$rater_ip_vote_qty = 1;
$rater_already_rated_msg="You have already rated this . You were
allowed ".$rater_ip_vote_qty." vote(s).";
$rater_not_selected_msg = "You have not selected a rating value OR missing fields.";
$rater_thankyou_msg= "Thank you for voting.";


$user_name = $_POST['user_name'];
$movie = $_POST['movie'];
$rater_id = $_POST['rater_id'];



$query = "SELECT user_name
          FROM vote
          WHERE user_name ='$user_name'
          AND movie = '$movie'";


   $result = mysql_query($query);

  if ($result && mysql_num_rows($result) > 0) {
     echo "<h4>ERROR --$rater_already_rated_msg ";
} else {
if (!$_POST['user_name'] || !$_POST['rater_id'] ||!$_POST['movie'] ) {

   echo "<h4>ERROR -- $rater_not_selected_msg</h4>";

   } else {

            $query = "INSERT INTO vote (id,user_name,
                      movie,rater_id)
                      VALUES (NULL,'$user_name','$movie',
                      '$rater_id')";
   $result= mysql_query($query);
     if ($result) {
    echo  "<h4>$rater_thankyou_msg</h4>";
  }
}
}

?>



Form code

<HTML>
<BODY>
<TABLE BORDER=0 CELLPADDING=10 WIDTH=100%>
<TR>
<TD BGCOLOR="#FOF8FF" ALIGN=center VALIGN=top WIDTH=17%>
</TD>
<TD BGCOLOR="#FFFFFF" ALIGN=left VALIGN=top WIDTH=83%>

<P CLASS="left"><b>Rate this movie</b><BR>

<FORM ACTION="rating3.php" METHOD="POST">

<b>User Name</b><BR>
<INPUT TYPE="TEXT" NAME="user_name"
SIZE="10" MAXLENGTH="25"><BR>

<B>Select movie:</B><br />
<SELECT NAME ="movie">
<OPTION VALUE="">Choose....</OPTION>
<OPTION VALUE="Superman return">Superman return</OPTION>
<OPTION VALUE="Pirate of the carribean 2">Pirate of the carribean 2</OPTION>
<OPTION VALUE="Lady in the water">Lady in the water</OPTION>
</SELECT><BR>


<B>Rate it...</B>
        <select name ="rater_id">
           <option value="">Choose....</option>
           <option value="5.00">5 -Excellent</option>
           <option value="4.00">4 -Very Good</option>
           <option valye="3.00">3 -Good</option>
           <option value="2.00">2 -Fair</option>
           <option value="1.00">1 -Poor</option>
        </select>


<input type="hidden" name="id" value="$id" />

<input type="Submit" value="Submit" name="Submit" />
</FORM>
</TD>
</TR>
</TABLE>
</BODY>
</HTML>

[ 本帖最后由 小今 于 10-8-2006 06:31 PM 编辑 ]

小今

以下的code可以吗?但试了,不OK.是什么问题呢?可以这样写吗?????请帮帮忙,谢谢......


$query = "SELECT num_votes,COUNT(*)
          FROM vote
          WHERE movie = '$movie';
          AND rater_id = '$rater_id'";

$result = mysql_query($query);

   echo "$result";

小今

Notice: Undefined variable: movie in c:\program files\easyphp1-8\www\cinema\test.php on line 38

test.php
<HTML>
  <HEAD>
  <TITLE>Cinema movie screen</TITLE>
</HEAD>
  <BODY>
<TABLE BORDER=0 CELLPADDING=10 WIDTH=100%>
<TR>
<TD BGCOLOR="#FOF8FF" ALIGN=center VALIGN=top WIDTH=17%>
</TD>

<BR>
<TD BGCOLOR="#FFFFFF" ALIGN=left VALIGN=top WIDTH=83%>

<FORM METHOD="POST" ACTION="test.php">
<B>Select movie:</B><br />
<SELECT NAME ="movie">
<OPTION VALUE="">Choose....</OPTION>
<OPTION VALUE="Superman return">Superman return</OPTION>
<OPTION VALUE="Pirate of the carribean 2">Pirate of the carribean 2</OPTION>
<OPTION VALUE="Lady in the water">Lady in the water</OPTION>
</SELECT>
<INPUT TYPE="SUBMIT" NAME="Submit" VALUE="Enter"></P>
</TD>
</TR>
</FORM>
</TABLE>
</BODY>
</HTML>

<?php
extract($_POST);
include ("dbfinfo.inc.php");
mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die ("Unable to select database");

$query="SELECT date,user_name,comment
        FROM mycomment WHERE movie ='$movie'
        ORDER BY date";
$result=mysql_query($query);

//This will set the value of $num to be the number of rows stored in $result
//(the output you got from the database)
$num=mysql_numrows($result);
if (($num==0) || (!$_POST['movie'])){

   echo ("<h4><p><center>ERROR -- Sorry, No comment found!</p>
        <a href=test.php>Back</a></center></h4>");

} else {

mysql_close();


echo "<b><center><h1>Comment</h1></center></b><br><br>";
}

?>

<?
$i=0;
//set up a loop to take each row of the result and print out the data held there.
while ($i<$num) {
$date=mysql_result($result,$i,"date");
$user_name=mysql_result($result,$i,"user_name");
$comment=mysql_result($result,$i,"comment");

?>
<body>
<TABLE BORDER="1"  ALIGN="center" CELLPADDING="3"  CELLSPACING="3" WIDTH="60%>
<tr>
<td><font face="Arial, Helvetica ,san-serif"><b>Date:</b><? echo "$date"; ?>
</font><br>
<font face="Arial, Helvetica ,san-serif"><b>Username:</b><? echo "$user_name"; ?>
</font><br>
<font face="Arial, Helvetica ,san-serif"><b>Comment:</b><? echo "$comment"; ?>
</font></td>
</tr>
<?
++$i;
}
echo "</table>";
echo "</body>";

?>

谢谢.

[ 本帖最后由 小今 于 12-8-2006 02:11 AM 编辑 ]

红发

follow上面的code.
你一开test.php的话他就会load你的data了。。。

你因该

1. 
   
2. <FORM METHOD="POST" ACTION="test.php?action=load">
   
3. 
   
4. $action = $_GET['action']
   
5. if ($action == 'load'){
   
6.   extract($_POST);
   
7.   include ("dbfinfo.inc.php");
   
8.   mysql_connect("localhost",$username,$password);
   
9.   @mysql_select_db($database) or die ("Unable to select database");
   
10. 
    
11.   $query="SELECT date,user_name,comment
    
12.         FROM mycomment WHERE movie ='$movie'
    
13.         ORDER BY date";
    
14.   $result=mysql_query($query);
    
15. .....................................
    
16. ........
    
17. .....
    
18. }
    

复制代码

and then 就是你的$movie是哪里来得呢？？
你因该告诉它。

$movie = $_POST["movie" ]

就这样了。
有问题在问

[ 本帖最后由 红发 于 12-8-2006 11:58 AM 编辑 ]

goatstudio

原帖由 红发 于 12-8-2006 11:56 AM 发表
你因该告诉它。

$movie = $_POST["movie" ]

就这样了。
有问题在问

这方法没错... 不过... 要养成好的 php 习惯: :p

$movie = isset($_POST["movie" ])?$_POST["movie" ]:"";

红发

原帖由 goatstudio 于 12-8-2006 12:29 PM 发表


这方法没错... 不过... 要养成好的 php 习惯: :p

$movie = isset($_POST)?$_POST:"";

为何多了 : 和 " 这个两东西的？？

小今

是这样吗?但还有error....

Notice: Undefined index: action in c:\program files\easyphp1-8\www\cinema\test.php on line 30

<HTML>
  <HEAD>
  <TITLE>Cinema movie screen</TITLE>
</HEAD>
  <BODY>
<TABLE BORDER=0 CELLPADDING=10 WIDTH=100%>
<TR>
<TD BGCOLOR="#FOF8FF" ALIGN=center VALIGN=top WIDTH=17%>
</TD>
<FORM METHOD="POST" ACTION="test.php?action=load">
<BR>
<TD BGCOLOR="#FFFFFF" ALIGN=left VALIGN=top WIDTH=83%>
<B>Select movie:</B><br />
<SELECT NAME ="movie">
<OPTION VALUE="">Choose....</OPTION>
<OPTION VALUE="Superman return">Superman return</OPTION>
<OPTION VALUE="Pirate of the carribean 2">Pirate of the carribean 2</OPTION>
<OPTION VALUE="Lady in the water">Lady in the water</OPTION>
</SELECT>
<INPUT TYPE="SUBMIT" NAME="Submit" VALUE="Enter"></P>
</TD>
</TR>
</FORM>
</TABLE>
</BODY>
</HTML>


<?php
$action = $_GET['action'];
if ($action == 'load') {
extract($_POST);
include ("dbfinfo.inc.php");
mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die ("Unable to select database");
$movie = $_POST['movie'];
$query="SELECT date,user_name,comment
        FROM mycomment WHERE movie ='$movie'
        ORDER BY date";
$result=mysql_query($query);

//This will set the value of $num to be the number of rows stored in $result
//(the output you got from the database)
$num=mysql_numrows($result);
if (($num==0) || (!$_POST['movie'])){

   echo ("<h4><p><center>ERROR -- Sorry, No comment found!</p>
        <a href=test.php>Back</a></center></h4>");

} else {

mysql_close();


echo "<b><center><h1>Comment</h1></center></b><br><br>";
}

?>

<?
$i=0;
//set up a loop to take each row of the result and print out the data held there.
while ($i<$num) {
$date=mysql_result($result,$i,"date");
$user_name=mysql_result($result,$i,"user_name");
$comment=mysql_result($result,$i,"comment");

?>
<body>
<TABLE BORDER="1"  ALIGN="center" CELLPADDING="3"  CELLSPACING="3" WIDTH="60%>
<tr>
<td><font face="Arial, Helvetica ,san-serif"><b>Date:</b><? echo "$date"; ?>
</font><br>
<font face="Arial, Helvetica ,san-serif"><b>Username:</b><? echo "$user_name"; ?>
</font><br>
<font face="Arial, Helvetica ,san-serif"><b>Comment:</b><? echo "$comment"; ?>
</font></td>
</tr>
<?
++$i;
}
}
echo "</table>";
echo "</body>";

?>


请问哪里出问题了??谢谢指教...

goatstudio

原帖由 红发 于 12-8-2006 01:19 PM 发表



为何多了 : 和 " 这个两东西的？？

那是 if else 缩写.

goatstudio

原帖由 小今 于 12-8-2006 03:59 PM 发表
是这样吗?但还有error....

Notice: Undefined index: action in c:\program files\easyphp1-8\www\cinema\test.php on line 30

<HTML>
  <HEAD>
  <TITLE>Cinema movie screen</TIT ...

你应该先用 isset 来检查任何一个 $_POST 和 $_GET, 因为当你的网页第一次 load 的时候, 可能根本没有这些 parameters.

小今

谢谢你大大.可以了..但可以问些问题吗?
为什么要用 isset 来检查任何一个 $_POST 和 $_GET,而不是if呢....谢谢

goatstudio

原帖由 小今 于 12-8-2006 04:47 PM 发表
谢谢你大大.可以了..但可以问些问题吗?
为什么要用 isset 来检查任何一个 $_POST 和 $_GET,而不是if呢....谢谢

你不是用 if 和 isset 来配合检查吗?
isset 的用意是要来检查一个变量是否存在, 它只会传回 true/false.