MySQLi处理查询两次或两次出错
I have this really strange bug, which I do not understand at all. I have the following PHP script which behaves in two ways.
我有一个非常奇怪的错误,我一点也不明白。我有下面的PHP脚本,它的行为有两种方式。
This script shell add new users to a mysql database. What I want to do is to check, whether a username is already in the database. If it is, set a variable that is used to decide on how to proceed. If I execute this code, this line
这个脚本将新用户添加到mysql数据库中。我要做的是检查用户名是否已经在数据库中。如果是,设置一个用于决定如何继续的变量。如果我执行这行代码
if(strcmp($row["username"], $addUser_name) == 0)
is executed (or better jumped in), but I am 100 % sure, that the name does NOT (or is not supposed to) exist in the database before this line is beeing executed. Now even though $errorName is set to one and test is beeing printed, the dataset which I wanted to add to my database occures in my database, but the last part which starts at
是执行的(或更好的插入),但我100%确定,在执行这一行之前,数据库中不存在名称(或不应该存在名称)。现在即使$errorName被设置为1并且测试正在打印,我想要添加到数据库中的数据集仍然存在于我的数据库中,但是最后一部分从
if(!isset($errorName))
is not executed. I checked it with simple echo statements over and over again.
不执行。我用简单的echo语句反复检查它。
To take a look at my dataset I removed the comment in this part
为了查看我的数据集,我删除了这部分中的注释
while ($row = mysqli_fetch_assoc($allUserNames))
{
echo $row["username"]."\n";
}
this part is beeing executed correctly
这部分是正确执行的
if(!isset($errorName))
but I find the dataset twice in my database.
但是我在数据库中找到了两个数据集。
I do nto understand at all, why the scipt is behaving the way it does. I have tried many different things but I can not figure out, what I am doing wrong.
我一点也不明白,为什么scipt会这样运行。我尝试过很多不同的东西,但是我不知道我做错了什么。
<?php
include "auth/auth1.php";
include "functions/connectToDB.php";
include "functions/test_input_XSS.php";
if(isset($_GET["startCheck"])) //TODO Mache auch GET noch POST
{
//Sollte niemals true sein! Passiert nur, wenn man Unsinn macht
if(strcmp($_GET["addUser_pw"], $_GET["addUser_pwRepeat"]) !== 0) { die; }
$servername = "localhost";
$databasename = "X";
$mysqluser = "X";
$mysqlpass = "X";
$addUser_name = $_GET["addUser_name"];
$connection = connectToDB($servername, $mysqluser, $mysqlpass, $databasename);
if(mysqli_connect_errno())
{
printf("Connect failed!");
die();
}
$query_getAllUserNames = "SELECT username FROM user;";
$allUserNames = mysqli_query($connection, $query_getAllUserNames);
/*while ($row = mysqli_fetch_assoc($allUserNames))
{
echo $row["username"]."\n";
}*/
while ($row = mysqli_fetch_assoc($allUserNames))
{
if(strcmp($row["username"], $addUser_name) == 0)
{
$errorName = 1;
echo "test";
}
}
if(!isset($errorName))
{
$username = test_input_for_XSS($_GET["addUser_name"]);
$password = hash("sha256", $_GET["addUser_pw"]);
$permission = test_input_for_XSS($_GET["addUser_permission"]);
$query_addUser = "INSERT INTO user (username, passwordhash, permissionlevel) VALUES ('".$username."', '".$password."', '".$permission."');";
$addUserSuccess = mysqli_query($connection, $query_addUser);
if($addUserSuccess !== 1)
{
$hostname = $_SERVER['HTTP_HOST'];
$path = dirname($_SERVER['PHP_SELF']);
echo"Success";
//header("Location: http://".$hostname.($path == "/" ? "" : $path)."/userManagment.php?added=".$username."");
}
else
{
echo "ANNOYING_ERROR";
}
}
//Tidy up
mysqli_free_result($allUserNames);
mysqli_close($connection);
}
?>
This is the corresponding HTML code, which follows in the same file just afterwards:
这是相应的HTML代码,后面是同一个文件:
<?php
include "home.php";
?>
<section>
<h3>Einen neuen Benutzer hinzufügen</h3>
<?php
if(isset($errorName))
{
echo '<p class="warningMessage">Der Nutzername <b>'.$_GET["addUser_name"].'</b> ist bereits vergeben.<br />Bitte wählen Sie einen anderen aus!</p>';
}
?>
<form method="GET" action="addUser.php">
<table>
<tr>
<td>Nutzername:</td>
<td><input type="text" name="addUser_name" required pattern="\w+" /></td>
<td></td>
<td class="annotation">z.B.: Vorname</td>
</tr>
<tr>
<td>Passwort:</td>
<td><input type="password" name="addUser_pw" required pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{6,}" title="Passwort muss mindestens 6 Zeichen, Groß- und Kleinbuchstaben, sowie Zahlen enthalten"
onChange="this.setCustomValidity(this.validity.patternMismatch ? '' : ''); if(this.checkValidity()){ form.addUser_pwRepeat.pattern = this.value; }" /></td>
<td></td>
<td class="annotation">Muss Groß- und Kleinbuchstaben, Zahlen und mindestens 6 Zeichen enthalten</td>
</tr>
<tr>
<td>Passwort wiederholen:</td>
<td><input type="password" name="addUser_pwRepeat" required pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{6,}" /></td>
<td></td>
<td class="annotation">Muss identisch sein zum ersten eingegebenen Passwort</td>
</tr>
<tr>
<td>Berechtigungslevel:</td>
<td>
<input type="radio" name="addUser_permission" value="1" checked />1<br />
<input type="radio" name="addUser_permission" value="2" />2
</td>
</tr>
</table>
<input type="hidden" name="startCheck" value="1" />
<input type="submit" value="Nutzer hinzufügen" class="button" />
</form>
</section>
</body>
</html>
If my problem is not clearly enough described, I will gladly provide any additional information that is required.
如果我的问题描述得不够清楚,我将乐意提供任何需要的额外信息。
2 个解决方案
#1
3
I would suggest you not to fetch all the usernames and check if there is a same Username via PHP. You could simply make a query like this
我建议您不要获取所有的用户名,并检查是否有相同的用户名。您可以简单地进行这样的查询。
$result=$connection->query("SELECT username FROM user WHERE username='".$connection->real_escape_string($addUser_name)."';");
and then check if the query return to you any row
然后检查查询是否返回任何行
if($result -> num_rows > 0)
{
//the username is already in use
}
else
{
//the username is unique
}
更多相关文章
- 迭代文件夹中的CSV文件,并使用PHP将数据加载到MySQL中
- PHP 常见的数据加密技术
- JSFiddle:无法从数据库加载Ajax数据
- 使用Laravel在PHP中按时间戳,后端过滤SQL数据库查询
- 查找具有特定数据字符串的数组并返回其具有的另一个数据字符串
- 使用Python中的POST将数据发送到PHP
- Laravel将动态输入数据数组保存到数据库中
- 如何将多行数据插入到一个表字段中
- 如何将数据从MySQL表放入谷歌图表API?